IOCReport

loading gif

Files

File Path
Type
Category
Malicious
MGrYFpGLQ7.dll
MS-DOS executable, MZ for MS-DOS
initial sample
malicious
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\DURNCK2N\www.msn[2].xml
ASCII text, with no line terminators
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\QALADACS\contextual.media[1].xml
ASCII text, with very long lines, with no line terminators
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{97212EC2-1265-11EC-90E5-ECF4BB570DC9}.dat
Microsoft Word Document
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{97212EC4-1265-11EC-90E5-ECF4BB570DC9}.dat
Microsoft Word Document
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{97212EC6-1265-11EC-90E5-ECF4BB570DC9}.dat
Microsoft Word Document
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{97212EC8-1265-11EC-90E5-ECF4BB570DC9}.dat
Microsoft Word Document
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{9D2B8B4E-1265-11EC-90E5-ECF4BB570DC9}.dat
Microsoft Word Document
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{9D2B8B50-1265-11EC-90E5-ECF4BB570DC9}.dat
Microsoft Word Document
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{A40F3351-1265-11EC-90E5-ECF4BB570DC9}.dat
Microsoft Word Document
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{A40F3353-1265-11EC-90E5-ECF4BB570DC9}.dat
Microsoft Word Document
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{A40F3355-1265-11EC-90E5-ECF4BB570DC9}.dat
Microsoft Word Document
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{A40F3357-1265-11EC-90E5-ECF4BB570DC9}.dat
Microsoft Word Document
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{ABDA8A67-1265-11EC-90E5-ECF4BB570DC9}.dat
Microsoft Word Document
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{ABDA8A69-1265-11EC-90E5-ECF4BB570DC9}.dat
Microsoft Word Document
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{ABDA8A6A-1265-11EC-90E5-ECF4BB570DC9}.dat
Microsoft Word Document
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{ABDA8A6C-1265-11EC-90E5-ECF4BB570DC9}.dat
Microsoft Word Document
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{ABDA8A6E-1265-11EC-90E5-ECF4BB570DC9}.dat
Microsoft Word Document
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{B2D93678-1265-11EC-90E5-ECF4BB570DC9}.dat
Microsoft Word Document
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{B2D9367B-1265-11EC-90E5-ECF4BB570DC9}.dat
Microsoft Word Document
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{B2D9367C-1265-11EC-90E5-ECF4BB570DC9}.dat
Microsoft Word Document
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{B2D9367E-1265-11EC-90E5-ECF4BB570DC9}.dat
Microsoft Word Document
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{C376A120-1265-11EC-90E5-ECF4BB570DC9}.dat
Microsoft Word Document
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{C376A122-1265-11EC-90E5-ECF4BB570DC9}.dat
Microsoft Word Document
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{D67A7CCD-1265-11EC-90E5-ECF4BB570DC9}.dat
Microsoft Word Document
modified
clean
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\dikxvqf\imagestore.dat
data
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\17-361657-68ddb2ab[1].js
ASCII text, with very long lines, with no line terminators
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\264bf325-c7e4-4939-8912-2424a7abe532[1].jpg
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, frames 3
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\2d-0e97d4-185735b[1].css
UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\52-478955-68ddb2ab[1].js
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\AAKp8YX[1].png
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\AAMqFmF[1].png
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\AANT3y4[1].jpg
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 622x368, frames 3
modified
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\AANg50h[1].jpg
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 622x368, frames 3
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\AANg9R8[1].jpg
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 622x368, frames 3
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\AAOfZRW[1].jpg
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 100x75, frames 3
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\AAOgLtL[1].jpg
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 311x333, frames 3
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\AAOgbmq[1].jpg
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 206x250, frames 3
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\AAOggwL[1].jpg
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 206x250, frames 3
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\AAOguTA[1].jpg
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 206x250, frames 3
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\AAuTnto[1].png
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\AAud6Gv[1].png
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\BB15AQNm[1].jpg
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 622x368, frames 3
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\BB1fdtSt[1].png
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\BB7hg4[1].png
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\BB7hjL[1].png
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\BBK9Hzy[1].png
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\BBX2afX[2].png
PNG image data, 27 x 27, 8-bit/color RGBA, non-interlaced
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\BBY7ARN[1].png
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\BBkwUr[1].png
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\NewErrorPageTemplate[1]
UTF-8 Unicode (with BOM) text, with CRLF line terminators
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\NewErrorPageTemplate[2]
UTF-8 Unicode (with BOM) text, with CRLF line terminators
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\dnserror[1]
HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\dnserror[2]
HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\down[1]
PNG image data, 15 x 15, 8-bit colormap, non-interlaced
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\errorPageStrings[1]
UTF-8 Unicode (with BOM) text, with CRLF line terminators
dropped
clean