IOC Report
(No subject).eml

loading gif

Files

File Path
Type
Category
Malicious
(No subject).eml
RFC 822 mail, ASCII text, with very long lines (361), with CRLF line terminators
initial sample
malicious
C:\Users\user\Documents\Outlook Files\Outlook Data File - NoEmail.pst
Microsoft Outlook email folder (>=2003)
dropped
malicious
C:\Users\user\Documents\Outlook Files\~Outlook Data File - NoEmail.pst.tmp
data
dropped
malicious
C:\Users\user\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\AppData\Local\Office\16.0\WebServiceCache\AllUsers\officeclient.microsoft.com\5FFEA550-2E86-4B80-A317-9B9AF7BED347
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\AppData\Local\Office\16.0\hxoutlook.exe_Rules.xml
XML 1.0 document, ASCII text, with very long lines (65536), with no line terminators
dropped
C:\Users\user\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\AppData\Roaming\Office\MSO2057.acl
data
dropped
C:\Users\user\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\HxAccountsAlwaysOnLog.etl
data
dropped
C:\Users\user\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\HxmAlwaysOnLog.etl
data
dropped
C:\Users\user\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Settings\settings.dat
MS Windows registry file, NT/2000 or above
dropped
C:\Users\user\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Settings\settings.dat.LOG1
MS Windows registry file, NT/2000 or above
dropped
C:\Users\user\AppData\Local\Publishers\8wekyb3d8bbwe\Fonts\FontCache\4\Catalog\ListAll.Json
JSON data
dropped
C:\Users\user\AppData\Local\Publishers\8wekyb3d8bbwe\Fonts\FontCache\4\PreviewFont\flat_officeFontsPreview.ttf
TrueType Font data, 10 tables, 1st "OS/2", 7 names, Microsoft, language 0x409, \251 2018 Microsoft Corporation. All Rights Reserved.msofp_4_9RegularVersion 4.9;O365
dropped
C:\Users\user\AppData\Local\Temp\Outlook Logging\OUTLOOK_16_0_16827_20130-20250204T1647310311-7028.etl
data
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Feb 4 20:48:41 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Feb 4 20:48:41 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Feb 4 20:48:41 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Feb 4 20:48:41 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Feb 4 20:48:41 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
Chrome Cache Entry: 353
ASCII text, with very long lines (509)
dropped
Chrome Cache Entry: 354
ASCII text, with very long lines (15752)
dropped
Chrome Cache Entry: 355
ASCII text, with very long lines (65447)
downloaded
Chrome Cache Entry: 356
PNG image data, 216 x 46, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 357
Java source, ASCII text, with very long lines (1636)
dropped
Chrome Cache Entry: 358
Java source, ASCII text, with very long lines (643)
downloaded
Chrome Cache Entry: 359
PNG image data, 310 x 310, 8-bit/color RGB, non-interlaced
dropped
Chrome Cache Entry: 360
ASCII text, with very long lines (65445)
dropped
Chrome Cache Entry: 361
ASCII text, with very long lines (65392)
downloaded
Chrome Cache Entry: 362
PNG image data, 32 x 32, 8-bit colormap, non-interlaced
dropped
Chrome Cache Entry: 363
PNG image data, 1400 x 630, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 364
ASCII text, with very long lines (769)
dropped
Chrome Cache Entry: 365
ASCII text, with very long lines (3637)
downloaded
Chrome Cache Entry: 366
PNG image data, 800 x 320, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 367
PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 368
Java source, ASCII text, with very long lines (2143)
downloaded
Chrome Cache Entry: 369
ASCII text, with very long lines (3336)
downloaded
Chrome Cache Entry: 370
ASCII text, with very long lines (864)
downloaded
Chrome Cache Entry: 371
PNG image data, 1400 x 788, 8-bit/color RGB, non-interlaced
dropped
Chrome Cache Entry: 372
ASCII text, with very long lines (14252)
dropped
Chrome Cache Entry: 373
ASCII text, with very long lines (56155)
dropped
Chrome Cache Entry: 374
Java source, ASCII text
downloaded
Chrome Cache Entry: 375
PNG image data, 800 x 800, 8-bit gray+alpha, non-interlaced
downloaded
Chrome Cache Entry: 376
PNG image data, 1400 x 788, 8-bit/color RGB, non-interlaced
downloaded
Chrome Cache Entry: 377
Java source, ASCII text, with very long lines (569)
downloaded
Chrome Cache Entry: 378
PNG image data, 800 x 320, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 379
HTML document, ASCII text, with very long lines (3450), with CRLF line terminators
downloaded
Chrome Cache Entry: 380
ASCII text, with very long lines (1060)
dropped
Chrome Cache Entry: 381
ASCII text, with very long lines (16563)
downloaded
Chrome Cache Entry: 382
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 600x400, components 3
dropped
Chrome Cache Entry: 383
ASCII text, with very long lines (65046)
dropped
Chrome Cache Entry: 384
RIFF (little-endian) data, Web/P image
dropped
Chrome Cache Entry: 385
Java source, ASCII text, with very long lines (311)
dropped
Chrome Cache Entry: 386
Web Open Font Format, CFF, length 1136, version 1.0
downloaded
Chrome Cache Entry: 387
ASCII text, with very long lines (4741)
downloaded
Chrome Cache Entry: 388
PNG image data, 1400 x 640, 8-bit/color RGB, non-interlaced
dropped
Chrome Cache Entry: 389
ASCII text, with very long lines (65536), with no line terminators
dropped
Chrome Cache Entry: 390
ASCII text, with very long lines (2069)
dropped
Chrome Cache Entry: 391
PNG image data, 594 x 332, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 392
ASCII text, with very long lines (27629)
downloaded
Chrome Cache Entry: 393
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3
downloaded
Chrome Cache Entry: 394
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 150344
downloaded
Chrome Cache Entry: 395
Unicode text, UTF-8 text, with very long lines (65456)
downloaded
Chrome Cache Entry: 396
data
downloaded
Chrome Cache Entry: 397
PNG image data, 594 x 332, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 398
Java source, ASCII text
downloaded
Chrome Cache Entry: 399
HTML document, ASCII text, with CRLF line terminators
dropped
Chrome Cache Entry: 400
data
downloaded