main.dll

Status: finished

Submission Time: 2020-08-17 18:54:47 +02:00

Malicious

Trojan

Evader

IcedID

Comments

Details

Analysis ID:
269501
API (Web) ID:
434217
Analysis Started:

2020-08-18 01:48:40 +02:00
Analysis Finished:

2020-08-18 01:55:46 +02:00
MD5:
4c6baad36c53dd23cadc70afc17039fe
SHA1:
4f93d77f0a775199a20fe78b8bdc5eb96db2515f
SHA256:
5dd46ffb36515bb87100f21b3da62c74a3734782af7dc32f83d51b73d5cdcc51
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
	Full Report Management Report IOC Report	malicious Score: 72	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

IPs

IP	Country	Detection
104.131.33.128	United States
104.244.42.195	United States
151.101.1.44	United States
Click to see the 1 hidden entries
104.20.185.68	United States

Domains

Name	IP	Detection
loadrome.directory	104.131.33.128
www.msn.com	0.0.0.0
corpredirect.intel.com	0.0.0.0
Click to see the 15 hidden entries
cvision.media.net	0.0.0.0
www.intel.ch	0.0.0.0
www.intel.com	0.0.0.0
help.twitter.com	0.0.0.0
web.vortex.data.msn.com	0.0.0.0
img.img-taboola.com	0.0.0.0
srtb.msn.com	0.0.0.0
contextual.media.net	23.54.113.52
www.oracle.com	0.0.0.0
support.oracle.com	0.0.0.0
geolocation.onetrust.com	104.20.185.68
lg3.media.net	23.54.113.52
hblg.media.net	23.54.113.52
s.twitter.com	104.244.42.195
tls13.taboola.map.fastly.net	151.101.1.44

URLs

Name	Detection
https://help.twitter.com/en/glossary
https://help.twitter.com/
http://ocsp.sectigo.com0
Click to see the 97 hidden entries
https://sp.booking.com/index.html?aid=1589774&label=dech-prime-hp-me
https://loadrome.directory/background.png
https://help.twitter.com/managing-your-account
http://www.msn.com/de-ch/homepage/api/modules/fetch"
https://www.skype.com/de
https://onedrive.live.com/?qt=mru;OneDrive-App
https://my.oracle.com
https://help.twitter.com/id
https://help.twitter.com=eU
https://help.twitter.com/ja
https://onedrive.live.com/?wt.mc_id=oo_msn_msnhomepage_header
https://help.twitter.com/it
https://help.twitter.com/en/rules-and-policies#twitter-rules
https://eeho.fa.us2.oraclecloud.com
https://support.oracle.com
https://help.twitter.com/hi
http://www.msn.com/de-ch
https://contextual.media.net/medianet.php?cid=8CU157172&crid=722878611&size=306x271&http
https://www.awin1.com/cread.php?awinmid=11518&awinaffid=696593&clickref=dech-edge-dhp-infopa
https://help.twitter.com/en/managing-your-account#notifications
https://schema.org
https://loadrome.directory/kn7
https://office.live.com/start/Excel.aspx?WT.mc_id=MSN_site;Sway
https://help.twitter.com/en/safety-and-security#sensitive-content
https://tcf.cookiepedia.co.uk
https://help.twitter.com/en/managing-your-account/how-to-add-a-phone-number-to-your-account
https://contextual.media.net/checksync.php?&vsSync=1&cs=1&hb=1&cv=37&ndec=1&cid=8HBI57XIG&prvid=77%2
https://platform.twitter.com/widgets.js
https://help.twitter.com/en/safety-and-security/account-security-tips
https://outlook.com/
https://help.twitter.com/en/rules-and-policies
http://schema.org
https://help.twitter.com/en/using-twitter
https://clk.tradedoubler.com/click?p=220135&a=3064090&url(https://www.lehner-versand.ch/?utm
https://help.twitter.com/en/using-twitter#using-periscope
https://clk.tradedoubler.com/click?p=295926&a=3064090
http://www.twitter.com/
https://twitter.com/intent/follow?user_id=17874544&screen_name=TwitterSupport
https://help.twitter.com/en/safety-and-security#spam-and-fake-accounts
https://careers.twitter.com/en.html
https://www.youtube.com/applesupport
https://twittercommunity.com/
https://www.onenote.com/notebooks?WT.mc_id=MSN_OneNote_QuickNote&auth=1
http://www.amazon.com/
https://twitter.com/logout
https://onedrive.live.com;OneDrive-App
http://www.hotmail.msn.com/pii/ReadOutlookEmail/
https://twitter.com/applesupport
https://www.onenote.com/notebooks?WT.mc_id=MSN_OneNote_Recent&auth=1&wdorigin=msn
https://help.twitter.com/enom4
http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt0#
https://www.msn.com/de-ch/news/other/die-brutalit%c3%a4t-der-polizei-hat-dabei-ein-niveau-erreicht-d
https://www.twitterflightschool.com/sl/382652bc
https://res-a.akamaihd.net/__media__/pics/8000/72/941/fallback1.jpg
https://help.twitter.com/en/using-twitter#adding-content-to-your-tweet
https://help.twitter.com/gu
https://business.twitter.com/en/advertising.html
https://business.twitter.com/en/analytics.html
https://help.twitter.com/fi
https://clkde.tradedoubler.com/click?p=220135&a=3064090&g=24798744
https://autovermietung.msn.com/de-ch/autovermietung
https://help.twitter.com/using-twitter
https://help.twitter.com/fa
https://about.twitter.com/en_us/company.html
https://www.msn.com/de-ch/news/other/eine-verlorene-generation-wegen-corona-das-ist-k%c3%a4se-man-we
https://marketing.twitter.com/na/en/collections.html
https://onedrive.live.com;Fotos
https://s2.go-mpulse.net/boomerang/
https://help.twitter.com/en/managing-your-account#login-and-password
https://help.twitter.com/fr
https://help.twitter.com/en/managing-your-account/notifications-on-mobile-devices
http://searchads.msn.net/.cfm?&&kp=1&
http://www.reddit.com/
https://marketing.twitter.com/na/en/solutions.html
https://fluege.msn.com/de-ch/flugsuche
https://help.twitter.com/he
https://www.skype.com/go/onedrivepromo.download?cm_mmc=MSFT_2390_MSN-com
https://amzn.to/2TTxhNg
https://static.oracle.com/cdn/jet/v6.2.0/default/css/alta/oj-alta-min.css
https://help.twitter.com/en/managing-your-account#verified-accounts
https://help.twitter.com/hr
https://help.twitter.com
https://help.twitter.com/hu
https://sp.booking.com/index.html?aid=1589774&label=travelnavlink
https://help.twitter.com/en/using-twitter/tweeting-gifs-and-pictures
http://www.intel.com/content/www/de/de/homepage.html
https://www.office.com/?omkt=de-ch%26WT.mc_id=MSN_site
https://help.twitter.com/en/twitter-guide
https://business.twitter.com/en/help.html
https://help.twitter.com/en/a-safer-twitter
https://www.wikidata.org/wiki/Q65129345
https://cdn.cms-twdigitalassets.com
https://help.twitter.com/en/rules
http://clkuk.tradedoubler.com/click?p(245744)a(3064090)g(21928104)url(https://store.hp.com/Switzerla
https://dev.twitter.com/
http://jet.us.oracle.com/css/samples/site/demo-alta-site-min.css
https://help.twitter.com/en/managing-your-account

Dropped files

Name	File Type	Hashes
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\BB184qCE[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 310x166, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\4996b9[1].woff	Web Open Font Format, TrueType, length 45633, version 1.0	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\39ab3103-8560-4a55-bfc4-401f897cf6f2[1].jpg	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, frames 3	#
Click to see the 97 hidden entries
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\nrrV29328[1].js	ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\fcmain[1].js	HTML document, ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\e151e5[1].gif	GIF image data, version 89a, 1 x 1	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\de-ch[1].json	UTF-8 Unicode text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\checksync[2].htm	HTML document, ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\checksync[1].htm	HTML document, ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\BBK9Hzy[1].png	PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\BBIbTiS[1].png	PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\BB1kKVy[1].png	PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\BB184rFP[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 311x333, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\AA3DGHW[1].png	PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\BB184oSE[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 311x333, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\BB184nvX[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 311x333, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\BB184niW[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 310x166, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\BB184m8I[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 310x166, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\BB184jEg[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 311x333, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\BB18481d[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 311x333, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\BB1847lT[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 311x333, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\BB1846CP[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 206x250, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\BB183kEq[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 311x333, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\BB183Q3A[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 206x250, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\BB18399g[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 206x250, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\BB184mVT[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 311x333, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\otPcCenter[1].json	ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\otFlat[1].json	ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\otBannerSdk[1].js	ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\fcmain[1].js	HTML document, ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\checksync[2].htm	HTML document, ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\checksync[1].htm	HTML document, ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\a5ea21[1].ico	PNG image data, 32 x 32, 8-bit/color RGB, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\BBnYSFZ[1].png	PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\BBZ3zrM[1].png	PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\BBXXVfm[1].png	PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\BBRUB0d[1].png	PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\BB7hjL[1].png	PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\BB181KRz[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 206x250, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\BB184alv[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 311x333, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\BB18482u[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 311x333, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\BB183V55[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 311x333, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\BB183V1t[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 100x75, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\BB183JOF[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 206x250, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\BB183IBf[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 311x333, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\BB183ECL[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 311x333, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\BB181dlg[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 100x75, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\BB15AQNm[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 192x192, segment length 16, baseline, precision 8, 622x368, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\BB14EN7h[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 192x192, segment length 16, baseline, precision 8, 622x368, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\AAuTnto[1].png	PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-8760897390\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\BB1835zV[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 100x75, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\BB1819dN[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 622x368, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\BB1815il[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 100x75, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\BB16g6qc[1].png	PNG image data, 27 x 27, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\BB15nooa[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 622x368, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\AAyuliQ[1].png	PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\85-0f8009-68ddb2ab[1].js	UTF-8 Unicode text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\58-acd805-185735b[1].css	UTF-8 Unicode text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\po60zt0\imagestore.dat	data	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin8215062560\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20332743330\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20259167780\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\BB183W4N[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 310x166, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-6757900\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-4759708130\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-21706820\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-18270793970\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-17529550060\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{BD88C8D7-E12F-11EA-90E0-ECF4BB82F7E0}.dat	Microsoft Word Document	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{BD88C8D6-E12F-11EA-90E0-ECF4BB82F7E0}.dat	Microsoft Word Document	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{BD88C8D4-E12F-11EA-90E0-ECF4BB82F7E0}.dat	Microsoft Word Document	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\SDTINV94\contextual.media[1].xml	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\E3E4YBCO\www.msn[1].xml	ASCII text, with no line terminators	#
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506	data	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\BBVuddh[1].png	PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\BB15OFL1[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 622x368, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\AAkqhIf[1].png	PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\87e5c478-82d7-43e3-8254-594bbfda55c7[1].jpg	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\41-0bee62-68ddb2ab[1].js	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\otTCF-ie[1].js	UTF-8 Unicode text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\medianet[1].htm	HTML document, ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\jquery-2.1.1.min[1].js	ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\de-ch[1].htm	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\auction[1].htm	HTML document, ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\BBZOSUK[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 206x250, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\BBY7ARN[1].png	PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\BBX2afX[1].png	PNG image data, 27 x 27, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506	Microsoft Cabinet archive data, 58139 bytes, 1 file	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\BBUE92F[1].png	PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\BBPfCZL[1].png	GIF image data, version 89a, 50 x 50	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\BBOLLMj[1].png	PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\BB7gRE[1].png	PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\BB184uMK[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 206x250, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\BB184rqW[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 206x250, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\BB184kRW[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 206x250, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\BB1849Zd[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 310x166, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\BB1847L1[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 311x333, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\BB1841S8[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 206x250, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\BB183zxN[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 300x250, frames 3	#

main.dll

Comments

Tags

Available tags:

Details

Joe Sandbox

IPs

Domains

URLs

Dropped files

main.dll Options

Comments

Tags

Available tags:

Details

Joe Sandbox

IPs

Domains

URLs

Dropped files

Search started

main.dll