top title background image
flash

my_presentation_82772.vbs

Status: finished
Submission Time: 2020-10-19 22:38:13 +02:00
Malicious
E-Banking Trojan
Trojan
Evader
Ursnif

Comments

Tags

Details

  • Analysis ID:
    300445
  • API (Web) ID:
    495991
  • Analysis Started:
    2020-10-19 22:38:14 +02:00
  • Analysis Finished:
    2020-10-19 23:00:41 +02:00
  • MD5:
    b66f56cfd513d83372e7de96f51105ec
  • SHA1:
    438df445d470c7de2799cb69ec56dffd543cc188
  • SHA256:
    dc861a54aee0656fee07c68772ea9bd07dc9ba10dc40754a1b004a0893dc94b7
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
malicious
malicious
Score: 100
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

malicious
Score: 14/60
malicious
Score: 11/38
malicious
Score: 17/29
malicious

IPs

IP Country Detection
47.241.19.44
United States

Domains

Name IP Detection
api10.laptok.at
47.241.19.44

URLs

Name Detection
http://api10.laptok.at/api1/MdyWX3S0/o_2FoofFF4v98NPn7uRIOuV/BCm66xS4a_/2Bi0zwKFsxgYR8qzA/2WTt6AMYwo
http://api10.laptok.at/api1/jtBw40bwvt54/46EiIvzuc7d/7wgMZB_2B0oBNc/m6rVdfLxJfVo91day1b_2/FPWXN1p9uM
http://api10.laptok.at/api1/jtBw40bwvt54/46EiIvzuc7d/7wgMZB_2B0oBNc/m6rVdfLxJfVo91day1b_2/FPWXN
Click to see the 97 hidden entries
http://api10.laptok.at/api1/O3l2y_2F_2FzEJHzxN/PII7DR7lW/HX3JkArpuWefn5PpuE7i/m1MF9HdKxs2TQUfbPnE/cR
http://api10.laptok.at/api1/MdyWX3S0/o_2FoofFF4v98NPn7uRIOuV/BCm66xS4a_/2Bi0zwKFsxgYR8qzA/2WTt6AMYwoqz/9dXkffzvw8f/33S_2FWp88ZeBd/SDAtt4vr046aUMcSTCgEa/mbbYxnrYMWYsl6Jk/cTmXqe7Uzr2AtEv/QNwIo6JrysixHw6Y3e/2yF4tzrhd/jYQ5Ley6MD7DZlsq1xHk/d2v36NwYj8XJWbxKloP/IjhOf76Fn9Wm75k1Ov5dPH/QMZk22I_2FrRw/3pA2u6q1/TO3z_0A_0DNIuZFdF5IxEuo/Isdl3FNsZN/HW0LqRZcvJZTysDAo/kWyJ7d_2F2eP/nU4f04MEzervczx/pPv
http://https://file://USER.ID%lu.exe/upd
http://uk.search.yahoo.com/
http://google.pchome.com.tw/
http://espanol.search.yahoo.com/
http://www.ozu.es/favicon.ico
http://search.sify.com/
http://openimage.interpark.com/interpark.ico
http://search.yahoo.co.jp/favicon.ico
http://search.ebay.com/
http://www.gmarket.co.kr/
http://www.founder.com.cn/cn/bThe
http://search.nifty.com/
http://www.rambler.ru/favicon.ico
http://list.taobao.com/browse/search_visual.htm?n=15&q=
http://suche.t-online.de/
http://browse.guardian.co.uk/favicon.ico
http://www.pchome.com.tw/favicon.ico
http://busca.buscape.com.br/favicon.ico
http://sads.myspace.com/
http://www.amazon.de/
http://www.ceneo.pl/
http://search.auction.co.kr/
http://www.google.it/
http://www.cjmall.com/
http://search.yahoo.co.jp
http://search.interpark.com/
http://suche.freenet.de/favicon.ico
http://search.seznam.cz/favicon.ico
http://cgi.search.biglobe.ne.jp/
http://www.tesco.com/
http://www.iask.com/
http://search.orange.co.uk/favicon.ico
http://fontfabrik.com
http://www.typography.netD
http://buscador.terra.es/
http://www.target.com/
http://searchresults.news.com.au/
http://auto.search.msn.com/response.asp?MT=
http://cnweb.search.live.com/results.aspx?q=
http://busca.orange.es/
http://www.asharqalawsat.com/
http://images.joins.com/ui_c/fvc_joins.ico
http://search.ebay.it/
http://www.univision.com/
http://www.soso.com/
http://www.google.cz/
http://www.google.si/
http://www.sogou.com/favicon.ico
http://msk.afisha.ru/
http://%s.com
http://www.galapagosdesign.com/DPlease
http://image.excite.co.jp/jp/favicon/lep.ico
http://search.ebay.in/
http://img.shopzilla.com/shopzilla/shopzilla.ico
http://in.search.yahoo.com/
http://rover.ebay.com
http://fr.search.yahoo.com/
http://asp.usatoday.com/
http://www.fontbureau.com/designers
http://www.zhongyicts.com.cn
http://constitution.org/usdeclar.txtC:
http://search.yahoo.com/favicon.ico
http://buscar.ya.com/
http://www3.fnac.com/favicon.ico
http://www.dailymail.co.uk/
http://www.nifty.com/favicon.ico
http://www.rambler.ru/
http://www.mtv.com/
http://search.ebay.de/
http://www.merlin.com.pl/favicon.ico
http://www.mercadolivre.com.br/
http://search.naver.com/favicon.ico
http://search.centrum.cz/
http://search.chol.com/favicon.ico
http://www.priceminister.com/favicon.ico
http://www.ask.com/
http://www.microsofttranslator.com/BVPrev.aspx?ref=IE8Activity
http://busca.igbusca.com.br/
http://search.about.com/
http://kr.search.yahoo.com/
http://buscar.ozu.es/
http://www.clarin.com/favicon.ico
http://search.msn.co.jp/results.aspx?q=
http://www.carterandcone.coml
http://search.daum.net/
http://www.abril.com.br/favicon.ico
http://cgi.search.biglobe.ne.jp/favicon.ico
http://search.hanafos.com/favicon.ico
http://www.google.ru/
http://search.naver.com/
http://it.search.dada.net/favicon.ico
http://www.etmall.com.tw/favicon.ico
http://www.ya.com/favicon.ico
http://search.rediff.com/
http://busca.igbusca.com.br//app/static/images/favicon.ico

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\Microsoft_XboxApp_8wekyb3d8bbwe!Microsoft_XboxApp
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}_SnippingTool_exe
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}_RecoveryDrive_exe
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
Click to see the 97 hidden entries
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}_MdSched_exe
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\zn=BV5!!!!!!!!!MKKSkWxpFiles_
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\zn=BV5!!!!!!!!!MKKSkSetLanguageFiles_
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\windows_immersivecontrolpanel_cw5n1h2txyewy!microsoft_windows_immersivecontrolpanel
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\microsoft_windowscommunicationsapps_8wekyb3d8bbwe!microsoft_windowslive_mail
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\microsoft_windowscommunicationsapps_8wekyb3d8bbwe!microsoft_windowslive_calendar
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\https___java_com_help
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\https___java_com_
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\Microsoft_ZuneVideo_8wekyb3d8bbwe!Microsoft_ZuneVideo
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\Microsoft_ZuneMusic_8wekyb3d8bbwe!Microsoft_ZuneMusic
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}_WFS_exe
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\Microsoft_Windows_Shell_RunDialog
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\Microsoft_Windows_SecHealthUI_cw5n1h2txyewy!SecHealthUI
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\Microsoft_Windows_RemoteDesktop
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\Microsoft_Windows_Photos_8wekyb3d8bbwe!App
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\Microsoft_Windows_MediaPlayer32
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\Microsoft_Windows_HolographicFirstRun_cw5n1h2txyewy!App
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\Microsoft_Windows_Explorer
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\Microsoft_Windows_Cortana_cw5n1h2txyewy!CortanaUI
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\Microsoft_Windows_ControlPanel
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\Microsoft_Windows_Computer
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\Microsoft_WindowsStore_8wekyb3d8bbwe!App
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}_msinfo32_exe
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}_Adobe_Acrobat Reader DC_Reader_AcroRd32_exe
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\{6D809377-6AF0-444B-8957-A3773F02200E}_Windows NT_Accessories_wordpad_exe
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\{6D809377-6AF0-444B-8957-A3773F02200E}_Common Files_Microsoft Shared_Ink_mip_exe
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}_services_msc
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}_quickassist_exe
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}_psr_exe
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}_printmanagement_msc
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}_osk_exe
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}_odbcad32_exe
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}_notepad_exe
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}_narrator_exe
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}_mspaint_exe
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\Microsoft_WindowsSoundRecorder_8wekyb3d8bbwe!App
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}_msconfig_exe
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}_magnify_exe
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}_iscsicpl_exe
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}_dfrgui_exe
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}_comexp_msc
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}_cmd_exe
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}_cleanmgr_exe
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}_charmap_exe
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}_WindowsPowerShell_v1_0_powershell_exe
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}_WindowsPowerShell_v1_0_PowerShell_ISE_exe
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}_WF_msc
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
data
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\Microsoft_AutoGenerated_{BD3F924E-55FB-A1BA-9DE6-B50F9F2460AC}
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\Microsoft_AutoGenerated_{BB044BFD-25B7-2FAA-22A8-6371A93E0456}
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\Microsoft_AutoGenerated_{923DD477-5846-686B-A659-0FCCD73851A8}
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\Microsoft_AutoGenerated_{8ABD94FB-E7D6-84A6-A997-C918EDDE0AE5}
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\Microsoft_AutoGenerated_{8AA47365-B2B3-1961-69EB-F866E376B12F}
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\Microsoft_AutoGenerated_{67471CB4-015B-F9E9-FE9B-341BFA6FA6BF}
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\Microsoft_AutoGenerated_{116229A7-9A3B-2078-DB5F-B5A20811242C}
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\Chrome
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AC\Microsoft\Internet Explorer\DOMStore\RIEPWP7P\www.bing[1].xml
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AC\AppCache\XY3VI6XR\2\u7ub78RhrU9TTErmCp9Oo4Mp31A[1].js
UTF-8 Unicode text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AC\AppCache\XY3VI6XR\2\o2eiOtq9nd9ZsD8l_Zk-3xQz2U4[1].js
UTF-8 Unicode text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AC\AppCache\XY3VI6XR\2\nEl6gm6izUrrDobE23TevZhe_fI[1].css
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\Microsoft_AutoGenerated_{C1C6F8AC-40A3-0F5C-146F-65A9DC70BBB4}
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
data
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\q[1].htm
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\pPv[1].htm
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\EAw[1].htm
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{583AA1A8-124B-11EB-90EB-ECF4BBEA1588}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{50A84B6A-124B-11EB-90EB-ECF4BBEA1588}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{50A84B68-124B-11EB-90EB-ECF4BBEA1588}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{50A84B66-124B-11EB-90EB-ECF4BBEA1588}.dat
Microsoft Word Document
#
C:\ProgramData\Microsoft\Windows\WER\Temp\WER7C82.tmp.xml
XML 1.0 document, ASCII text, with CRLF line terminators
#
C:\ProgramData\Microsoft\Windows\WER\Temp\WER7B87.tmp.WERInternalMetadata.xml
XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators
#
C:\ProgramData\Microsoft\Windows\WER\Temp\WER660A.tmp.dmp
Mini DuMP crash report, 16 streams, Mon Oct 19 20:41:27 2020, 0x1205a4 type
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\Microsoft_MicrosoftOfficeHub_8wekyb3d8bbwe!Microsoft_MicrosoftOfficeHub
PNG image data, 44 x 44, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\Microsoft_WindowsMaps_8wekyb3d8bbwe!App
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\Microsoft_WindowsFeedbackHub_8wekyb3d8bbwe!App
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\Microsoft_WindowsCamera_8wekyb3d8bbwe!App
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\Microsoft_WindowsCalculator_8wekyb3d8bbwe!App
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\Microsoft_WindowsAlarms_8wekyb3d8bbwe!App
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\Microsoft_Print3D_8wekyb3d8bbwe!App
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\Microsoft_PPIProjection_cw5n1h2txyewy!Microsoft_PPIProjection
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\Microsoft_OneConnect_8wekyb3d8bbwe!App
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\Microsoft_Office_OneNote_8wekyb3d8bbwe!microsoft_onenoteim
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\Microsoft_Office_OUTLOOK_EXE_16
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\Microsoft_MicrosoftStickyNotes_8wekyb3d8bbwe!App
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\Microsoft_MicrosoftSolitaireCollection_8wekyb3d8bbwe!App
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_Explorer.EXE_3fbc08d64fa32b482737a7345c16a8f24583d_10665708_138d7fcc\Report.wer
Little-endian UTF-16 Unicode text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\Microsoft_MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\Microsoft_Microsoft3DViewer_8wekyb3d8bbwe!Microsoft_Microsoft3DViewer
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\Microsoft_Messaging_8wekyb3d8bbwe!x27e26f40ye031y48a6yb130yd1f20388991ax
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\Microsoft_MSPaint_8wekyb3d8bbwe!Microsoft_MSPaint
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\Microsoft_InternetExplorer_Default
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\Microsoft_Getstarted_8wekyb3d8bbwe!App
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\Microsoft_GetHelp_8wekyb3d8bbwe!App
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\Microsoft_BingWeather_8wekyb3d8bbwe!App
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\Microsoft_AutoGenerated_{F4DE281A-828F-1F6E-5CBF-B09D699BAD75}
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\Microsoft_AutoGenerated_{DAA168DE-4306-C8BC-8C11-B596240BDDED}
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\Microsoft_AutoGenerated_{C804BBA7-FA5F-CBF7-8B55-2096E5F972CB}
PC bitmap, Windows 98/2000 and newer format, 32 x 32 x 32
#