flash

http://52.36.72.57/campaigns?target=curtis&campaignname=JOESandbox

Status: finished
Submission Time: 23.05.2020 08:48:03
Clean

Comments

Tags

Details

  • Analysis ID:
    232588
  • API (Web) ID:
    361425
  • Analysis Started:
    23.05.2020 08:48:03
  • Analysis Finished:
    23.05.2020 08:53:10
  • Technologies:
Full Report Engine Info Verdict Score Reports

System: Windows 10 64 bit (version 1803) with Office 2016, Adobe Reader DC 19, Chrome 70, Firefox 63, Java 8.171, Flash 30.0.0.113

clean
0/100

IPs

IP Country Detection
152.199.21.118
United States
151.101.0.133
United States
93.184.220.66
European Union
Click to see the 6 hidden entries
185.63.144.5
United States
104.16.133.229
United States
172.217.22.2
United States
172.217.23.97
United States
216.58.212.161
United States
52.36.72.57
United States

Domains

Name IP Detection
github.map.fastly.net
151.101.0.133
pagead46.l.doubleclick.net
172.217.22.2
pop-tln1-alpha.mix.linkedin.com
185.63.144.5
Click to see the 20 hidden entries
cdnjs.cloudflare.com
104.16.133.229
blogspot.l.googleusercontent.com
216.58.212.161
photos-ugc.l.googleusercontent.com
216.58.212.161
cs1404.wpc.epsiloncdn.net
152.199.21.118
cs41.wac.edgecastcdn.net
93.184.220.66
googlehosted.l.googleusercontent.com
172.217.23.97
lh6.googleusercontent.com
0.0.0.0
badges.linkedin.com
0.0.0.0
camo.githubusercontent.com
0.0.0.0
static-exp1.licdn.com
0.0.0.0
2.bp.blogspot.com
0.0.0.0
resources.blogblog.com
0.0.0.0
1.bp.blogspot.com
0.0.0.0
4.bp.blogspot.com
0.0.0.0
media-exp1.licdn.com
0.0.0.0
platform.twitter.com
0.0.0.0
platform.linkedin.com
0.0.0.0
3.bp.blogspot.com
0.0.0.0
curtbraz.blogspot.com
0.0.0.0
www.blogger.com
0.0.0.0

URLs

Name Detection
https://www.blogger.com/static/v1/v-css/368954415-lightbox_bundle.css
http://fontawesome.io
https://1.bp.blogspot.com/-RxYc9QbytK4/W-RTqoKYSfI/AAAAAAAANyE/UMmTMTjFB_8gkfqbsncXczg7YkC7aK1_gCLcB
Click to see the 97 hidden entries
https://www.blogger.com
https://curtbraz.blogspot.com/feeds/posts/default
http://52.36.72.57/templates/microsoftportal.png
https://www.linkedin.com/in/curtisbrazzell?trk=profile-badge-cta
https://4.bp.blogspot.com/-045RBBYjMns/XLk1n3MJx6I/AAAAAAAASks/e6sECtXox-4J4vdL7bbp8gkWU5AgB0k_ACLcB
http://52.36.72.57/templates/generic1portal.png
https://3.bp.blogspot.com/-vb8EzCz4fIM/XMmqaWbJKII/AAAAAAAAS4c/vNhjlL44NSUlERfYvgblu8ZNqlOms8QnQCLcB
https://www.blogger.com/static/v1/jsbin/2009820138-cmt.js
https://www.blogger.com/unvisited-link-
https://camo.githubusercontent.com/246cb16377e4ce06293219412429faddcba71f3a/68747470733a2f2f692e696d
http://52.36.72.57/templates/owaportal.png
http://52.36.72.57/campaigns/?target=curtis&campaignname=JOESandboxRoot
https://1.bp.blogspot.com/-IhU87iSri_I/XRFspx9wYiI/AAAAAAAAUb8/d6Q8mKGM_1UQFhLTPN3nulFv5PjgcwA8QCLcB
http://52.36.72.57/campaigns?target=curtis&campaignname=JOESandbox
https://2.bp.blogspot.com/-yECL7YQd9mU/W8_-RYCapBI/AAAAAAAANSU/bC9uBSZ2nhsnRgTCrFbM903YctzOXfBxACLcB
https://curtbraz.blogspot.com/2019/11/
https://camo.githubusercontent.com/857dfa1c1f3b157e9e748c4cf9b427395f20e73c/68747470733a2f2f692e696d
http://52.36.72.57/campaigns/
https://curtbraz.blogspot.com/favicon.ico
https://www.blogger.com/navbar.g?targetBlogID=5387342147732534609&blogName=Curtis
https://raw.githubusercontent.com/stefanpenner/es6-promise/master/LICENSE
https://phishapi.com
https://TARGET_URL.com/logon.html)
https://github.com/linkedin/dustjs-helpers/wiki/Deprecated-Features#
https://www.blogger.com/share-post.g?blogID=5387342147732534609&postID=5306835892636122209&target=pi
https://3.bp.blogspot.com/-wcQ_C8bcUPE/W37gs-Fb9-I/AAAAAAAAM9Y/IKUI5kSwPYEKzgUYT4I2NE95W9VkexNVwCLcB
https://camo.githubusercontent.com/cc67120baabd80868a0486f43bbbdd31ff4696c6/68747470733a2f2f692e696d
https://3.bp.blogspot.com/-wQRxq7jwr3Q/W9ABPFtI6LI/AAAAAAAANSk/MxKjX05Magc-Lzbkd1VZP8Rk8fEoVlRXQCLcB
https://curtbraz.blogspot.com/2018/10/phishapi-tool-rapid-deployment-of-fake.html
https://curtbraz.blogspot.com/2019/04/ill-be-back-adding-session-termination.html
http://52.36.72.57/templates/generic2portal.png
http://52.36.72.57/w3.css
http://schema.org/BlogPosting
https://2.bp.blogspot.com/-YrWZ0fg0Osc/XDlnYBRIetI/AAAAAAAAPe8/yFRNtfdDp8AiduYGHXtsKMvi5NuG60wsgCLcB
http://www.reddit.com/
https://1.bp.blogspot.com/-R6UWAuNY1Nk/W9fpV1S59GI/AAAAAAAANoQ/_wLnjNmW-CEeiqkLXXalsfLDOd6KLrjSACLcB
http://52.36.72.5shingdocs/ite=1tis&campaignname=JOESandboxRoot
http://52.36.72.5paigns/s/ite=1tis&campaignname=JOESandboxRoot
https://www.blogger.com/feeds/5387342147732534609/posts/default
http://52.36.72.57/templates/facebookportal.png
https://badges.linkedin.com/
http://52.36.72.57/templates/wordpressportal.png
https://lh6.googleusercontent.com/proxy/g0PI4LJn09a31iPWA1sZDRY0avk7QHLt6hmgnX8l22ZKpJfTgg8H9gKrNtXR
http://52.36.72.57/templates/generic3portal.png
https://2.bp.blogspot.com/-wAs1VrCILGs/W-RUByO9kTI/AAAAAAAANyQ/cVFm5db8CzkuL1QlcuOfgyRpIpI--7VmgCLcB
https://github.com/ryhanson/phishery
https://www.blogger.com/go/blogspot-cookies
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
https://curtbraz.blogspot.com/feeds/posts/default?alt=rss
http://52.36.72.57/phishingdocs/ite=1tis&campaignname=JOESandbox
https://curtbraz.blogspot.com/2019/05/
https://4.bp.blogspot.com/-Y8bTmdVicpg/W-RUZ11SnaI/AAAAAAAANyc/enHHz4Xa1EoEJyc5qO9nsEDEL5wS7zbBgCLcB
https://curtbraz.blogspot.com/2020/
https://www.blogger.com/rpc_relay.html
http://52.36.72.5/campaigns?target=EMAIL
https://letsencrypt.org/
https://www.blogger.com/static/v1/widgets/3257579429-widgets.js
http://52.36.72.57/main.css
https://www.blogger.com/share-post.g?blogID=5387342147732534609&postID=5306835892636122209&target=em
https://www.blogger.com/go/adspersonalization
https://curtbraz.blogspot.com/2019/06/one-two-punch-using-appsec-to-up-your.html
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=5387342147732534609&zx=04c466e0-d
https://www.blogger.com/static/v1/jsbin/2895387028-lbx.js
https://curtbraz.blogspot.com/feeds/5306835892636122209/comments/default
http://52.36.72.57/templates/linkedinportal.png
https://www.blogger.com/share-post.g?blogID=5387342147732534609&postID=5306835892636122209&target=fa
http://52.36.72.5Root
http://www.youtube.com/
https://curtbraz.blogspot.com/2019/06/
https://www.blogger.com/
http://www.cookiechoices.org/
https://camo.githubusercontent.com/4c6e43fcae9eaa77a917ee4f719d66ec740bd70c/68747470733a2f2f692e696d
https://resources.blogblog.com/img/blank.gif
https://curtbraz.blogspot.com/2019/10/
https://camo.githubusercontent.com/3739cfa553cfcfefaff1de0b3d4e34d1f78b8444/68747470733a2f2f692e696d
https://haveibeenpwned.com/Passwords
http://52.36.72.57/templates/owaportalgray.png
https://resources.blogblog.com/blogblog/data/1kt/awesomeinc/tabs_gradient_light.png)
https://www.blogger.com/static/v1/jsbin/3719806379-ieretrofit.js
http://52.36.72.57/campaigns/?target=curtis&campaignname=JOESandbox
https://curtbraz.blogspot.com/2018/10/
https://platform.linkedin.com/badges/js/profile.js
http://52.36.72.57/images/favicon/android-icon-192x192.png
http://flickr.com/photos/
https://twitter.com/intent/tweet?text=
http://52.36.72.5ex.php?fakesite=1tis&campaignname=JOESandboxRoot
http://52.36.72.57/templates/citrix2.png
http://52.36.72.57/campaigns/s/ite=1tis&campaignname=JOESandbox
https://1.bp.blogspot.com/-gN92UCpe06g/W9fpqzEqqmI/AAAAAAAANoY/W09VRuK2brgmlbjBkpVWRK88K2cMcCTXgCLcB
https://curtbraz.blogspot.com/%3Fspref%3Dsms
http://www.amazon.com/
https://www.blogger.com/comment-iframe.g?blogID=5387342147732534609&postID=5306835892636122209
http://www.twitter.com/
http://52.36.72.57/templates/googleportal.png
https://curtbraz.blogspot.com/2018/
https://curtbraz.blogs
https://2.bp.blogspot.com/-pgtUGzGJPh4/W8_sUQlJaHI/AAAAAAAANQw/OMx157zsgcgx3ebOgRt8N_zJRmjP6TgqACLcB

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{D75B2E2A-9D0C-11EA-AADD-C25F135D3C65}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{D75B2E2C-9D0C-11EA-AADD-C25F135D3C65}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{DD5D3536-9D0C-11EA-AADD-C25F135D3C65}.dat
Microsoft Word Document
#
Click to see the 97 hidden entries
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-17529550060\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-18270793970\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-21706820\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-4759708130\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-6757900\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-8760897390\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20259167780\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20332743330\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin8215062560\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\6aw4uvh\imagestore.dat
data
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\2895387028-lbx[1].js
HTML document, ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\3597120983-css_bundle_v2[1].css
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\68747470733a2f2f692e696d6775722e636f6d2f344d44376b71352e706e67[1].png
PNG image data, 1371 x 1091, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\68747470733a2f2f692e696d6775722e636f6d2f486c59335434472e706e67[1].png
PNG image data, 1161 x 131, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\68747470733a2f2f692e696d6775722e636f6d2f4f4f30736a44522e706e67[1].png
PNG image data, 3000 x 1247, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\68747470733a2f2f692e696d6775722e636f6d2f6b753655544e492e706e67[1].png
PNG image data, 980 x 121, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\68747470733a2f2f692e696d6775722e636f6d2f6f6e73507946702e706e67[1].png
PNG image data, 2171 x 1827, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\68747470733a2f2f692e696d6775722e636f6d2f715a46476d58412e706e67[1].png
PNG image data, 1315 x 247, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\KFOlCnqEu92Fr1MmSU5fBBc-[1].woff
Web Open Font Format, TrueType, length 20348, version 1.1
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\KFOlCnqEu92Fr1MmWUlfBBc-[1].woff
Web Open Font Format, TrueType, length 20356, version 1.1
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\MaskedEmailForm[1].png
PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\Untitled[1].png
PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\campaigns[1].htm
HTML document, ASCII text
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\campaigns[2].htm
HTML document, ASCII text
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\canttouchthis[1].png
PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\cb=gapi[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\facebookportal[1].png
PNG image data, 200 x 125, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\favicon[1].ico
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\font-awesome.min[1].css
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\hank-williams-bucket-finished[1].jpg
[TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, frames 3
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\hsGEEyaHwCIcN0idAQittEUHZIp2yj5V6V5sGrWbRe8[1].js
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\icons_gray[1].png
PNG image data, 46 x 20, 8-bit colormap, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\linkedinportal[1].png
PNG image data, 200 x 141, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\navbar[1].htm
HTML document, ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\owaportal[1].png
PNG image data, 200 x 134, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\platform_gapi.iframes.style.common[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\upsportal[1].png
PNG image data, 200 x 116, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\widgets[1].js
UTF-8 Unicode text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\0[1].jpg
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 178x178, frames 3
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\2621646369-cmtfp[1].css
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\2e1b81dfmyti45t4strx6bmw9[1].css
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\3257579429-widgets[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\368954415-lightbox_bundle[1].css
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\KFOlCnqEu92Fr1MmEU9fBBc-[1].woff
Web Open Font Format, TrueType, length 20464, version 1.1
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\Slack[1].PNG
PNG image data, 640 x 140, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\TrojanHorse[1].png
PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\arrows-black[1].png
PNG image data, 19 x 4, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\campaigns[1].htm
HTML document, ASCII text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\cb=gapi[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\cb=gapi[2].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\citrix2[1].png
PNG image data, 2286 x 1565, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\citrixportal[1].png
PNG image data, 200 x 146, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\comment-iframe[1].htm
HTML document, ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\cookienotice[1].js
ASCII text
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\emailembeddednotification[1].PNG
PNG image data, 640 x 173, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\fontawesome-webfont[1].eot
Embedded OpenType (EOT), FontAwesome family
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\index[1].htm
HTML document, ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\instagramportal[1].png
PNG image data, 200 x 166, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\logo_linkedin_flat_white_93x21[1].png
PNG image data, 93 x 21, 8-bit colormap, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\main[1].css
ASCII text
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\repositoryofloginportals[1].png
PNG image data, 640 x 406, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\rocky[1].jpg
[TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, frames 3
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\templateinput[1].png
PNG image data, 395 x 400, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\weaponizeddocuments[1].png
PNG image data, 640 x 185, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\welcome[1].png
PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\welcome[2].png
PNG image data, 400 x 291, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\wordpressportal[1].png
PNG image data, 200 x 212, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\68747470733a2f2f692e696d6775722e636f6d2f45375a4c63616d2e706e67[1].png
PNG image data, 2660 x 1582, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\KFOkCnqEu92Fr1MmgVxIIzQ[1].woff
Web Open Font Format, TrueType, length 20368, version 1.1
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\KFOmCnqEu92Fr1Mu4mxM[1].woff
Web Open Font Format, TrueType, length 20268, version 1.1
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\anon36[1].png
PNG image data, 36 x 36, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\beef[1].png
PNG image data, 640 x 105, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\campaigns[1].htm
HTML document, ASCII text, with CRLF, LF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\cb=gapi[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\chalkboard-generator-poster-gone-phishin-4-creds[1].jpg
[TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, frames 3
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\css[1].css
ASCII text
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\downloadorhosted[1].png
PNG image data, 640 x 350, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\emailbot[1].png
PNG image data, 640 x 45, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\emailcampaigntemplate[1].png
PNG image data, 400 x 305, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\generic2portal[1].png
PNG image data, 200 x 184, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\generic3portal[1].png
PNG image data, 200 x 158, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\icon18_edit_allbkg[1].gif
GIF image data, version 89a, 18 x 18
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\icon18_wrench_allbkg[1].png
PNG image data, 18 x 18, 8-bit colormap, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\manualhtml[1].png
PNG image data, 640 x 367, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\microsoftportal[1].png
PNG image data, 200 x 147, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\outofscopehash[1].png
PNG image data, 640 x 74, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\owaportalgray[1].png
PNG image data, 2319 x 1530, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\profile[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\profile[2].js
HTML document, ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\share_buttons_20_3[1].png
PNG image data, 120 x 60, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\tabs_gradient_light[1].png
PNG image data, 20 x 200, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\twitterportal[1].png
PNG image data, 200 x 135, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\uspsportal[1].png
PNG image data, 200 x 145, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\1334751479-comment_from_post_iframe[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\2009820138-cmt[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\68747470733a2f2f692e696d6775722e636f6d2f7377384a5751452e706e67[1].png
PNG image data, 1033 x 735, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\6qizw792os4nnvxx937bxv600[1].js
ASCII text, with very long lines
#