5f291381b8e10png.dll

Status: finished

Submission Time: 2020-08-04 13:43:24 +02:00

Malicious

E-Banking Trojan

Trojan

Ursnif

Comments

Details

Analysis ID:
256787
API (Web) ID:
409103
Analysis Started:

2020-08-04 13:45:42 +02:00
Analysis Finished:

2020-08-04 13:55:09 +02:00
MD5:
db8d72d2685bbd557f5e878124f31525
SHA1:
3047fe75de9b0137b1a2813d25665aa8b51b0efe
SHA256:
34fd926b213a1c5726124dff74dbf69c731f8e823168d17cc1c9448501ed314f
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
	Full Report Management Report IOC Report	malicious Score: 76	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

IPs

IP	Country	Detection
151.101.1.44	United States
216.58.214.194	United States
205.185.208.79	United States
Click to see the 14 hidden entries
205.185.208.142	United States
35.190.86.63	United States
67.43.239.172	Canada
18.156.0.31	United States
216.18.168.166	United States
89.187.169.37	Czech Republic
66.254.114.238	United States
172.253.120.154	United States
52.59.102.119	United States
172.217.18.67	United States
66.254.114.32	United States
64.210.135.70	United States
66.254.114.38	United States
35.244.245.222	United States

Domains

Name	IP	Detection
web.vortex.data.msn.com	0.0.0.0
www.google.ch	172.217.18.67
vip0x08e.ssl.rncdn5.com	205.185.208.142
Click to see the 40 hidden entries
www.microsoftstore.com	0.0.0.0
srtb.msn.com	0.0.0.0
hw-cdn2.adtng.com	0.0.0.0
www.redtube.com	0.0.0.0
ups.analytics.yahoo.com	0.0.0.0
img.img-taboola.com	0.0.0.0
assets.onestore.ms	0.0.0.0
stats.g.doubleclick.net	0.0.0.0
prod.ups-ats.eu-central-1.aolp-ds-prd.aws.oath.cloud	18.156.0.31
ht.redtube.com	0.0.0.0
cm.g.doubleclick.net	0.0.0.0
pixel.advertising.com	0.0.0.0
static.trafficjunky.com	0.0.0.0
www.msn.com	0.0.0.0
vz-cdn2.adtng.com	0.0.0.0
cdn1d-static-shared.phncdn.com	0.0.0.0
mem.gfx.ms	0.0.0.0
ei.rdtcdn.com	0.0.0.0
cvision.media.net	0.0.0.0
asf-ris-prod-neurope.northeurope.cloudapp.azure.com	168.63.67.155
tls13.taboola.map.fastly.net	151.101.1.44
stats.l.doubleclick.net	172.253.120.154
prod.ups-eu-central-1.aolp-ds-prd.aws.oath.cloud	52.59.102.119
microsoftwindows.112.2o7.net	15.236.9.100
redtube.com	66.254.114.238
contextual.media.net	23.54.113.52
cs.media.net	23.54.113.52
vip0x04f.ssl.rncdn5.com	205.185.208.79
hubtraffic.com	66.254.114.32
adiktivebanners.com	35.190.86.63
adiktivebanners.b-cdn.net	89.187.169.37
statoffbal.com	67.43.239.172
pagead.l.doubleclick.net	216.58.214.194
hblg.media.net	23.54.113.52
ei.rdtcdn.com.sds.rncdn7.com	64.210.135.70
a.adtng.com	216.18.168.166
lg3.media.net	23.54.113.52
ads.trafficjunky.net	66.254.114.38
cs2178.wpc.rncdn4.com	152.199.21.187
id.rlcdn.com	35.244.245.222

URLs

Name	Detection
https://di.rdtcdn.com/m=eah-8f/media/videos/202007/23/34395981/original/10.jpg
https://www.nextroll.com/privacy
http://www.turboadv.com/white-rabbit-privacy-policy/
Click to see the 97 hidden entries
http://www.msn.com/de-ch/homepage/api/modules/fetch"
https://cdn1d-static-shared.phncdn.com/timings-1.0.0.js
https://collector.brandmetrics.com/brandmetrics_privacypolicy.pdf
https://de.redtube.com/
https://www.marfeel.com/privacy-policy/
https://www.bidtellect.com/privacy-policy/
https://ei.rdtcdn.com/m=eah-8f/media/videos/201908/13/20344081/original/14.jpg
https://anzu.io/privacy/
https://ci-ph.rdtcdn.com/videos/202007/29/337501651/original/(m=eGJF8f)(mh=aO3GIkgzsIqkJPQK)0.jpg
https://pexi.nl/privacy-policy/
https://jp.redtube.com/
https://www.iotecglobal.com/privacy-policy/
https://www.mrpfd.com/privacy-policy/
https://ei.rdtcdn.com/m=bIaMwLVg5p/media/videos/201811/28/11908801/original/1.webp
https://sanoma.fi/tietoa-meista/tietosuoja/
https://ei.rdtcdn.com/www-static/cdn_files/redtube/js/generated/pc/video-index.js?v=562bcfa9d6c5e568
http://statoffbal.com/images/sWocaGXXEzTF8HK/YB6KvQyOPnhI_2B_2B/cgsYgdObK/ZcFbFZCyMThoCresynCm/0I4irYyL5RY53BS2rFt/wItGQF8O4Tmz1BucDH4Hpm/NziJELGaXBCGL/dDizO9RK/wiPDZ73LhsrLhJZU6Wa79ZW/APSVCoC.avi
https://www.sift.co/privacy
https://permodo.com/de/privacy.html
https://ei.rdtcdn.com/m=bIijsHVg5p/media/videos/201608/05/1673820/original/14.webp
https://www.etahub.com/trackn?app_id=
https://ei.rdtcdn.com/m=bIa44NVg5p/media/videos/201811/28/11908801/original/1.webp
https://ci-ph.rdtcdn.com/videos/202007/29/337501651/original/(m=bIa44NVg5p)(mh=WwXLv8918ePffhzk)0.we
https://www.doubleverify.com/privacy/
https://www.businessclick.com/documents/RegulaminProgramuBusinessClick-2019.pdf
https://www.ad6media.fr/privacy
https://www.oan.pl/en/privacy-policy
https://www.beeswax.com/privacy/
https://di.rdtcdn.com/m=eGJF8f/media/videos/202007/25/34449691/original/
https://viralize.com/privacy-policy
https://www.bannerflow.com/privacy
https://clk.tradedoubler.com/click?p=220135&a=3064090&url(https://www.lehner-versand.ch/?utm
https://office.live.com/start/Excel.aspx?WT.mc_id=MSN_site;Sway
http://www.twitter.com/
https://somoaudience.com/legal/
https://di.rdtcdn.com/m=bIa44NVg5p/media/videos/202007/23/34395981/original/10.webp
https://ei.rdtcdn.com/m=ejrk8f/media/videos/201611/02/1792936/original/15.jpg
https://di.rdtcdn.com/m=eGJF8f/media/videos/202007/01/33439011/original/
http://www.bucksense.com/platform-privacy-policy/
https://www.smartology.net/privacy-policy/
https://onedrive.live.com;OneDrive-App
https://ei.rdtcdn.com/m=bIijsHVg5p/media/videos/201612/19/1878103/original/15.webp
https://onedrive.live.com/?wt.mc_id=oo_msn_msnhomepage_header
https://ci-ph.rdtcdn.com/videos/202007/25/336081562/original/(m=bIa44NVg5p)(mh=FMcI3LW99Q4h14bM)0.we
https://www.vistohub.com/privacy-policy/
https://impressiondesk.com/privacy-policy/
https://www.msn.com/de-ch/news/other/gc-debakel-gegen-winterthur-vaduz-darf-in-die-barrage/ar-BB17tn
https://di.rdtcdn.com/m=eGJF8f/media/videos/202007/23/34395981/original/10.jpg
https://www.onenote.com/notebooks?WT.mc_id=MSN_OneNote_Recent&auth=1&wdorigin=msn
https://www.thetradedesk.com/general/privacy-policy
https://dugout.com/privacy-policy
https://res-a.akamaihd.net/__media__/pics/8000/72/941/fallback1.jpg
https://www.aerserv.com/privacy-policy/
https://ei.rdtcdn.com/m=eGJF8f/media/videos/201811/19/11820191/original/12.jpg
https://ei.rdtcdn.com/www-static/cdn_files/redtube/images/pc/category/amateur_001.jpg
https://www.exactag.com/en/data-privacy/
https://www.redtube.com/?page=2
https://ew.rdtcdn.com/media/videos/202007/31/34661531/360P_360K_34661531_fb.mp4
https://clkde.tradedoubler.com/click?p=220135&a=3064090&g=24798744
https://ei.rdtcdn.com/m=bIijsHVg5p/media/videos/201707/25/2302108/original/4.webp
https://www.sunmedia.tv/en/cookies
https://www.emodoinc.com/privacy-policy/
https://di.rdtcdn.com/m=bIa44NVg5p/media/videos/202007/31/34661531/original/15.webp
https://www.goldenbees.fr/en/privacy-charter/
https://di.rdtcdn.com/m=eGJF8f/media/videos/202007/25/34453831/original/5.jpg
https://onedrive.live.com/about/fr-ch/
https://www.vuble.tv/us/privacy
http://scenestealer.tv/privacy-policy/
https://www.alliancegravity.com/politiquedeprotectiondesdonneespersonnelles
https://di.rdtcdn.com/m=eah-8f/media/videos/201811/19/11820191/original/12.jpg
https://di.rdtcdn.com/m=eGJF8f/media/videos/202007/16/34055211/original/
http://readpeak.com/privacy-policy/
https://products.office.com/fr-ch/academic/compare-office-365-education-plans
https://converge-digital.com/privacy-policy/
https://static.trafficjunky.com/invocation/embeddedads/
https://amzn.to/2TTxhNg
https://di.rdtcdn.com/m=eGJF8f/media/videos/201903/29/15310171/original/
https://ci-ph.rdtcdn.com/m=bIWpYLVg5p/pics/pornstars/000/254/071/thumb_1503681.webp
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/countries/EU?callback
https://ei.rdtcdn.com/m=ejrk8f/media/videos/201511/25/1375165/original/14.jpg
https://www.mobsuccess.com/en/privacy
https://ei.rdtcdn.com/m=eW0Q8f/media/videos/202007/24/34445881/original/8.jpg
https://en.betweenx.com/pdata.pdf
https://www.iponweb.com/privacy-policy/
https://public.arcspire.io/privacy.pdf
http://gobrowsi.com/browsi-privacy-policy/
https://nexd.com/privacy-policy
https://ei.rdtcdn.com/m=eGJF8f/media/videos/201908/13/20344081/original/
https://www.statsperform.com/privacy-policy/
https://www.improvedigital.com/platform-privacy-policy
https://www.office.com/?omkt=de-ch%26WT.mc_id=MSN_site
https://www.keymantics.com/assets/privacy-policy.pdf
https://trg.de/datenschutzerklarung/
https://www.iubenda.com/privacy-policy/69056167/full-legal
http://www.skaze.fr/rgpd/
https://www.cpex.cz/pro-uzivatele/ochrana-soukromi/
https://dv-ph.rdtcdn.com/videos/202007/28/337069031/360P_360K_337069031_fb.mp4?ttl=1596545289&ri

Dropped files

Name	File Type	Hashes
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\nrrV38584[1].js	ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\85-0f8009-68ddb2ab[1].js	UTF-8 Unicode text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\5a9f9a2b-8e64-4961-b3e5-fd11cf345b01[1].jpg	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, frames 3	#
Click to see the 97 hidden entries
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\4996b9[1].woff	Web Open Font Format, TrueType, length 45633, version 1.0	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\41-0bee62-68ddb2ab[1].js	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\3622[1].gif	GIF image data, version 89a, 950 x 250	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\1e-fd610f[1].js	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\15[1].jpg	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 304x171, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\12[1].jpg	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 304x171, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\12-b98955[1].css	UTF-8 Unicode (with BOM) text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\twitter[1].png	PNG image data, 32 x 32, 8-bit/color RGB, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\rt_font[1].eot	Embedded OpenType (EOT), rt_font family	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\onetrustConsent[1].js	UTF-8 Unicode text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\946133_video[1].mp4	ISO Media, MP4 Base Media v1 [IS0 14496-12:2003]	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\mg_utils-2.0.0[1].js	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\meCore.min[1].js	ASCII text, with very long lines, with CRLF, LF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\linkedin[1].png	PNG image data, 32 x 32, 8-bit/color RGB, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\jquery-2.1.3.min[1].js	ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\jquery-2.1.1.min[1].js	ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\favicon[1].png	PNG image data, 192 x 192, 8-bit/color RGBA, interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\f007ea34-4c9b-4c58-87de-1743b9a6eb70[1].jpg	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\default-redtube_logged_out[1].js	HTML document, ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\default-redtube_logged_out[1].css	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\default-redtube[1].js	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\default-redtube[1].css	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\BB17y3Eh[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 240x240, segment length 16, baseline, precision 8, 310x166, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\cksync[1].gif	data	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\TFJ_CH_Web_950x250_Ani_Main_RT_Foot[1].htm	HTML document, ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\RE4tj4A[1].wdp	JPEG-XR	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\RE4pxBu[1].png	PNG image data, 40 x 40, 8-bit gray+alpha, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\BBkwUr[1].png	PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\BBi9ul[1].png	PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\BBZhOm9[1].png	PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\BBXXVfm[1].png	PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\BBUE92F[1].png	PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\BB7hg4[1].png	PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\BB5kTiV[1].png	PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\BB17y4sa[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 311x333, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\de-ch[1].htm	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\BB17xqsA[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 310x166, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\BB17xaZZ[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 310x166, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\BB17xSR1[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 311x333, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\BB17xKxs[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 310x166, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\BB17xJxO[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 311x333, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\BB17xHd5[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 300x250, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\BB17xBrg[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 311x333, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\BB17wvOJ[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 206x250, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\BB17vzpf[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 240x240, segment length 16, baseline, precision 8, 310x166, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\BB15nooa[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 622x368, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\BB10MkbM[1].png	PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-4759708130\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\AAzb5EX[1].png	PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\946133_logo[1].png	PNG image data, 315 x 300, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\58-acd805-185735b[1].css	UTF-8 Unicode text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\12[1].jpg	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 304x171, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\10[1].jpg	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 304x171, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\History\History.IE5\mms\FOMDO8YM\946133_video[1].dat	data	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\dikxvqf\imagestore.dat	data	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin8215062560\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20332743330\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20259167780\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-8760897390\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-6757900\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\AAzjSw3[1].png	PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-314712940\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-21706820\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-18270793970\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-17529550060\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{DB65F898-D693-11EA-90E0-ECF4BB570DC9}.dat	Microsoft Word Document	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{CCCE6678-D693-11EA-90E0-ECF4BB570DC9}.dat	Microsoft Word Document	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{BEB9476B-D693-11EA-90E0-ECF4BB570DC9}.dat	Microsoft Word Document	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{957D7653-D693-11EA-90E0-ECF4BB570DC9}.dat	Microsoft Word Document	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{957D7651-D693-11EA-90E0-ECF4BB570DC9}.dat	Microsoft Word Document	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\LBUPE49C\www.redtube[1].xml	ASCII text, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\G4PQZ8N8\www.msn[1].xml	ASCII text, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\BB7gRE[1].png	PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\checksync[2].htm	HTML document, ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\checksync[1].htm	HTML document, ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\cartcount[1].htm	HTML document, ASCII text, with CRLF, LF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\a8a064[1].gif	GIF image data, version 89a, 28 x 28	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\RE4wLDo[1].wdp	JPEG-XR	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\RE4u5ku[1].wdp	JPEG-XR	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\RE4rriw[1].png	PNG image data, 40 x 40, 8-bit colormap, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\RE4CFyx[1].wdp	JPEG-XR	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\RE1Mu3b[1].png	PNG image data, 216 x 46, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\BBnYSFZ[1].png	PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\BBVuddh[1].png	PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\BBO5Geh[1].png	PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\4JXJPDK5\contextual.media[1].xml	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\BB17y2EQ[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 310x166, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\BB17xXZk[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 310x166, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\BB17xW3B[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 206x250, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\BB17xOme[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 300x250, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\BB17xMGr[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 100x75, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\BB17x83K[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 100x75, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\BB17wsXK[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 622x368, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\BB17w0Gl[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 206x250, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\BB17vELR[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 150x150, segment length 16, baseline, precision 8, 311x333, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\BB17uXBS[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 622x368, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\BB17uOFK[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 311x333, frames 3	#

5f291381b8e10png.dll

Comments

Tags

Available tags:

Details

Joe Sandbox

IPs

Domains

URLs

Dropped files

5f291381b8e10png.dll Options

Comments

Tags

Available tags:

Details

Joe Sandbox

IPs

Domains

URLs

Dropped files

Search started

5f291381b8e10png.dll