Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
phish_alert_sp2_2.0.0.0.eml
|
RFC 822 mail, ASCII text, with very long lines (1881), with CRLF line terminators
|
initial sample
|
||
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\FORMS\FRMCACHE.DAT
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Office\16.0\AddInClassifierCache\OfficeSharedEntities.bin
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Office\16.0\AddInClassifierCache\OfficeSharedEntitiesUpdated.bin
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Office\16.0\WebServiceCache\AllUsers\officeclient.microsoft.com\29562B8A-FD24-45A8-88EB-943122267417
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Office\OTele\outlook.exe.db-journal
|
SQLite Rollback Journal
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Office\MSO3072.acl
|
data
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\UProof\CUSTOM.DIC
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed May 8 15:22:02 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed May 8 15:22:02 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:54:41 2023, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed May 8 15:22:02 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed May 8 15:22:02 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed May 8 15:22:02 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
There are 5 hidden files, click here to show them.
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
https://graficaonline.com.br/jrjpVxfY
|
|||
https://ucasm-ci.org/universite/critical_login_notification.html
|
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
bg.microsoft.map.fastly.net
|
199.232.214.172
|
||
ucasm-ci.org
|
158.69.168.192
|
||
graficaonline.com.br
|
186.226.58.28
|
||
www.google.com
|
142.251.215.228
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
52.113.194.132
|
unknown
|
United States
|
||
1.1.1.1
|
unknown
|
Australia
|
||
158.69.168.192
|
ucasm-ci.org
|
Canada
|
||
142.250.217.78
|
unknown
|
United States
|
||
142.250.217.67
|
unknown
|
United States
|
||
142.250.217.99
|
unknown
|
United States
|
||
192.168.2.17
|
unknown
|
unknown
|
||
192.168.2.7
|
unknown
|
unknown
|
||
192.168.2.6
|
unknown
|
unknown
|
||
142.250.217.110
|
unknown
|
United States
|
||
142.251.215.228
|
www.google.com
|
United States
|
||
20.189.173.26
|
unknown
|
United States
|
||
173.194.203.84
|
unknown
|
United States
|
||
239.255.255.250
|
unknown
|
Reserved
|
||
192.168.2.23
|
unknown
|
unknown
|
||
52.109.28.46
|
unknown
|
United States
|
||
186.226.58.28
|
graficaonline.com.br
|
Brazil
|
||
199.232.214.172
|
bg.microsoft.map.fastly.net
|
United States
|
||
104.98.118.147
|
unknown
|
United States
|
||
52.111.246.17
|
unknown
|
United States
|
||
52.109.20.39
|
unknown
|
United States
|
There are 11 hidden IPs, click here to show them.