IOCReport

C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E0F5C59F9FA661F6F4C50B87FEF3A15A

data

dropped

C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506

data

dropped

C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E0F5C59F9FA661F6F4C50B87FEF3A15A

data

dropped

C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\A64C1FA3.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\B460DCA9.png

PNG image data, 200 x 254, 8-bit colormap, non-interlaced

dropped

C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\DD638D48.png

PNG image data, 247 x 76, 8-bit colormap, non-interlaced

dropped

C:\Users\user\AppData\Local\Temp\561F0000

data

dropped

C:\Users\user\AppData\Local\Temp\Cab290.tmp

Microsoft Cabinet archive data, 58936 bytes, 1 file

dropped

C:\Users\user\AppData\Local\Temp\Excel8.0\MSForms.exd

data

dropped

C:\Users\user\AppData\Local\Temp\Tar2A1.tmp

data

dropped

C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\1_Total New Invoices-Thursday January 21_2021.LNK

MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Wed Aug 26 14:08:15 2020, mtime=Thu Jan 21 23:03:04 2021, atime=Thu Jan 21 23:03:08 2021, length=51781, window=hide

dropped

C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\Desktop.LNK

MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Read-Only, Directory, ctime=Tue Oct 17 10:04:00 2017, mtime=Thu Jan 21 23:03:04 2021, atime=Thu Jan 21 23:03:04 2021, length=8192, window=hide

dropped

C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\index.dat

ASCII text, with CRLF line terminators

dropped

C:\Users\user\Desktop\863F0000

data

dropped

https://69.164.207.140:3388/hy

unknown

http://www.diginotar.nl/cps/pkioverheid0

unknown

http://stellarum.com.br/hknmwj.zip

191.252.144.65

https://198.57.200.100:3786/XE

unknown

https://69.164.207.140:3388/

unknown

https://198.57.200.100:3786/

unknown

http://crl.pkioverheid.nl/DomOvLatestCRL.crl0

unknown

https://198.57.200.100/

unknown

https://194.225.58.214/P

unknown

https://194.225.58.214/Y

unknown

http://crl.co

unknown

https://211.110.44.63/

unknown

https://194.225.58.214/X

unknown

https://198.57.200.100:3786/hy

unknown

https://69.164.207.140/M

unknown

http://ocsp.entrust.net0D

unknown

https://198.57.200.100/_

unknown

https://secure.comodo.com/CPS0

unknown

https://194.225.58.214/C

unknown

http://servername/isapibackend.dll

unknown

http://crl.entrust.net/2048ca.crl0

unknown

https://69.164.207.140:3388/JE

unknown

https://198.57.200.100:3786/&

unknown