https://download2272.mediafire.com/dee0x8gd9lhg/kfsfaocy6dzql61/Cheque+Copy.7z

Status: finished

Submission Time: 2020-06-30 18:11:04 +02:00

Malicious

Trojan

Spyware

Evader

AgentTesla

Comments

Details

Analysis ID:
242352
API (Web) ID:
380423
Analysis Started:

2020-06-30 18:15:00 +02:00
Analysis Finished:

2020-06-30 18:25:04 +02:00
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
	Full Report Management Report IOC Report	malicious Score: 88	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

Open Full Report

malicious

Score: 19/72

IPs

IP	Country	Detection
104.18.74.113	United States
147.75.33.233	Switzerland
104.16.203.237	United States
Click to see the 12 hidden entries
216.58.207.67	United States
104.18.71.113	United States
104.18.26.18	United States
185.60.216.35	Ireland
147.75.33.131	Switzerland
199.91.155.13	United States
147.75.100.245	Switzerland
185.60.216.19	Ireland
66.102.1.156	United States
104.16.51.111	United States
104.16.37.47	United States
77.88.21.158	Russian Federation

Domains

Name	IP	Detection
www.google.co.uk	216.58.207.67
static.hotjar.com	0.0.0.0
script.hotjar.com	0.0.0.0
Click to see the 20 hidden entries
smtp.yandex.com	0.0.0.0
static.zdassets.com	0.0.0.0
vars.hotjar.com	0.0.0.0
stats.g.doubleclick.net	0.0.0.0
theme.zdassets.com	0.0.0.0
connect.facebook.net	0.0.0.0
p14.zdassets.com	0.0.0.0
www.facebook.com	0.0.0.0
d-ipv6.mmapiws.com	104.18.26.18
star-mini.c10r.facebook.com	185.60.216.35
scontent.xx.fbcdn.net	185.60.216.19
device.maxmind.com	104.16.37.47
static.mediafire.com	104.16.203.237
download2272.mediafire.com	199.91.155.13
89ca855a075f1d47c0a490ec8aa47d0c-100.s.section.io	147.75.100.245
cf.zdassets.com	104.18.71.113
smtp.yandex.ru	77.88.21.158
stats.l.doubleclick.net	66.102.1.156
www.mediafire.com	104.16.203.237
mediafire.zendesk.com	104.16.51.111

URLs

Name	Detection
https://twitter.com/share?lang=en&text=How
https://www.mediafire.com/favicon.ico~
http://www.lalit.org/lab/javascript-css-font-detect/
Click to see the 97 hidden entries
https://www.hotjarconsent.com/it.html
https://mediafire.zendesk.com/hc/en-usticket.phpdkey=dee0x8gd9lh&qkey=kfsfaocy6dzql61&ip=84.17.52.80
http://subca.ocsp-certum.com0.
http://knowledgebase.mediafire.com/article.php?id=68#sthash.PV0p4v2D.dpuf
https://mediafire.zendesk.com/knowledge/user_segments?brand_id=362757
https://www.hotjarconsent.com/sq.html
https://www.mediafire.com/upgrade/?promo=1&HFesk.com/hc/en-usRoot
http://www.twitter.com/
https://zenorocha.github.io/clipboard.js
https://www.linkedin.com/shareArticle?mini=true&source=MediaFire&title=How
http://subca.ocsp-certum.com01
http://yandex.crl.certum.pl/ycasha2.crl0
http://www.amazon.com/
https://www.mediafire.com/upgrade/?promo=1&HFesk.com/hc/en-us/articles/206397
https://www.mediafire.com/software/
http://VZD6DtcAL8x7e0S1H.org
http://static.mediafire.com/images/backgrounds/download/download_status/download_new_key.svg
https://www.mediafire.com/upgrade/?promo=1&HFRoot
http://static.mediafire.com/images/icons/dropdown-arrow.png
https://www.zendesk.com/guide/features/knowledge-capture-app/
https://www.hotjarconsent.com/fi.html
https://mediafire.zendesk.com/knowledge/community_badges?brand_id=362757
https://www.mediafire.com/login/
http://static.mediafire.com/images/icons/svg_light/facebook.svg
https://mediafire.zendesk.com/hc/en-us
https://www.mediafire.com/about/HFile
http://yandex.ocsp-responder.com03
https://theme.zdassets.com/theme_assets/760805/a2aa66adf9b3e266ef73d7544d328f2a99e0ef7e.pngw
http://static.mediafire.com/images/icons/logotab.png
https://mediafire.zendesk.com/hc/en-usn
https://www.mediafire.
https://www.certum.pl/CPS0
https://static.hotjar.com/c/hotjar-
http://static.mediafire.com/images/icons/svg_dark/loading_indeterminate.svg
https://www.mediafire.com/upgrade/?promo=1&HFesk.com/hc/en-usrticles/206397
https://www.hotjar.com
https://www.zendesk.com/product/tech-specs/
https://www.mediafire.com/upgrade/?promo=1&et.phpdkey=dee0x8gd9lh&qkey=kfsfaocy6dzql61&ip=84.17.52.8
https://www.mediafire.com/help/submit_a_ticket.php
http://www.nytimes.com/
https://mediafire.zendesk.com/knowledge/import_articles?brand_id=362757
https://vars.h
https://mediafire.zendesk.com/system/photos/0001/9819/3078/10606547_10203695341201362_34208382224667
https://www.hotjarconsent.com/pt_br.html
http://www.mediafire.com/
https://www.mediafire.com/index.phpromo=1&
https://www.mediafire.com/images/logos/mf_logo250x250.png
http://www.mediafire.com/download_repair.php?flag=3&dkey=dee0x8gd9lh&qkey=kfsfaocy6dzql61&ip=84.17.5
http://static.mediafire.com/images/icons/dropdown-arrow-left-white.png
http://www.certum.pl/CPS0
https://www.mediafire.com/upgrade/?promo=1&www.mediafire.com/favicon.ico
https://www.mediafire.cRoot
http://www.reddit.com/
http://static.mediafire.com/images/backgrounds/newMyfiles/smArrow.png
https://mediafire.zendesk.com/admin/billing/subscription
http://static.mediafire.com/images/icons/mysteryman.png
https://stats.g.doubleclick.net/j/collect
http://www.mediafire.com/upgrade
http://static.mediafire.com/images/icons/svg_light/social_icons_sprite.svg
https://mediafire.zendesk.com/hc/en-us/articles/206397938-How-do-I-upload-a-file-to-MediaFire-?mobil
https://mediafire.zendesk.com
https://www.mediafire.com/upgrade/romo=1&b
http://repository.certum.pl/ca.cer09
http://static.mediafire.com/js/master_121571.js
http://dbushell.com/
https://mediafire.zendesk.com/knowledge/search_settings?brand_id=362757
http://www.mediafire.com/images/icons/myfiles/default.png
http://static.mediafire.com/images/icons/ico30/ico30-v9.png
https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&
https://mediafire.zendesk.com/knowledge/community_settings?brand_id=362757
http://www.mediafire.com/upgrade/
https://www.mediafire.com/index.phpHFile
http://www.mediafire.com/login/
https://www.hotjarconsent.com/zh.html
http://github.com/garycourt/murmurhash-js
https://www.mediafire.com/software/romo=1&h
https://rollbar-us.zendesk.com/api/1/item/
https://www.mediafire.com/upgrade/tps://www.mediafire.com/upgrade/
https://mediafire.zendesk.com/hc/es
http://www.mediafire.com/help/submit_a_ticket.php
http://mediafire.zendesk.com/hc/en-us/articles/206397938
https://www.mediafire.com/index.php
https://www.hotjarconsent.com/el.html
https://www.hotjarconsent.com/
https://www.mediafire.com/upgrade/?promo=1&
https://www.hotjarconsent.com/sv.html
https://www.mediafire.com/HFile
http://mediafire.zendesk.com/
https://www.mediafire.com/m/hc/en-usticket.phpdkey=dee0x8gd9lh&qkey=kfsfaocy6dzql61&ip=84.17.52.80&r
https://www.mediafire.com
http://static.mediafire.com/images/backgrounds/header/mf_logo_u1_full_color.svg
https://mediafire.zendesk.com/knowledge/arrange?brand_id=362757
http://www.mediafire.com/favicon.ico~
http://www.mediafire.c
http://www.mediafire.com
https://www.hotjarconsent.com/fr.html
https://www.hotjarconsent.com/pl.html

Dropped files

Name	File Type	Hashes
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\Cheque Copy.exe.log	ASCII text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\upload[1].svg	SVG Scalable Vector Graphics image	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\vendors~subscribe-29bf8a0b2929c032b5c063d319a9b8f5[1].js	ASCII text, with very long lines, with no line terminators	#
Click to see the 97 hidden entries
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\upgrade[2].htm	HTML document, ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\upgrade[1].htm	ASCII text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\undo_2x[1].png	PNG image data, 96 x 96, 8-bit gray+alpha, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\twitter[1].svg	SVG Scalable Vector Graphics image	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\tr[2].gif	GIF image data, version 89a, 1 x 1	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\tr[1].gif	GIF image data, version 89a, 1 x 1	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\tool-mobile[1].png	[TIFF image data, little-endian, direntries=0], baseline, precision 8, 220x125, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\tf_downloads[1].svg	SVG Scalable Vector Graphics image	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\tf_10gb[1].svg	SVG Scalable Vector Graphics image	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\subscribe-7233a65d34ffe885877291083f63f1b2[1].js	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\submit_a_ticket[2].htm	HTML document, ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\submit_a_ticket[1].htm	ASCII text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\styles__ltr[1].css	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\style[1].css	ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\smArrow[1].png	PNG image data, 48 x 12, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\share[1].svg	SVG Scalable Vector Graphics image	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\sdk[1].js	ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\script[1].js	ASCII text	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\rucksack_v2[1].png	PNG image data, 300 x 250, 8-bit colormap, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\pf_direct_download[1].svg	SVG Scalable Vector Graphics image	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\mfv4_121571[2].css	UTF-8 Unicode text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\mfv4_121571[1].css	UTF-8 Unicode text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\mfv3_121571[1].css	UTF-8 Unicode text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KGYEP10B\api[1].js	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KGYEP10B\dropdown-arrow[2].png	PNG image data, 7 x 7, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KGYEP10B\dropdown-arrow[1].png	PNG image data, 7 x 7, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KGYEP10B\dropdown-arrow-up-dark[1].png	PNG image data, 7 x 7, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KGYEP10B\download_repair[1].htm	HTML document, ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KGYEP10B\css[1].css	ASCII text	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KGYEP10B\collaborate[1].svg	SVG Scalable Vector Graphics image	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KGYEP10B\check_circle_green[1].svg	SVG Scalable Vector Graphics image	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KGYEP10B\blank[3].htm	HTML document, ASCII text, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KGYEP10B\blank[2].htm	HTML document, ASCII text, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KGYEP10B\blank[1].htm	HTML document, ASCII text, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KGYEP10B\basic-plan[1].svg	SVG Scalable Vector Graphics image	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KGYEP10B\arrow_dropdown[1].svg	SVG Scalable Vector Graphics image	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\mf_logo_u1_full_color_reversed[2].svg	SVG Scalable Vector Graphics image	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KGYEP10B\answerBot[1].js	UTF-8 Unicode text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KGYEP10B\anchor[1].htm	HTML document, ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KGYEP10B\access_color[1].svg	SVG Scalable Vector Graphics image	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KGYEP10B\access[1].svg	SVG Scalable Vector Graphics image	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KGYEP10B\accDoubleClick[1].jpg	[TIFF image data, little-endian, direntries=0], baseline, precision 8, 115x34, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KGYEP10B\a2aa66adf9b3e266ef73d7544d328f2a99e0ef7e[1].png	PNG image data, 16 x 16, 8-bit colormap, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KGYEP10B\CM4GVFUI.htm	HTML document, ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KGYEP10B\542578585845936[1].js	ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KGYEP10B\206397938-How-do-I-upload-a-file-to-MediaFire-[1].htm	HTML document, UTF-8 Unicode text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\webworker[2].js	ASCII text, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\webworker[1].js	ASCII text, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-314712940\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\accTechCrunch[1].jpg	[TIFF image data, little-endian, direntries=0], baseline, precision 8, 112x16, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\accPCWorld[1].jpg	[TIFF image data, little-endian, direntries=0], baseline, precision 8, 106x25, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\9XACFQLR.htm	HTML document, ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\542578585845936[1].js	ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\10606547_10203695341201362_3420838222466724425_n[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 80x60, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\r1ckxmj\imagestore.dat	data	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin8215062560\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20332743330\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20259167780\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-8760897390\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-6757900\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-4759708130\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\anchor[1].htm	HTML document, ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-21706820\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-18270793970\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-17529550060\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{85DD40C2-BB38-11EA-AAE6-44C1B3FB757B}.dat	Microsoft Word Document	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{7ECE428F-BB38-11EA-AAE6-44C1B3FB757B}.dat	Microsoft Word Document	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{7ECE428D-BB38-11EA-AAE6-44C1B3FB757B}.dat	Microsoft Word Document	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\ZA21IYDR\www.mediafire[1].xml	ASCII text, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\ZA21IYDR\vars.hotjar[1].xml	ASCII text, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\DR4TDOF4\mediafire.zendesk[1].xml	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\4WARGAAR\www.google[1].xml	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\2NWC0UP7\www.mediafire[1].xml	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\fbevents[2].js	ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\mf_logo_u1_full_color[1].svg	SVG Scalable Vector Graphics image	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\memnYaGs126MiZpBA-UFUKWyV9hrIqU[1].woff	Web Open Font Format, TrueType, length 17668, version 1.1	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\memnYaGs126MiZpBA-UFUKW-U9hrIqU[1].woff	Web Open Font Format, TrueType, length 17788, version 1.1	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\loading_indeterminate[1].svg	SVG Scalable Vector Graphics image	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\lifehacker[1].svg	SVG Scalable Vector Graphics image	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\js[1].js	UTF-8 Unicode text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\jquery.min[1].js	HTML document, UTF-8 Unicode text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\info_2x[1].png	PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\ico30_reversed-v9[1].png	PNG image data, 2130 x 20, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\hc_enduser-4b38d35086edff015f94f47c24f2657c[1].js	UTF-8 Unicode text, with very long lines, with NEL line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\googlelogo_color_42x16dp[1].png	PNG image data, 42 x 16, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\mf_logo_u1_full_color_reversed[1].svg	SVG Scalable Vector Graphics image	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\fbevents[1].js	ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\favicon[1].ico	MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 24x24, 8 bits/pixel	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\entypo-3abe7740fe6a52bc50b230991f869092[1].eot	Embedded OpenType (EOT), entypo family	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\dropdown-arrow-left-white[1].png	PNG image data, 7 x 7, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\cross-icon_2x[1].png	PNG image data, 21 x 21, 4-bit colormap, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\cnet[1].svg	SVG Scalable Vector Graphics image	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\close[1].svg	SVG Scalable Vector Graphics image	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\briefcase[1].png	PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\box-469cf41adb11dc78be68c1ae7f9457a4[1].htm	HTML document, ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\bframe[1].htm	HTML document, ASCII text	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\api[1].js	ASCII text, with very long lines, with no line terminators	#

https://download2272.mediafire.com/dee0x8gd9lhg/kfsfaocy6dzql61/Cheque+Copy.7z

Comments

Tags

Available tags:

Details

Joe Sandbox

Third Party Analysis Engines

IPs

Domains

URLs

Dropped files

https://download2272.mediafire.com/dee0x8gd9lhg/kfsfaocy6dzql61/Cheque+Copy.7z Options

Comments

Tags

Available tags:

Details

Joe Sandbox

Third Party Analysis Engines

IPs

Domains

URLs

Dropped files

Search started

https://download2272.mediafire.com/dee0x8gd9lhg/kfsfaocy6dzql61/Cheque+Copy.7z