top title background image
flash

http://52.36.72.57/campaigns?target=curtis&campaignname=JOESandbox

Status: finished
Submission Time: 2020-05-23 08:48:03 +02:00
Clean

Comments

Tags

Details

  • Analysis ID:
    232588
  • API (Web) ID:
    361425
  • Analysis Started:
    2020-05-23 08:48:03 +02:00
  • Analysis Finished:
    2020-05-23 08:53:10 +02:00
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
clean
Score: 0
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

IPs

IP Country Detection
152.199.21.118
United States
151.101.0.133
United States
93.184.220.66
European Union
Click to see the 6 hidden entries
185.63.144.5
United States
104.16.133.229
United States
172.217.22.2
United States
172.217.23.97
United States
216.58.212.161
United States
52.36.72.57
United States

Domains

Name IP Detection
camo.githubusercontent.com
0.0.0.0
www.blogger.com
0.0.0.0
curtbraz.blogspot.com
0.0.0.0
Click to see the 20 hidden entries
3.bp.blogspot.com
0.0.0.0
platform.linkedin.com
0.0.0.0
platform.twitter.com
0.0.0.0
media-exp1.licdn.com
0.0.0.0
4.bp.blogspot.com
0.0.0.0
1.bp.blogspot.com
0.0.0.0
resources.blogblog.com
0.0.0.0
2.bp.blogspot.com
0.0.0.0
static-exp1.licdn.com
0.0.0.0
github.map.fastly.net
151.101.0.133
badges.linkedin.com
0.0.0.0
lh6.googleusercontent.com
0.0.0.0
googlehosted.l.googleusercontent.com
172.217.23.97
cs41.wac.edgecastcdn.net
93.184.220.66
cs1404.wpc.epsiloncdn.net
152.199.21.118
photos-ugc.l.googleusercontent.com
216.58.212.161
blogspot.l.googleusercontent.com
216.58.212.161
cdnjs.cloudflare.com
104.16.133.229
pop-tln1-alpha.mix.linkedin.com
185.63.144.5
pagead46.l.doubleclick.net
172.217.22.2

URLs

Name Detection
https://www.blogger.com/go/adspersonalization
https://camo.githubusercontent.com/4c6e43fcae9eaa77a917ee4f719d66ec740bd70c/68747470733a2f2f692e696d
http://www.cookiechoices.org/
Click to see the 97 hidden entries
https://www.blogger.com/
https://curtbraz.blogspot.com/2019/06/
http://www.youtube.com/
http://52.36.72.5Root
https://www.blogger.com/share-post.g?blogID=5387342147732534609&postID=5306835892636122209&target=fa
http://52.36.72.57/templates/linkedinportal.png
https://curtbraz.blogspot.com/feeds/5306835892636122209/comments/default
https://www.blogger.com/static/v1/jsbin/2895387028-lbx.js
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=5387342147732534609&zx=04c466e0-d
https://curtbraz.blogspot.com/2019/06/one-two-punch-using-appsec-to-up-your.html
https://resources.blogblog.com/img/blank.gif
https://www.blogger.com/share-post.g?blogID=5387342147732534609&postID=5306835892636122209&target=em
http://52.36.72.57/main.css
https://www.blogger.com/static/v1/widgets/3257579429-widgets.js
https://letsencrypt.org/
http://52.36.72.5/campaigns?target=EMAIL
https://www.blogger.com/rpc_relay.html
https://curtbraz.blogspot.com/2020/
https://4.bp.blogspot.com/-Y8bTmdVicpg/W-RUZ11SnaI/AAAAAAAANyc/enHHz4Xa1EoEJyc5qO9nsEDEL5wS7zbBgCLcB
https://curtbraz.blogspot.com/2019/05/
http://52.36.72.57/phishingdocs/ite=1tis&campaignname=JOESandbox
https://curtbraz.blogspot.com/feeds/posts/default?alt=rss
https://twitter.com/intent/tweet?text=
https://2.bp.blogspot.com/-pgtUGzGJPh4/W8_sUQlJaHI/AAAAAAAANQw/OMx157zsgcgx3ebOgRt8N_zJRmjP6TgqACLcB
https://curtbraz.blogs
https://curtbraz.blogspot.com/2018/
http://52.36.72.57/templates/googleportal.png
http://www.twitter.com/
https://www.blogger.com/comment-iframe.g?blogID=5387342147732534609&postID=5306835892636122209
http://www.amazon.com/
https://curtbraz.blogspot.com/%3Fspref%3Dsms
https://1.bp.blogspot.com/-gN92UCpe06g/W9fpqzEqqmI/AAAAAAAANoY/W09VRuK2brgmlbjBkpVWRK88K2cMcCTXgCLcB
http://52.36.72.57/campaigns/s/ite=1tis&campaignname=JOESandbox
http://52.36.72.57/templates/citrix2.png
http://52.36.72.5ex.php?fakesite=1tis&campaignname=JOESandboxRoot
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
http://flickr.com/photos/
http://52.36.72.57/images/favicon/android-icon-192x192.png
https://platform.linkedin.com/badges/js/profile.js
https://curtbraz.blogspot.com/2018/10/
http://52.36.72.57/campaigns/?target=curtis&campaignname=JOESandbox
https://www.blogger.com/static/v1/jsbin/3719806379-ieretrofit.js
https://resources.blogblog.com/blogblog/data/1kt/awesomeinc/tabs_gradient_light.png)
http://52.36.72.57/templates/owaportalgray.png
https://haveibeenpwned.com/Passwords
https://camo.githubusercontent.com/3739cfa553cfcfefaff1de0b3d4e34d1f78b8444/68747470733a2f2f692e696d
https://curtbraz.blogspot.com/2019/10/
https://camo.githubusercontent.com/246cb16377e4ce06293219412429faddcba71f3a/68747470733a2f2f692e696d
https://phishapi.com
https://raw.githubusercontent.com/stefanpenner/es6-promise/master/LICENSE
https://www.blogger.com/navbar.g?targetBlogID=5387342147732534609&blogName=Curtis
https://curtbraz.blogspot.com/favicon.ico
http://52.36.72.57/campaigns/
https://camo.githubusercontent.com/857dfa1c1f3b157e9e748c4cf9b427395f20e73c/68747470733a2f2f692e696d
https://curtbraz.blogspot.com/2019/11/
https://2.bp.blogspot.com/-yECL7YQd9mU/W8_-RYCapBI/AAAAAAAANSU/bC9uBSZ2nhsnRgTCrFbM903YctzOXfBxACLcB
http://52.36.72.57/campaigns?target=curtis&campaignname=JOESandbox
https://1.bp.blogspot.com/-IhU87iSri_I/XRFspx9wYiI/AAAAAAAAUb8/d6Q8mKGM_1UQFhLTPN3nulFv5PjgcwA8QCLcB
http://52.36.72.57/campaigns/?target=curtis&campaignname=JOESandboxRoot
http://52.36.72.57/templates/owaportal.png
https://TARGET_URL.com/logon.html)
https://www.blogger.com/unvisited-link-
https://www.blogger.com/static/v1/jsbin/2009820138-cmt.js
https://3.bp.blogspot.com/-vb8EzCz4fIM/XMmqaWbJKII/AAAAAAAAS4c/vNhjlL44NSUlERfYvgblu8ZNqlOms8QnQCLcB
http://52.36.72.57/templates/generic1portal.png
https://4.bp.blogspot.com/-045RBBYjMns/XLk1n3MJx6I/AAAAAAAASks/e6sECtXox-4J4vdL7bbp8gkWU5AgB0k_ACLcB
https://www.linkedin.com/in/curtisbrazzell?trk=profile-badge-cta
http://52.36.72.57/templates/microsoftportal.png
https://curtbraz.blogspot.com/feeds/posts/default
https://www.blogger.com
https://1.bp.blogspot.com/-RxYc9QbytK4/W-RTqoKYSfI/AAAAAAAANyE/UMmTMTjFB_8gkfqbsncXczg7YkC7aK1_gCLcB
http://fontawesome.io
http://www.reddit.com/
https://www.blogger.com/go/blogspot-cookies
https://github.com/ryhanson/phishery
https://2.bp.blogspot.com/-wAs1VrCILGs/W-RUByO9kTI/AAAAAAAANyQ/cVFm5db8CzkuL1QlcuOfgyRpIpI--7VmgCLcB
http://52.36.72.57/templates/generic3portal.png
https://lh6.googleusercontent.com/proxy/g0PI4LJn09a31iPWA1sZDRY0avk7QHLt6hmgnX8l22ZKpJfTgg8H9gKrNtXR
http://52.36.72.57/templates/wordpressportal.png
https://badges.linkedin.com/
http://52.36.72.57/templates/facebookportal.png
https://www.blogger.com/feeds/5387342147732534609/posts/default
http://52.36.72.5paigns/s/ite=1tis&campaignname=JOESandboxRoot
http://52.36.72.5shingdocs/ite=1tis&campaignname=JOESandboxRoot
https://1.bp.blogspot.com/-R6UWAuNY1Nk/W9fpV1S59GI/AAAAAAAANoQ/_wLnjNmW-CEeiqkLXXalsfLDOd6KLrjSACLcB
https://www.blogger.com/static/v1/v-css/368954415-lightbox_bundle.css
https://2.bp.blogspot.com/-YrWZ0fg0Osc/XDlnYBRIetI/AAAAAAAAPe8/yFRNtfdDp8AiduYGHXtsKMvi5NuG60wsgCLcB
http://schema.org/BlogPosting
http://52.36.72.57/w3.css
http://52.36.72.57/templates/generic2portal.png
https://curtbraz.blogspot.com/2019/04/ill-be-back-adding-session-termination.html
https://curtbraz.blogspot.com/2018/10/phishapi-tool-rapid-deployment-of-fake.html
https://3.bp.blogspot.com/-wQRxq7jwr3Q/W9ABPFtI6LI/AAAAAAAANSk/MxKjX05Magc-Lzbkd1VZP8Rk8fEoVlRXQCLcB
https://camo.githubusercontent.com/cc67120baabd80868a0486f43bbbdd31ff4696c6/68747470733a2f2f692e696d
https://3.bp.blogspot.com/-wcQ_C8bcUPE/W37gs-Fb9-I/AAAAAAAAM9Y/IKUI5kSwPYEKzgUYT4I2NE95W9VkexNVwCLcB
https://www.blogger.com/share-post.g?blogID=5387342147732534609&postID=5306835892636122209&target=pi
https://github.com/linkedin/dustjs-helpers/wiki/Deprecated-Features#

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\main[1].css
ASCII text
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\beef[1].png
PNG image data, 640 x 105, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\anon36[1].png
PNG image data, 36 x 36, 8-bit/color RGB, non-interlaced
#
Click to see the 97 hidden entries
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\KFOmCnqEu92Fr1Mu4mxM[1].woff
Web Open Font Format, TrueType, length 20268, version 1.1
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\KFOkCnqEu92Fr1MmgVxIIzQ[1].woff
Web Open Font Format, TrueType, length 20368, version 1.1
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\68747470733a2f2f692e696d6775722e636f6d2f45375a4c63616d2e706e67[1].png
PNG image data, 2660 x 1582, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\wordpressportal[1].png
PNG image data, 200 x 212, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\welcome[2].png
PNG image data, 400 x 291, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\welcome[1].png
PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\weaponizeddocuments[1].png
PNG image data, 640 x 185, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\templateinput[1].png
PNG image data, 395 x 400, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\rocky[1].jpg
[TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, frames 3
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\repositoryofloginportals[1].png
PNG image data, 640 x 406, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\campaigns[1].htm
HTML document, ASCII text, with CRLF, LF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\logo_linkedin_flat_white_93x21[1].png
PNG image data, 93 x 21, 8-bit colormap, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\instagramportal[1].png
PNG image data, 200 x 166, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\index[1].htm
HTML document, ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\fontawesome-webfont[1].eot
Embedded OpenType (EOT), FontAwesome family
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\emailembeddednotification[1].PNG
PNG image data, 640 x 173, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\cookienotice[1].js
ASCII text
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\comment-iframe[1].htm
HTML document, ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\citrixportal[1].png
PNG image data, 200 x 146, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\citrix2[1].png
PNG image data, 2286 x 1565, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\cb=gapi[2].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\cb=gapi[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\microsoftportal[1].png
PNG image data, 200 x 147, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\6qizw792os4nnvxx937bxv600[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\68747470733a2f2f692e696d6775722e636f6d2f7377384a5751452e706e67[1].png
PNG image data, 1033 x 735, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\2009820138-cmt[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\1334751479-comment_from_post_iframe[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\uspsportal[1].png
PNG image data, 200 x 145, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\twitterportal[1].png
PNG image data, 200 x 135, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\tabs_gradient_light[1].png
PNG image data, 20 x 200, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\share_buttons_20_3[1].png
PNG image data, 120 x 60, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\profile[2].js
HTML document, ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\profile[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\owaportalgray[1].png
PNG image data, 2319 x 1530, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\outofscopehash[1].png
PNG image data, 640 x 74, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\campaigns[1].htm
HTML document, ASCII text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\manualhtml[1].png
PNG image data, 640 x 367, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\icon18_wrench_allbkg[1].png
PNG image data, 18 x 18, 8-bit colormap, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\icon18_edit_allbkg[1].gif
GIF image data, version 89a, 18 x 18
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\generic3portal[1].png
PNG image data, 200 x 158, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\generic2portal[1].png
PNG image data, 200 x 184, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\emailcampaigntemplate[1].png
PNG image data, 400 x 305, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\emailbot[1].png
PNG image data, 640 x 45, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\downloadorhosted[1].png
PNG image data, 640 x 350, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\css[1].css
ASCII text
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\chalkboard-generator-poster-gone-phishin-4-creds[1].jpg
[TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, frames 3
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\cb=gapi[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\6aw4uvh\imagestore.dat
data
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\Untitled[1].png
PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\MaskedEmailForm[1].png
PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\KFOlCnqEu92Fr1MmWUlfBBc-[1].woff
Web Open Font Format, TrueType, length 20356, version 1.1
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\KFOlCnqEu92Fr1MmSU5fBBc-[1].woff
Web Open Font Format, TrueType, length 20348, version 1.1
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\68747470733a2f2f692e696d6775722e636f6d2f715a46476d58412e706e67[1].png
PNG image data, 1315 x 247, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\68747470733a2f2f692e696d6775722e636f6d2f6f6e73507946702e706e67[1].png
PNG image data, 2171 x 1827, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\68747470733a2f2f692e696d6775722e636f6d2f6b753655544e492e706e67[1].png
PNG image data, 980 x 121, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\68747470733a2f2f692e696d6775722e636f6d2f4f4f30736a44522e706e67[1].png
PNG image data, 3000 x 1247, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\68747470733a2f2f692e696d6775722e636f6d2f486c59335434472e706e67[1].png
PNG image data, 1161 x 131, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\68747470733a2f2f692e696d6775722e636f6d2f344d44376b71352e706e67[1].png
PNG image data, 1371 x 1091, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\3597120983-css_bundle_v2[1].css
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\2895387028-lbx[1].js
HTML document, ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\campaigns[1].htm
HTML document, ASCII text
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin8215062560\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20332743330\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20259167780\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-8760897390\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-6757900\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-4759708130\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-21706820\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-18270793970\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-17529550060\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{DD5D3536-9D0C-11EA-AADD-C25F135D3C65}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{D75B2E2C-9D0C-11EA-AADD-C25F135D3C65}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\owaportal[1].png
PNG image data, 200 x 134, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\arrows-black[1].png
PNG image data, 19 x 4, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\TrojanHorse[1].png
PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\Slack[1].PNG
PNG image data, 640 x 140, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\KFOlCnqEu92Fr1MmEU9fBBc-[1].woff
Web Open Font Format, TrueType, length 20464, version 1.1
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\368954415-lightbox_bundle[1].css
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\3257579429-widgets[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\2e1b81dfmyti45t4strx6bmw9[1].css
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\2621646369-cmtfp[1].css
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\0[1].jpg
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 178x178, frames 3
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\widgets[1].js
UTF-8 Unicode text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\upsportal[1].png
PNG image data, 200 x 116, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\platform_gapi.iframes.style.common[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{D75B2E2A-9D0C-11EA-AADD-C25F135D3C65}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\navbar[1].htm
HTML document, ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\linkedinportal[1].png
PNG image data, 200 x 141, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\icons_gray[1].png
PNG image data, 46 x 20, 8-bit colormap, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\hsGEEyaHwCIcN0idAQittEUHZIp2yj5V6V5sGrWbRe8[1].js
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\hank-williams-bucket-finished[1].jpg
[TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, frames 3
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\font-awesome.min[1].css
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\favicon[1].ico
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\facebookportal[1].png
PNG image data, 200 x 125, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\cb=gapi[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\canttouchthis[1].png
PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\campaigns[2].htm
HTML document, ASCII text
#