flash

https://download2272.mediafire.com/dee0x8gd9lhg/kfsfaocy6dzql61/Cheque+Copy.7z

Status: finished
Submission Time: 30.06.2020 18:11:04
Malicious
Trojan
Spyware
Evader
AgentTesla

Comments

Tags

Details

  • Analysis ID:
    242352
  • API (Web) ID:
    380423
  • Analysis Started:
    30.06.2020 18:15:00
  • Analysis Finished:
    30.06.2020 18:25:04
  • Technologies:
Full Report Engine Info Verdict Score Reports

System: Windows 10 64 bit (version 1803) with Office 2016, Adobe Reader DC 19, Chrome 70, Firefox 63, Java 8.171, Flash 30.0.0.113

malicious
88/100

malicious
19/72

IPs

IP Country Detection
104.18.74.113
United States
147.75.33.233
Switzerland
104.16.203.237
United States
Click to see the 12 hidden entries
216.58.207.67
United States
104.18.71.113
United States
104.18.26.18
United States
185.60.216.35
Ireland
147.75.33.131
Switzerland
199.91.155.13
United States
147.75.100.245
Switzerland
185.60.216.19
Ireland
66.102.1.156
United States
104.16.51.111
United States
104.16.37.47
United States
77.88.21.158
Russian Federation

Domains

Name IP Detection
static.hotjar.com
0.0.0.0
star-mini.c10r.facebook.com
185.60.216.35
mediafire.zendesk.com
104.16.51.111
Click to see the 20 hidden entries
www.mediafire.com
104.16.203.237
stats.l.doubleclick.net
66.102.1.156
smtp.yandex.ru
77.88.21.158
cf.zdassets.com
104.18.71.113
89ca855a075f1d47c0a490ec8aa47d0c-100.s.section.io
147.75.100.245
download2272.mediafire.com
199.91.155.13
static.mediafire.com
104.16.203.237
device.maxmind.com
104.16.37.47
scontent.xx.fbcdn.net
185.60.216.19
www.google.co.uk
216.58.207.67
d-ipv6.mmapiws.com
104.18.26.18
www.facebook.com
0.0.0.0
p14.zdassets.com
0.0.0.0
connect.facebook.net
0.0.0.0
theme.zdassets.com
0.0.0.0
stats.g.doubleclick.net
0.0.0.0
vars.hotjar.com
0.0.0.0
static.zdassets.com
0.0.0.0
smtp.yandex.com
0.0.0.0
script.hotjar.com
0.0.0.0

URLs

Name Detection
http://mediafire.zendesk.com/hc/en-us/articles/206397938
http://www.mediafire.com/help/submit_a_ticket.php
https://mediafire.zendesk.com/hc/es
Click to see the 97 hidden entries
https://www.mediafire.com/upgrade/tps://www.mediafire.com/upgrade/
https://rollbar-us.zendesk.com/api/1/item/
https://www.mediafire.com/software/romo=1&h
http://github.com/garycourt/murmurhash-js
https://www.hotjarconsent.com/zh.html
https://www.hotjar.com
https://mediafire.zendesk.com/knowledge/community_badges?brand_id=362757
https://www.hotjarconsent.com/fi.html
https://www.zendesk.com/guide/features/knowledge-capture-app/
http://static.mediafire.com/images/icons/dropdown-arrow.png
https://www.mediafire.com/upgrade/?promo=1&HFRoot
http://static.mediafire.com/images/backgrounds/download/download_status/download_new_key.svg
http://VZD6DtcAL8x7e0S1H.org
https://www.mediafire.com/software/
https://www.mediafire.com/upgrade/?promo=1&HFesk.com/hc/en-us/articles/206397
http://www.amazon.com/
http://yandex.crl.certum.pl/ycasha2.crl0
https://twitter.com/share?lang=en&text=How
https://www.linkedin.com/shareArticle?mini=true&source=MediaFire&title=How
https://zenorocha.github.io/clipboard.js
http://www.twitter.com/
https://www.mediafire.com/upgrade/?promo=1&HFesk.com/hc/en-usRoot
https://www.hotjarconsent.com/sq.html
https://mediafire.zendesk.com/knowledge/user_segments?brand_id=362757
http://knowledgebase.mediafire.com/article.php?id=68#sthash.PV0p4v2D.dpuf
http://subca.ocsp-certum.com0.
https://mediafire.zendesk.com/hc/en-usticket.phpdkey=dee0x8gd9lh&qkey=kfsfaocy6dzql61&ip=84.17.52.80
https://www.hotjarconsent.com/it.html
http://www.lalit.org/lab/javascript-css-font-detect/
https://www.mediafire.com/favicon.ico~
http://subca.ocsp-certum.com01
https://www.mediafire.com/images/logos/mf_logo250x250.png
https://www.mediafire.com/index.phpromo=1&
http://www.mediafire.com/
https://www.hotjarconsent.com/pt_br.html
https://mediafire.zendesk.com/system/photos/0001/9819/3078/10606547_10203695341201362_34208382224667
https://vars.h
https://mediafire.zendesk.com/knowledge/import_articles?brand_id=362757
http://www.nytimes.com/
https://www.mediafire.com/help/submit_a_ticket.php
https://www.mediafire.com/upgrade/?promo=1&et.phpdkey=dee0x8gd9lh&qkey=kfsfaocy6dzql61&ip=84.17.52.8
https://www.zendesk.com/product/tech-specs/
https://www.mediafire.com/login/
https://www.mediafire.com/upgrade/?promo=1&HFesk.com/hc/en-usrticles/206397
http://static.mediafire.com/images/icons/svg_dark/loading_indeterminate.svg
https://static.hotjar.com/c/hotjar-
https://www.certum.pl/CPS0
https://www.mediafire.
https://mediafire.zendesk.com/hc/en-usn
http://static.mediafire.com/images/icons/logotab.png
https://theme.zdassets.com/theme_assets/760805/a2aa66adf9b3e266ef73d7544d328f2a99e0ef7e.pngw
http://yandex.ocsp-responder.com03
https://www.mediafire.com/about/HFile
https://mediafire.zendesk.com/hc/en-us
http://static.mediafire.com/images/icons/svg_light/facebook.svg
https://www.hotjarconsent.com/sv.html
https://www.mediafire.com/index.phpHFile
http://www.mediafire.com/upgrade/
https://mediafire.zendesk.com/knowledge/community_settings?brand_id=362757
https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&
http://static.mediafire.com/images/icons/ico30/ico30-v9.png
http://www.mediafire.com/images/icons/myfiles/default.png
https://mediafire.zendesk.com/knowledge/search_settings?brand_id=362757
http://dbushell.com/
http://static.mediafire.com/js/master_121571.js
http://repository.certum.pl/ca.cer09
https://www.mediafire.com/upgrade/romo=1&b
http://www.mediafire.com/download_repair.php?flag=3&dkey=dee0x8gd9lh&qkey=kfsfaocy6dzql61&ip=84.17.5
https://mediafire.zendesk.com/hc/en-us/articles/206397938-How-do-I-upload-a-file-to-MediaFire-?mobil
http://static.mediafire.com/images/icons/svg_light/social_icons_sprite.svg
http://www.mediafire.com/upgrade
https://stats.g.doubleclick.net/j/collect
http://static.mediafire.com/images/icons/mysteryman.png
https://mediafire.zendesk.com/admin/billing/subscription
http://static.mediafire.com/images/backgrounds/newMyfiles/smArrow.png
http://www.reddit.com/
https://www.mediafire.cRoot
https://www.mediafire.com/upgrade/?promo=1&www.mediafire.com/favicon.ico
http://www.certum.pl/CPS0
http://static.mediafire.com/images/icons/dropdown-arrow-left-white.png
https://mediafire.zendesk.com
https://www.hotjarconsent.com/pl.html
https://www.hotjarconsent.com/fr.html
http://www.mediafire.com
http://www.mediafire.c
http://www.mediafire.com/favicon.ico~
https://mediafire.zendesk.com/knowledge/arrange?brand_id=362757
http://static.mediafire.com/images/backgrounds/header/mf_logo_u1_full_color.svg
https://www.mediafire.com
https://www.mediafire.com/m/hc/en-usticket.phpdkey=dee0x8gd9lh&qkey=kfsfaocy6dzql61&ip=84.17.52.80&r
http://mediafire.zendesk.com/
https://www.mediafire.com/HFile
http://www.mediafire.com/login/
https://www.mediafire.com/upgrade/?promo=1&
https://www.hotjarconsent.com/
https://www.hotjarconsent.com/el.html
https://www.mediafire.com/index.php

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\Cheque Copy.exe.log
ASCII text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{7ECE428D-BB38-11EA-AAE6-44C1B3FB757B}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{7ECE428F-BB38-11EA-AAE6-44C1B3FB757B}.dat
Microsoft Word Document
#
Click to see the 97 hidden entries
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{85DD40C2-BB38-11EA-AAE6-44C1B3FB757B}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-17529550060\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-18270793970\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-21706820\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-314712940\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-4759708130\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-6757900\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-8760897390\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20259167780\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20332743330\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin8215062560\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\r1ckxmj\imagestore.dat
data
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\10606547_10203695341201362_3420838222466724425_n[1].jpg
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 80x60, frames 3
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\542578585845936[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\9XACFQLR.htm
HTML document, ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\accPCWorld[1].jpg
[TIFF image data, little-endian, direntries=0], baseline, precision 8, 106x25, frames 3
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\accTechCrunch[1].jpg
[TIFF image data, little-endian, direntries=0], baseline, precision 8, 112x16, frames 3
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\anchor[1].htm
HTML document, ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\api[1].js
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\bframe[1].htm
HTML document, ASCII text
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\box-469cf41adb11dc78be68c1ae7f9457a4[1].htm
HTML document, ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\briefcase[1].png
PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\close[1].svg
SVG Scalable Vector Graphics image
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\cnet[1].svg
SVG Scalable Vector Graphics image
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\cross-icon_2x[1].png
PNG image data, 21 x 21, 4-bit colormap, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\dropdown-arrow-left-white[1].png
PNG image data, 7 x 7, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\entypo-3abe7740fe6a52bc50b230991f869092[1].eot
Embedded OpenType (EOT), entypo family
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\favicon[1].ico
MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 24x24, 8 bits/pixel
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\fbevents[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\fbevents[2].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\googlelogo_color_42x16dp[1].png
PNG image data, 42 x 16, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\hc_enduser-4b38d35086edff015f94f47c24f2657c[1].js
UTF-8 Unicode text, with very long lines, with NEL line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\ico30_reversed-v9[1].png
PNG image data, 2130 x 20, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\info_2x[1].png
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\jquery.min[1].js
HTML document, UTF-8 Unicode text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\js[1].js
UTF-8 Unicode text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\lifehacker[1].svg
SVG Scalable Vector Graphics image
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\loading_indeterminate[1].svg
SVG Scalable Vector Graphics image
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\memnYaGs126MiZpBA-UFUKW-U9hrIqU[1].woff
Web Open Font Format, TrueType, length 17788, version 1.1
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\memnYaGs126MiZpBA-UFUKWyV9hrIqU[1].woff
Web Open Font Format, TrueType, length 17668, version 1.1
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\mf_logo_u1_full_color[1].svg
SVG Scalable Vector Graphics image
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\mf_logo_u1_full_color_reversed[1].svg
SVG Scalable Vector Graphics image
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\mf_logo_u1_full_color_reversed[2].svg
SVG Scalable Vector Graphics image
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\mfv3_121571[1].css
UTF-8 Unicode text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\mfv4_121571[1].css
UTF-8 Unicode text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\mfv4_121571[2].css
UTF-8 Unicode text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\pf_direct_download[1].svg
SVG Scalable Vector Graphics image
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\rucksack_v2[1].png
PNG image data, 300 x 250, 8-bit colormap, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\script[1].js
ASCII text
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\sdk[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\share[1].svg
SVG Scalable Vector Graphics image
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\smArrow[1].png
PNG image data, 48 x 12, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\style[1].css
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\styles__ltr[1].css
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\submit_a_ticket[1].htm
ASCII text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\submit_a_ticket[2].htm
HTML document, ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\subscribe-7233a65d34ffe885877291083f63f1b2[1].js
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\tf_10gb[1].svg
SVG Scalable Vector Graphics image
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\tf_downloads[1].svg
SVG Scalable Vector Graphics image
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\tool-mobile[1].png
[TIFF image data, little-endian, direntries=0], baseline, precision 8, 220x125, frames 3
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\tr[1].gif
GIF image data, version 89a, 1 x 1
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\tr[2].gif
GIF image data, version 89a, 1 x 1
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\twitter[1].svg
SVG Scalable Vector Graphics image
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\undo_2x[1].png
PNG image data, 96 x 96, 8-bit gray+alpha, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\upgrade[1].htm
ASCII text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\upgrade[2].htm
HTML document, ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\upload[1].svg
SVG Scalable Vector Graphics image
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\vendors~subscribe-29bf8a0b2929c032b5c063d319a9b8f5[1].js
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\webworker[1].js
ASCII text, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\webworker[2].js
ASCII text, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KGYEP10B\206397938-How-do-I-upload-a-file-to-MediaFire-[1].htm
HTML document, UTF-8 Unicode text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KGYEP10B\542578585845936[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KGYEP10B\CM4GVFUI.htm
HTML document, ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KGYEP10B\a2aa66adf9b3e266ef73d7544d328f2a99e0ef7e[1].png
PNG image data, 16 x 16, 8-bit colormap, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KGYEP10B\accDoubleClick[1].jpg
[TIFF image data, little-endian, direntries=0], baseline, precision 8, 115x34, frames 3
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KGYEP10B\access[1].svg
SVG Scalable Vector Graphics image
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KGYEP10B\access_color[1].svg
SVG Scalable Vector Graphics image
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KGYEP10B\anchor[1].htm
HTML document, ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KGYEP10B\answerBot[1].js
UTF-8 Unicode text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KGYEP10B\api[1].js
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KGYEP10B\arrow_dropdown[1].svg
SVG Scalable Vector Graphics image
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KGYEP10B\basic-plan[1].svg
SVG Scalable Vector Graphics image
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KGYEP10B\blank[1].htm
HTML document, ASCII text, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KGYEP10B\blank[2].htm
HTML document, ASCII text, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KGYEP10B\blank[3].htm
HTML document, ASCII text, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KGYEP10B\check_circle_green[1].svg
SVG Scalable Vector Graphics image
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KGYEP10B\collaborate[1].svg
SVG Scalable Vector Graphics image
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KGYEP10B\css[1].css
ASCII text
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KGYEP10B\download_repair[1].htm
HTML document, ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KGYEP10B\dropdown-arrow-up-dark[1].png
PNG image data, 7 x 7, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KGYEP10B\dropdown-arrow[1].png
PNG image data, 7 x 7, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KGYEP10B\dropdown-arrow[2].png
PNG image data, 7 x 7, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\2NWC0UP7\www.mediafire[1].xml
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\4WARGAAR\www.google[1].xml
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\DR4TDOF4\mediafire.zendesk[1].xml
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\ZA21IYDR\vars.hotjar[1].xml
ASCII text, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\ZA21IYDR\www.mediafire[1].xml
ASCII text, with no line terminators
#