Source: mshta.exe, 00000011.00000003.857834199.00000269D553C000.00000004.00000001.sdmp, mshta.exe, 00000011.00000002.928246833.00000269D553C000.00000004.00000020.sdmp | String found in binary or memory: http://157.230.250.107 |
Source: mshta.exe, 00000011.00000003.857834199.00000269D553C000.00000004.00000001.sdmp, mshta.exe, 00000011.00000002.928246833.00000269D553C000.00000004.00000020.sdmp | String found in binary or memory: http://157.230.250.107: |
Source: mshta.exe, 00000011.00000003.857834199.00000269D553C000.00000004.00000001.sdmp, mshta.exe, 00000011.00000002.928246833.00000269D553C000.00000004.00000020.sdmp | String found in binary or memory: http://157.230.250.107:8 |
Source: mshta.exe, 00000011.00000003.857700563.00000269D5596000.00000004.00000001.sdmp, mshta.exe, 00000011.00000002.928374780.00000269D5596000.00000004.00000020.sdmp | String found in binary or memory: http://157.230.250.107:8080/ |
Source: mshta.exe, 00000011.00000002.928213340.00000269D5515000.00000004.00000020.sdmp, mshta.exe, 00000011.00000003.857806201.00000269D5515000.00000004.00000001.sdmp | String found in binary or memory: http://157.230.250.107:8080/BAOOJC.rtfR |
Source: mshta.exe, 00000011.00000002.928213340.00000269D5515000.00000004.00000020.sdmp, mshta.exe, 00000011.00000003.857806201.00000269D5515000.00000004.00000001.sdmp | String found in binary or memory: http://157.230.250.107:8080/mfkrmothR |
Source: mshta.exe, 00000011.00000002.928213340.00000269D5515000.00000004.00000020.sdmp, mshta.exe, 00000011.00000003.857806201.00000269D5515000.00000004.00000001.sdmp | String found in binary or memory: http://157.230.250.107:8080/mfkrmother |
Source: mshta.exe, 00000011.00000002.928213340.00000269D5515000.00000004.00000020.sdmp, mshta.exe, 00000011.00000003.857806201.00000269D5515000.00000004.00000001.sdmp | String found in binary or memory: http://157.230.250.107:8080/mfkrmotherfu |
Source: mshta.exe, 00000011.00000002.928213340.00000269D5515000.00000004.00000020.sdmp, mshta.exe, 00000011.00000003.857806201.00000269D5515000.00000004.00000001.sdmp | String found in binary or memory: http://157.230.250.107:8080/mfkrmotherfuci |
Source: mshta.exe, 00000011.00000002.928213340.00000269D5515000.00000004.00000020.sdmp, mshta.exe, 00000011.00000003.857806201.00000269D5515000.00000004.00000001.sdmp | String found in binary or memory: http://157.230.250.107:8080/mfkrmotherfuckUWT |
Source: mshta.exe, 00000011.00000002.928213340.00000269D5515000.00000004.00000020.sdmp, mshta.exe, 00000011.00000003.857806201.00000269D5515000.00000004.00000001.sdmp | String found in binary or memory: http://157.230.250.107:8080/mfkrmotherfucke |
Source: mshta.exe, 00000011.00000003.857823332.00000269D552F000.00000004.00000001.sdmp, mshta.exe, 00000011.00000002.928232600.00000269D552F000.00000004.00000020.sdmp | String found in binary or memory: http://157.230.250.107:8080/mfkrmotherfuckeru6y82saSM |
Source: mshta.exe, 00000011.00000003.857834199.00000269D553C000.00000004.00000001.sdmp | String found in binary or memory: http://157.230.250.107:8080/mfkrmotherfuckeru6y82sasswhh(e |
Source: mshta.exe, 00000011.00000003.857834199.00000269D553C000.00000004.00000001.sdmp, mshta.exe, 00000011.00000002.928246833.00000269D553C000.00000004.00000020.sdmp | String found in binary or memory: http://157.230.250.107:8080/mfkrmotherfuckeru6y82sasswhof |
Source: mshta.exe, 00000011.00000003.857834199.00000269D553C000.00000004.00000001.sdmp, mshta.exe, 00000011.00000002.928246833.00000269D553C000.00000004.00000020.sdmp | String found in binary or memory: http://157.230.250.107:8080/mfkrmotherfuckeru6y82sasswhor |
Source: mshta.exe, 00000011.00000003.857778956.00000269D54DB000.00000004.00000001.sdmp, mshta.exe, 00000011.00000002.928170505.00000269D54DB000.00000004.00000020.sdmp | String found in binary or memory: http://157.230.250.107:8080/mfkrmotherfuckeru6y82sasswhorehf |
Source: mshta.exe, 00000011.00000003.857778956.00000269D54DB000.00000004.00000001.sdmp, mshta.exe, 00000011.00000002.928170505.00000269D54DB000.00000004.00000020.sdmp | String found in binary or memory: http://157.230.250.107:8080/mfkrmotherfuckeru6y82sasswhorehf9 |
Source: mshta.exe, 00000011.00000003.857700563.00000269D5596000.00000004.00000001.sdmp, mshta.exe, 00000011.00000003.857778956.00000269D54DB000.00000004.00000001.sdmp, mshta.exe, 00000011.00000003.857834199.00000269D553C000.00000004.00000001.sdmp, mshta.exe, 00000011.00000002.928246833.00000269D553C000.00000004.00000020.sdmp | String found in binary or memory: http://157.230.250.107:8080/mfkrmotherfuckeru6y82sasswhorehf9e |
Source: mshta.exe, 00000011.00000003.857834199.00000269D553C000.00000004.00000001.sdmp | String found in binary or memory: http://157.230.250.107:8080/mfkrmotherfuckeru6y82sasswhorehf9e% |
Source: mshta.exe, 00000011.00000003.857834199.00000269D553C000.00000004.00000001.sdmp | String found in binary or memory: http://157.230.250.107:8080/mfkrmotherfuckeru6y82sasswhorehf9e&- |
Source: mshta.exe, 00000011.00000003.857834199.00000269D553C000.00000004.00000001.sdmp, mshta.exe, 00000011.00000002.928246833.00000269D553C000.00000004.00000020.sdmp | String found in binary or memory: http://157.230.250.107:8080/mfkrmotherfuckeru6y82sasswhorehf9eM( |
Source: mshta.exe, 00000011.00000003.857778956.00000269D54DB000.00000004.00000001.sdmp | String found in binary or memory: http://157.230.250.107:8080/mfkrmotherfuckeru6y82sasswhorehf9eh |
Source: mshta.exe, 00000011.00000003.857834199.00000269D553C000.00000004.00000001.sdmp, mshta.exe, 00000011.00000002.928246833.00000269D553C000.00000004.00000020.sdmp | String found in binary or memory: http://157.230.250.10e |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp | String found in binary or memory: http://crl.globalsign.net/root-r2.crl0 |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782352963.000000001314F000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: http://olkflt.edog.officeapps.live.com/olkflt/outlookflighting.svc/api/glides |
Source: EXCEL.EXE, 00000000.00000002.932293689.000000000F7D0000.00000004.00000001.sdmp | String found in binary or memory: http://purl.oclc.org/ooxml/drawingml/diagram |
Source: EXCEL.EXE, 00000000.00000002.930150892.000000000DA06000.00000004.00000001.sdmp | String found in binary or memory: http://purl.oclc.org/ooxml/drawingml/tablew |
Source: EXCEL.EXE, 00000000.00000003.786918474.0000000016269000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.787015034.000000001606A000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.784409991.0000000016069000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.781717569.00000000161F9000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.781858345.00000000162B1000.00000004.00000001.sdmp | String found in binary or memory: http://schemas.open |
Source: EXCEL.EXE, 00000000.00000003.787015034.000000001606A000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.784409991.0000000016069000.00000004.00000001.sdmp | String found in binary or memory: http://schemas.openformatrg/package/2006/content-t |
Source: EXCEL.EXE, 00000000.00000003.786918474.0000000016269000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.781717569.00000000161F9000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.781858345.00000000162B1000.00000004.00000001.sdmp | String found in binary or memory: http://schemas.openformatrg/package/2006/r |
Source: EXCEL.EXE, 00000000.00000003.782352963.000000001314F000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: http://weather.service.msn.com/data.aspx |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: http://weather.service.msn.com/data.aspx.0/iosY |
Source: EXCEL.EXE, 00000000.00000002.933761146.0000000013153000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782387248.0000000013153000.00000004.00000001.sdmp | String found in binary or memory: https://addinsinstallation.store.office.com/app/acquisitionlog |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://addinsinstallation.store.office.com/app/acquisitionlogging |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://addinsinstallation.store.office.com/app/download |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://addinsinstallation.store.office.com/app/downloadxD) |
Source: EXCEL.EXE, 00000000.00000003.787102445.000000001325D000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.807889222.000000001325D000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662721741.000000001325D000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.933958853.000000001325D000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782581219.000000001325D000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.743536985.000000001325D000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://addinsinstallation.store.office.com/appinstall/preinstalled |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://addinsinstallation.store.office.com/appinstall/unauthenticated |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://addinslicensing.store.office.com/commerce/query |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://addinslicensing.store.office.com/commerce/queryMQ6 |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://addinslicensing.store.office.com/entitlement/query |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://addinslicensing.store.office.com/orgid/apps/remove |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://addinslicensing.store.office.com/orgid/apps/removec |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://addinslicensing.store.office.com/orgid/apps/removey |
Source: EXCEL.EXE, 00000000.00000002.933761146.0000000013153000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782387248.0000000013153000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://addinslicensing.store.office.com/orgid/entitlement/query |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://addinslicensing.store.office.com/orgid/entitlement/queryLL4 |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://analysis.windows.net/powerbi/api |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://analysis.windows.net/powerbi/api1 |
Source: EXCEL.EXE, 00000000.00000003.662903857.000000001329A000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662753926.000000001329A000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.743595898.00000000132A2000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.743076931.000000001329A000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659756705.00000000132AB000.00000004.00000001.sdmp | String found in binary or memory: https://analysis.windows.net/powerbi/apiMruMaxLocalItemCount100EnableXL2PBIFullFidelityfalseEnableXL |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://analysis.windows.net/powerbi/apiT |
Source: EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://apc.learningtools.onenote.com/learningtoolsapi/v2.0/getfreeformspeech |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://api.aadrm.com |
Source: EXCEL.EXE, 00000000.00000002.933997365.000000001328A000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782673322.000000001328A000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662745522.000000001328A000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.787123980.000000001328A000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.743580229.000000001328A000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.807929408.000000001328A000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://api.aadrm.com/ |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://api.aadrm.com6 |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://api.addins.omex.office.net/appinfo/query |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://api.addins.omex.office.net/appstate/query |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://api.addins.omex.office.net/appstate/querynt |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://api.addins.store.office.com/addinstemplate |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://api.addins.store.office.com/app/query |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://api.addins.store.officeppe.com/addinstemplate |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://api.cortana.ai |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://api.cortana.aip |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://api.diagnostics.office.com |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://api.diagnostics.office.com= |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://api.diagnosticssdf.office.com |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://api.diagnosticssdf.office.comU |
Source: EXCEL.EXE, 00000000.00000003.782352963.000000001314F000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://api.microsoftstream.com/api/ |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://api.microsoftstream.com/api/nt3 |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://api.office.net |
Source: EXCEL.EXE, 00000000.00000002.933997365.000000001328A000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782673322.000000001328A000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662745522.000000001328A000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.787123980.000000001328A000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.743580229.000000001328A000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.807929408.000000001328A000.00000004.00000001.sdmp | String found in binary or memory: https://api.office.net2G# |
Source: EXCEL.EXE, 00000000.00000002.933997365.000000001328A000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782673322.000000001328A000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662745522.000000001328A000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.787123980.000000001328A000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.743580229.000000001328A000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.807929408.000000001328A000.00000004.00000001.sdmp | String found in binary or memory: https://api.office.netP |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://api.office.netX |
Source: EXCEL.EXE, 00000000.00000002.933997365.000000001328A000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782673322.000000001328A000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662745522.000000001328A000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.787123980.000000001328A000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.743580229.000000001328A000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.807929408.000000001328A000.00000004.00000001.sdmp | String found in binary or memory: https://api.office.netg |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://api.onedrive.com |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp | String found in binary or memory: https://api.onedrive.comce |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782352963.000000001314F000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://api.powerbi.com/beta/myorg/imports |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://api.powerbi.com/v1.0/myorg/datasets |
Source: EXCEL.EXE, 00000000.00000003.782352963.000000001314F000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://api.powerbi.com/v1.0/myorg/groups |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://api.powerbi.com/v1.0/myorg/groups( |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://apis.live.net/v5.0/ |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp | String found in binary or memory: https://apis.live.net/v5.0/l |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://arc.msn.com/v4/api/selection |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://asgsmsproxyapi.azurewebsites.net/ |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://augloop.office.com |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://augloop.office.com/v2 |
Source: EXCEL.EXE, 00000000.00000003.662676214.00000000131FC000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.743475425.00000000131FC000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.933897142.00000000131FC000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782512692.00000000131FC000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.807834828.00000000131FC000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.787064629.00000000131FC000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://augloop.office.com;https://augloop-int.officeppe.com;https://augloop-dogfood.officeppe.com;h |
Source: EXCEL.EXE, 00000000.00000002.933997365.000000001328A000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782673322.000000001328A000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662745522.000000001328A000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.787123980.000000001328A000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.743580229.000000001328A000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.807929408.000000001328A000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://autodiscover-s.outlook.com/ |
Source: EXCEL.EXE, 00000000.00000003.787102445.000000001325D000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.807889222.000000001325D000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662721741.000000001325D000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.933958853.000000001325D000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782581219.000000001325D000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.743536985.000000001325D000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://autodiscover-s.outlook.com/autodiscover/autodiscover.xml |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://cdn.entity. |
Source: EXCEL.EXE, 00000000.00000003.787102445.000000001325D000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.807889222.000000001325D000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662721741.000000001325D000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.933958853.000000001325D000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782581219.000000001325D000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.743536985.000000001325D000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://cdn.odc.officeapps.live.com/odc/stat/images/OneDriveUpsell.png |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://cdn.odc.officeapps.live.com/odc/xml?resource=OneDriveSignUpUpsell |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://cdn.odc.officeapps.live.com/odc/xml?resource=OneDriveSignUpUpsell6 |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://cdn.odc.officeapps.live.com/odc/xml?resource=OneDriveSyncClientUpsell |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://client-office365-tas.msedge.net/ab |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://clients.config.office.net/ |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://clients.config.office.net/j |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://clients.config.office.net/user/v1.0/android/policies |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://clients.config.office.net/user/v1.0/ios |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://clients.config.office.net/user/v1.0/mac |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://clients.config.office.net/user/v1.0/tenantassociationkey |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://cloudfiles.onenote.com/upload.aspx |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://config.edge.skype.com |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://config.edge.skype.com/config/v1/Office |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://config.edge.skype.com/config/v2/Office |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://config.edge.skype.com/config/v2/OfficeH |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://cortana.ai |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://cortana.ai/api |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://cortana.aiZ |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://cortana.aietlB |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://cr.office.com |
Source: EXCEL.EXE, 00000000.00000003.782352963.000000001314F000.00000004.00000001.sdmp | String found in binary or memory: https://dataservice.o365filter |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://dataservice.o365filtering.com |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://dataservice.o365filtering.com/ |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://dataservice.o365filtering.com/:e |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://dataservice.o365filtering.com/PolicySync/PolicySync.svc/SyncFile |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://dataservice.o365filtering.com/R |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://dataservice.o365filtering.comL |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://dataservice.o365filtering.coma |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://dataservice.o365filtering.comf |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp | String found in binary or memory: https://dataservice.o365filtering.compDy |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://dataservice.o365filtering.comt |
Source: EXCEL.EXE, 00000000.00000002.933748369.0000000013149000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782352963.000000001314F000.00000004.00000001.sdmp | String found in binary or memory: https://dataservice.protection.outl |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://dataservice.protection.outlook.com/PolicySync/PolicySync.svc/SyncFile |
Source: EXCEL.EXE, 00000000.00000002.933931227.0000000013235000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782557094.0000000013235000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.807864897.0000000013235000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662707230.0000000013235000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.787086454.0000000013235000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.743519317.0000000013235000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://dataservice.protection.outlook.com/PsorWebService/v1/ClientSyncFile/MipPolicies |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://dev.cortana.ai |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.933748369.0000000013149000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782352963.000000001314F000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://dev.virtualearth.net/REST/V1/GeospatialEndpoint/ |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://dev0-api.acompli.net/autodetect |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://dev0-api.acompli.net/autodetecti |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://devnull.onenote.com |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://devnull.onenote.com9 |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://directory.services. |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://ecs.office.com/config/v2/Office |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://ecs.office.com/config/v2/OfficeX |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://enrichment.osi.office.net/ |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://enrichment.osi.office.net/) |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://enrichment.osi.office.net/? |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/Refresh/v1 |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/Resolve/v1 |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/Search/v1 |
Source: EXCEL.EXE, 00000000.00000003.787102445.000000001325D000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.807889222.000000001325D000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662721741.000000001325D000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.933958853.000000001325D000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782581219.000000001325D000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.743536985.000000001325D000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/StockHistory/v1 |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/ipcheck/v1 |
Source: EXCEL.EXE, 00000000.00000003.787102445.000000001325D000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.807889222.000000001325D000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662721741.000000001325D000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.933958853.000000001325D000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782581219.000000001325D000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.743536985.000000001325D000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/web/Metadata/ |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/web/Metadata/metadata.json |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/web/view/desktop/main.cshtml |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/web/view/web/main.cshtml |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/web/view/web/main.cshtmld |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://entitlement.diagnostics.office.com |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://entitlement.diagnostics.office.coma |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://entitlement.diagnosticssdf.office.com |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://entity.osi.office.net/t |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://eur.learningtools.onenote.com/learningtoolsapi/v2.0/getfreeformspeech |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://eur.learningtools.onenote.com/learningtoolsapi/v2.0/getfreeformspeechi |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://excel.uservoice.com/forums/304936-excel-for-mobile-devices-tablets-phones-android |
Source: EXCEL.EXE, 00000000.00000002.933545976.0000000013026000.00000004.00000001.sdmp | String found in binary or memory: https://excel.uservoice.com/forums/304936-excel-for-mobile-devices-tablets-phones-android( |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://globaldisco.crm.dynamics.com |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://graph.ppe.windows.net |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://graph.ppe.windows.net/ |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp | String found in binary or memory: https://graph.ppe.windows.net/2 |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://graph.windows.net |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://graph.windows.net/ |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp | String found in binary or memory: https://graph.windows.net/: |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp | String found in binary or memory: https://graph.windows.net/T |
Source: EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://hubble.officeapps.live.com |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://hubble.officeapps.live.comG |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://hubble.officeapps.live.comg |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/api/telemetry |
Source: EXCEL.EXE, 00000000.00000002.933587531.0000000013059000.00000004.00000001.sdmp | String found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/api/telemetry8 |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/browse? |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp | String found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/browse?OU6 |
Source: EXCEL.EXE, 00000000.00000003.787102445.000000001325D000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.807889222.000000001325D000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662721741.000000001325D000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.933958853.000000001325D000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782581219.000000001325D000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.743536985.000000001325D000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/browse?cp=remix3d |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/microsoftcontent?initpivot=icons&premium=1 |
Source: EXCEL.EXE, 00000000.00000002.933545976.0000000013026000.00000004.00000001.sdmp | String found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/microsoftcontent?initpivot=icons&premium=1 |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/microsoftcontent?initpivot=stockimages&premium=1 |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp | String found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/microsoftcontent?initpivot=stockimages&premium=1 |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/microsoftcontent?initpivot=stockvideos&premium=1 |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp | String found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/microsoftcontent?initpivot=stockvideos&premium=1 |
Source: EXCEL.EXE, 00000000.00000002.933587531.0000000013059000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/microsofticon? |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://incidents.diagnostics.office.com |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://incidents.diagnosticssdf.office.com |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://incidents.diagnosticssdf.office.comZ |
Source: EXCEL.EXE, 00000000.00000002.933761146.0000000013153000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782387248.0000000013153000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://inclient.store.office.com/gyro/client |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://inclient.store.office.com/gyro/clientl |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://inclient.store.office.com/gyro/clientstore |
Source: EXCEL.EXE, 00000000.00000002.933545976.0000000013026000.00000004.00000001.sdmp | String found in binary or memory: https://insertmedia.bing.office.net/images/hosted?host=office&adlt=strict&hostType=ImmersiveApp |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://insertmedia.bing.office.net/images/hosted?host=office&adlt=strict&hostType=Immersive |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=Bing |
Source: EXCEL.EXE, 00000000.00000002.933545976.0000000013026000.00000004.00000001.sdmp | String found in binary or memory: https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=BingLt |
Source: EXCEL.EXE, 00000000.00000002.933931227.0000000013235000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782557094.0000000013235000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.807864897.0000000013235000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662707230.0000000013235000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.787086454.0000000013235000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.743519317.0000000013235000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=ClipArt |
Source: EXCEL.EXE, 00000000.00000002.933931227.0000000013235000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782557094.0000000013235000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.807864897.0000000013235000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662707230.0000000013235000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.787086454.0000000013235000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.743519317.0000000013235000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=Facebook |
Source: EXCEL.EXE, 00000000.00000002.933545976.0000000013026000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=Flickr |
Source: EXCEL.EXE, 00000000.00000002.933931227.0000000013235000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782557094.0000000013235000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.807864897.0000000013235000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662707230.0000000013235000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.787086454.0000000013235000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.743519317.0000000013235000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=OneDrive |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://insertmedia.bing.office.net/odc/insertmedia |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.933761146.0000000013153000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782387248.0000000013153000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://learningtools.onenote.com/learningtoolsapi/v2.0/GetFreeformSpeech |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://learningtools.onenote.com/learningtoolsapi/v2.0/GetFreeformSpeechF |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://lifecycle.office.com |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp | String found in binary or memory: https://lifecycle.office.comP |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://login.microsoftonline.com/ |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://login.microsoftonline.com/J |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://login.windows-ppe.net/common/oauth2/authorize |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows-ppe.net/common/oauth2/authorizesR |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://login.windows.local |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.localtes/ |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://login.windows.net/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/authorize |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://login.windows.net/common/oauth2/authorize |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorize&6 |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorize( |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorize(R |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorize)Q |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorize)S |
Source: EXCEL.EXE, 00000000.00000003.801049819.000000000F88C000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.787311248.000000000F88C000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.932505798.000000000F88C000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.742840890.000000000F88C000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorize018 |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorize47 |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorize4V |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorize56 |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorize65 |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorize7K |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorize8Q |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorize8S |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorize9R |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorize:Q |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorize;7 |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorize;V |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorize? |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorize?R |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizeB |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizeBR |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizeCQ |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizeCS0 |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizeG_ |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizeH5A |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizeHT1 |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizeIK0 |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizeO6 |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizeP |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizeQR8 |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizeRSC |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizeSR |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizeV_? |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizeXKA |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorize_TF |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizeb |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizefic |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizeh7 |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizehP |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizehV |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizeize |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizejT |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizel |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizelR |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizemQ |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizemS |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizenR |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizeq |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizes |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizexU |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizeyT |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorize~Q |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://loki.delve.office.com/api/v1/configuration/officewin32/ |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://lookup.onenote.com/lookup/geolocation/v1 |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://management.azure.com |
Source: EXCEL.EXE, 00000000.00000002.933748369.0000000013149000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782352963.000000001314F000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://management.azure.com/ |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp | String found in binary or memory: https://management.azure.com/t$ |
Source: EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://messaging.office.com/ |
Source: EXCEL.EXE, 00000000.00000002.933761146.0000000013153000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782387248.0000000013153000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://metadata.templates.cdn.office.net/client/log |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://metadata.templates.cdn.office.net/client/logLR1 |
Source: EXCEL.EXE, 00000000.00000003.787102445.000000001325D000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.807889222.000000001325D000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662721741.000000001325D000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.933958853.000000001325D000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782581219.000000001325D000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.743536985.000000001325D000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://na01.oscs.protection.outlook.com/api/SafeLinksApi/GetPolicy |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://nam.learningtools.onenote.com/learningtoolsapi/v2.0/getfreeformspeech |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://ncus.contentsync. |
Source: EXCEL.EXE, 00000000.00000002.933931227.0000000013235000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782557094.0000000013235000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.807864897.0000000013235000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662707230.0000000013235000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.787086454.0000000013235000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.743519317.0000000013235000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://ncus.pagecontentsync. |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://nexus.officeapps.live.com |
Source: EXCEL.EXE, 00000000.00000003.743389311.0000000013161000.00000004.00000001.sdmp | String found in binary or memory: https://nexus.officeapps.live.com/nexus/ |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://nexus.officeapps.live.com/nexus/rules18 |
Source: EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://nexus.officeapps.live.com/nexus/rules?Application=excel.exe&Version=16.0.4954.1000&ClientId= |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://o365auditrealtimeingestion.manage.office.com |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.933761146.0000000013153000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782387248.0000000013153000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://o365auditrealtimeingestion.manage.office.com/api/userauditrecord |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://o365diagnosticsppe-web.cloudapp.net |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://ocos-office365-s2s.msedge.net/ab |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://ocos-office365-s2s.msedge.net/abev |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://ofcrecsvcapi-int.azurewebsites.net/ |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://ofcrecsvcapi-int.azurewebsites.net/U |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.746911179.000000000F932000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.742923018.000000000F8D5000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.784656249.000000000F932000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.932672209.000000000F8D5000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.930238046.000000000DA26000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.742968046.000000000F932000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.784582330.000000000F8D5000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://officeapps.live.com |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp | String found in binary or memory: https://officeapps.live.com)l7 |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp | String found in binary or memory: https://officeapps.live.com3l9 |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp | String found in binary or memory: https://officeapps.live.com9cG |
Source: EXCEL.EXE, 00000000.00000002.933545976.0000000013026000.00000004.00000001.sdmp | String found in binary or memory: https://officeapps.live.com: |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://officeapps.live.comK |
Source: EXCEL.EXE, 00000000.00000003.742968046.000000000F932000.00000004.00000001.sdmp | String found in binary or memory: https://officeapps.live.comN |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp | String found in binary or memory: https://officeapps.live.comP6 |
Source: EXCEL.EXE, 00000000.00000002.933545976.0000000013026000.00000004.00000001.sdmp | String found in binary or memory: https://officeapps.live.comary |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp | String found in binary or memory: https://officeapps.live.commlk |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://officeci.azurewebsites.net/api/ |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://officeci.azurewebsites.net/api/B |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://officemobile.uservoice.com/forums/929800-office-app-ios-and-ipad-asks |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://officemobile.uservoice.com/forums/929800-office-app-ios-and-ipad-asksB |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://officesetup.getmicrosoftkey.com |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://ogma.osi.office.net/TradukoApi/api/v1.0/ |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://ogma.osi.office.net/TradukoApi/api/v1.0/Q |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://omex.cdn.office.net/addinclassifier/officeentities |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://omex.cdn.office.net/addinclassifier/officeentitiesupdated |
Source: EXCEL.EXE, 00000000.00000003.787102445.000000001325D000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.807889222.000000001325D000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662721741.000000001325D000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.933958853.000000001325D000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782581219.000000001325D000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.743536985.000000001325D000.00000004.00000001.sdmp | String found in binary or memory: https://omex.cdn.office.net/addinclassifier/officeentitiesupdatedR |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://omex.cdn.office.net/addinclassifier/officesharedentities |
Source: EXCEL.EXE, 00000000.00000003.787102445.000000001325D000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.807889222.000000001325D000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662721741.000000001325D000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.933958853.000000001325D000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782581219.000000001325D000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.743536985.000000001325D000.00000004.00000001.sdmp | String found in binary or memory: https://omex.cdn.office.net/addinclassifier/officesharedentitiest |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://omex.cdn.office.net/addinclassifier/officesharedentitiesupdated |
Source: EXCEL.EXE, 00000000.00000003.787102445.000000001325D000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.807889222.000000001325D000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662721741.000000001325D000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.933958853.000000001325D000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782581219.000000001325D000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.743536985.000000001325D000.00000004.00000001.sdmp | String found in binary or memory: https://omex.cdn.office.net/addinclassifier/officesharedentitiesupdated~ |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://onedrive.live.com |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://onedrive.live.com/about/download/?windows10SyncClientInstalled=false |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://onedrive.live.com/about/download/?windows10SyncClientInstalled=false2 |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://onedrive.live.com/embed? |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://onedrive.live.com/embed?iNam |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://osi.office.net |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://osi.office.netB |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://osi.office.netP |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://osi.office.netS |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp | String found in binary or memory: https://osi.office.netst |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://otelrules.azureedge.net |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://outlook.office.com |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp | String found in binary or memory: https://outlook.office.com( |
Source: EXCEL.EXE, 00000000.00000002.933997365.000000001328A000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782673322.000000001328A000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662745522.000000001328A000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.787123980.000000001328A000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.743580229.000000001328A000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.807929408.000000001328A000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://outlook.office.com/ |
Source: EXCEL.EXE, 00000000.00000002.933931227.0000000013235000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782557094.0000000013235000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.807864897.0000000013235000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662707230.0000000013235000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.787086454.0000000013235000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.743519317.0000000013235000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://outlook.office.com/autosuggest/api/v1/init?cvid= |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp | String found in binary or memory: https://outlook.office.comonf |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://outlook.office365.com |
Source: EXCEL.EXE, 00000000.00000002.933997365.000000001328A000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782673322.000000001328A000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662745522.000000001328A000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.787123980.000000001328A000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.743580229.000000001328A000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.807929408.000000001328A000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://outlook.office365.com/ |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://outlook.office365.com/api/v1.0/me/Activities |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://outlook.office365.com/api/v1.0/me/Activitiesa_ |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://outlook.office365.com/autodiscover/autodiscover.json |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://outlook.office365.com/autodiscover/autodiscover.jsonaB |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://ovisualuiapp.azurewebsites.net/pbiagave/ |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://ovisualuiapp.azurewebsites.net/pbiagave/r |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://pages.store.office.com/appshome.aspx?productgroup=Outlook |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://pages.store.office.com/appshome.aspx?productgroup=Outlook-L |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782387248.0000000013153000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://pages.store.office.com/review/query |
Source: EXCEL.EXE, 00000000.00000002.933761146.0000000013153000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782387248.0000000013153000.00000004.00000001.sdmp | String found in binary or memory: https://pages.store.office.com/webapplanding |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://pages.store.office.com/webapplandingpage.aspx |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://partnerservices.getmicrosoftkey.com/PartnerProvisioning.svc/v1/subscriptions |
Source: EXCEL.EXE, 00000000.00000002.933931227.0000000013235000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782557094.0000000013235000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.807864897.0000000013235000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662707230.0000000013235000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.787086454.0000000013235000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.743519317.0000000013235000.00000004.00000001.sdmp | String found in binary or memory: https://partnerservices.getmicrosoftkey.com/PartnerProvisioning.svc/v1/subscriptionspBj |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://pf.directory.live.com/profile/mine/System.ShortCircuitProfile.json |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://pf.directory.live.com/profile/mine/WLX.Profiles.IC.json |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://portal.office.com/account/?ref=ClientMeControl |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://portal.office.com/account/?ref=ClientMeControlA |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://posarprodcssservice.accesscontrol.windows.net/v2/OAuth2-13 |
Source: EXCEL.EXE, 00000000.00000003.787102445.000000001325D000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.807889222.000000001325D000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662721741.000000001325D000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.933958853.000000001325D000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782581219.000000001325D000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.743536985.000000001325D000.00000004.00000001.sdmp | String found in binary or memory: https://posarprodcssservice.accesscontrol.windows.net/v2/OAuth2-132 |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://powerlift-frontdesk.acompli.net |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://powerlift.acompli.net |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://powerpoint.uservoice.com/forums/288952-powerpoint-for-ipad-iphone-ios |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://powerpoint.uservoice.com/forums/288952-powerpoint-for-ipad-iphone-iosS |
Source: EXCEL.EXE, 00000000.00000003.782352963.000000001314F000.00000004.00000001.sdmp | String found in binary or memory: https://pptOSI.D |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://prod-global-autodetect.acompli.net/autodetect |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://r4.res.office365.com/footprintconfig/v1.7/scripts/fpconfig.json |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://res.getmicrosoftkey.com/api/redemptionevents |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://roaming.edog. |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://rpsticket.partnerservices.getmicrosoftkey.com |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp | String found in binary or memory: https://rpsticket.partnerservices.getmicrosoftkey.comRQ; |
Source: EXCEL.EXE, 00000000.00000002.933931227.0000000013235000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782557094.0000000013235000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.807864897.0000000013235000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662707230.0000000013235000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.787086454.0000000013235000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.743519317.0000000013235000.00000004.00000001.sdmp | String found in binary or memory: https://rr.offic |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://settings.outlook.com |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp | String found in binary or memory: https://settings.outlook.comS_ |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://shell.suite.office.com:1443 |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://skyapi.live.net/Activity/ |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://sr.outlook.office.net/ws/speech/recognize/assistant/work |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp | String found in binary or memory: https://sr.outlook.office.net/ws/speech/recognize/assistant/work=3 |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://staging.cortana.ai |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp | String found in binary or memory: https://staging.cortana.airl |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp | String found in binary or memory: https://staging.cortana.airlq |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://storage.live.com/clientlogs/uploadlocation |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://store.office.cn/addinstemplate |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://store.office.de/addinstemplate |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp | String found in binary or memory: https://substrate.office.com |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp | String found in binary or memory: https://substrate.office.com# |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp | String found in binary or memory: https://substrate.office.com% |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://substrate.office.com/Todo-Internal.ReadWrite |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://substrate.office.com/search/api/v1/SearchHistory |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://substrate.office.com/search/api/v2/init |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp | String found in binary or memory: https://substrate.office.com9 |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp | String found in binary or memory: https://substrate.office.comF |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp | String found in binary or memory: https://substrate.office.comP |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp | String found in binary or memory: https://substrate.office.comb |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://syncservice.protection.outlook.com/PolicySync/PolicySync.svc/SyncFile |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://tasks.office.com |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://tellmeservice.osi.office.netst |
Source: 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://uci.cdn.office.net/mirrored/smartlookup/current/ |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp | String found in binary or memory: https://uci.cdn.office.net/mirrored/smartlookup/current/1G |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://uci.officeapps.live.com/OfficeInsights/web/views/insights.desktop.html |
Source: EXCEL.EXE, 00000000.00000002.933931227.0000000013235000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782557094.0000000013235000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.807864897.0000000013235000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662707230.0000000013235000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.787086454.0000000013235000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.743519317.0000000013235000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://uci.officeapps.live.com/OfficeInsights/web/views/insights.immersive.html |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://visio.uservoice.com/forums/368202-visio-on-devices |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782352963.000000001314F000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://web.microsoftstream.com/video/ |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://webdir.online.lync.com/autodiscover/autodiscoverservice.svc/root/ |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://webshell.suite.office.com |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://word.uservoice.com/forums/304948-word-for-ipad-iphone-ios |
Source: EXCEL.EXE, 00000000.00000003.743103190.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.783535399.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.659767884.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000002.934053961.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662772379.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662921296.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782794397.00000000132C8000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.663064420.00000000132C8000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://wus2.contentsync. |
Source: EXCEL.EXE, 00000000.00000002.933931227.0000000013235000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.782557094.0000000013235000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.807864897.0000000013235000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.662707230.0000000013235000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.787086454.0000000013235000.00000004.00000001.sdmp, EXCEL.EXE, 00000000.00000003.743519317.0000000013235000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://wus2.pagecontentsync. |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://www.bingapis.com/api/v7/urlpreview/search?appid=E93048236FE27D972F67C5AF722136866DF65FA2 |
Source: EXCEL.EXE, 00000000.00000002.933601808.0000000013067000.00000004.00000001.sdmp, 7065FF96-0F32-40B3-B28E-F452FBC97932.0.dr | String found in binary or memory: https://www.odwebp.svc.ms |