Source: EXCEL.EXE, 00000001.00000003.476275279.000000000FE23000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.488859590.000000000FE23000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.467843202.000000000FE23000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.462582747.000000000FE23000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.419978341.000000000FE23000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.340031882.000000000FE23000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.610899653.000000000FE23000.00000004.00000001.sdmp | String found in binary or memory: http://crl.globalsign.net/root-r2.crl0 |
Source: EXCEL.EXE, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: http://olkflt.edog.officeapps.live.com/olkflt/outlookflighting.svc/api/glides |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: http://olkflt.edog.officeapps.live.com/olkflt/outlookflighting.svc/api/glides/O |
Source: EXCEL.EXE, 00000001.00000002.608087011.000000000E08E000.00000004.00000001.sdmp | String found in binary or memory: http://purl.oclc.org/ooxml/drawingml/diagram |
Source: EXCEL.EXE, 00000001.00000002.608049076.000000000E06A000.00000004.00000001.sdmp | String found in binary or memory: http://purl.oclc.org/ooxml/drawingml/tabler |
Source: EXCEL.EXE, 00000001.00000003.469607881.0000000016ABE000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.470048142.000000001690E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.455964384.0000000016B06000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.455940301.0000000016AD6000.00000004.00000001.sdmp | String found in binary or memory: http://schemas.open |
Source: EXCEL.EXE, 00000001.00000003.469607881.0000000016ABE000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.470048142.000000001690E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.455964384.0000000016B06000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.455940301.0000000016AD6000.00000004.00000001.sdmp | String found in binary or memory: http://schemas.openformatrg/package/2006/r |
Source: EXCEL.EXE, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: http://weather.service.msn.com/data.aspx |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: http://weather.service.msn.com/data.aspxNS |
Source: EXCEL.EXE, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://addinsinstallation.store.office.com/app/acquisitionlogging |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://addinsinstallation.store.office.com/app/acquisitionlogging1 |
Source: 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://addinsinstallation.store.office.com/app/download |
Source: EXCEL.EXE, 00000001.00000003.527855395.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526977901.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339302511.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611671160.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325294672.00000000137D0000.00000004.00000001.sdmp | String found in binary or memory: https://addinsinstallation.store.office.com/app/downloade |
Source: EXCEL.EXE, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://addinsinstallation.store.office.com/appinstall/authenticated |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://addinsinstallation.store.office.com/appinstall/authenticatedB |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000002.611338171.000000001361A000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://addinsinstallation.store.office.com/appinstall/preinstalled |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp | String found in binary or memory: https://addinsinstallation.store.office.com/appinstall/preinstalledMBI_SSL_SHORT |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://addinsinstallation.store.office.com/appinstall/unauthenticated |
Source: EXCEL.EXE, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://addinsinstallation.store.office.com/orgid/appinstall/authenticated |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://addinsinstallation.store.office.com/orgid/appinstall/authenticated6 |
Source: EXCEL.EXE, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://addinslicensing.store.office.com/commerce/query |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://addinslicensing.store.office.com/commerce/queryv |
Source: EXCEL.EXE, 00000001.00000003.527855395.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526977901.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339302511.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611671160.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325294672.00000000137D0000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://addinslicensing.store.office.com/entitlement/query |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527855395.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526977901.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339302511.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611671160.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325294672.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://addinslicensing.store.office.com/orgid/apps/remove |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://addinslicensing.store.office.com/orgid/entitlement/query |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://analysis.windows.net/powerbi/api |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://analysis.windows.net/powerbi/apiE |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://apc.learningtools.onenote.com/learningtoolsapi/v2.0/getfreeformspeech |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://api.aadrm.com |
Source: EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://api.aadrm.com/ |
Source: EXCEL.EXE, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://api.addins.omex.office.net/appinfo/query |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://api.addins.omex.office.net/appinfo/queryg |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://api.addins.omex.office.net/appstate/query |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://api.addins.store.office.com/addinstemplate |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://api.addins.store.office.com/app/query |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://api.addins.store.officeppe.com/addinstemplate |
Source: 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://api.cortana.ai |
Source: 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://api.diagnostics.office.com |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://api.diagnostics.office.com?V |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://api.diagnostics.office.comHV |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp | String found in binary or memory: https://api.diagnostics.office.comhuc |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://api.diagnosticssdf.office.com |
Source: EXCEL.EXE, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://api.microsoftstream.com/api/ |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://api.microsoftstream.com/api/nt9H |
Source: 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://api.office.net |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://api.office.net&s |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://api.office.net/s |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://api.office.net9rh |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://api.office.net=sl |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://api.office.netLr |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://api.office.netls |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://api.office.netyp( |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://api.office.netzs |
Source: EXCEL.EXE, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://api.onedrive.com |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp | String found in binary or memory: https://api.onedrive.comMBI |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://api.onedrive.comce |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://api.powerbi.com/beta/myorg/imports |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://api.powerbi.com/v1.0/myorg/datasets |
Source: EXCEL.EXE, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://api.powerbi.com/v1.0/myorg/groups |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://api.powerbi.com/v1.0/myorg/groupsu |
Source: EXCEL.EXE, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://apis.live.net/v5.0/ |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://apis.live.net/v5.0/S |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://arc.msn.com/v4/api/selection |
Source: EXCEL.EXE, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://asgsmsproxyapi.azurewebsites.net/ |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://asgsmsproxyapi.azurewebsites.net/S2 |
Source: EXCEL.EXE | String found in binary or memory: https://augloop.dod.online.office365.us |
Source: EXCEL.EXE, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://augloop.office.com |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://augloop.office.com% |
Source: 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://augloop.office.com/v2 |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.470099621.000000000FEA0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.340254925.000000000FEA0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.291670975.000000000FEA2000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.488934838.000000000FEA0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.461355081.000000000FEA0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.467269536.000000000FEA0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.493139849.000000000FEA0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.490225001.000000000FEA0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.475810638.000000000FEA0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.491199060.000000000FEA0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.610983542.000000000FEA0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.419576881.000000000FEA0000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://augloop.office.com;https://augloop-int.officeppe.com;https://augloop-dogfood.officeppe.com;h |
Source: EXCEL.EXE, 00000001.00000003.488654985.000000000FD75000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.475934601.000000000FD75000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.467719465.000000000FD75000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.461793870.000000000FD75000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.489721327.000000000FD75000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.610610633.000000000FD75000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://autodiscover-s.outlook.com/ |
Source: EXCEL.EXE, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://autodiscover-s.outlook.com/autodiscover/autodiscover.xml |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://autodiscover-s.outlook.com/autodiscover/autodiscover.xmlW |
Source: 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://cdn.entity. |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp | String found in binary or memory: https://cdn.odc.officeapps.live.c |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000002.611338171.000000001361A000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://cdn.odc.officeapps.live.com/odc/stat/images/OneDriveUpsell.png |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp | String found in binary or memory: https://cdn.odc.officeapps.live.com/odc/stat/images/OneDriveUpsell.pngOutlookConnectorManifesthttps: |
Source: EXCEL.EXE, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://cdn.odc.officeapps.live.com/odc/xml?resource=OneDriveSignUpUpsell |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://cdn.odc.officeapps.live.com/odc/xml?resource=OneDriveSignUpUpselllOh |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://cdn.odc.officeapps.live.com/odc/xml?resource=OneDriveSyncClientUpsell |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp | String found in binary or memory: https://cdn.odc.officeapps.live.com/odc/xml?resource=OneDriveSyncClientUpsellLiveProfileServicehttps |
Source: EXCEL.EXE, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://client-office365-tas.msedge.net/ab |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://client-office365-tas.msedge.net/abuc |
Source: 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://clients.config.office.net/ |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://clients.config.office.net/4K |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp | String found in binary or memory: https://clients.config.office.net/Bearer |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp | String found in binary or memory: https://clients.config.office.net/https://loguc |
Source: 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://clients.config.office.net/user/v1.0/android/policies |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp | String found in binary or memory: https://clients.config.office.net/user/v1.0/android/policieshttps://login.windows.net/common/oauth2/ |
Source: 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://clients.config.office.net/user/v1.0/ios |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp | String found in binary or memory: https://clients.config.office.net/user/v1.0/iosBearer |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp | String found in binary or memory: https://clients.config.office.net/user/v1.0/ioshtt |
Source: 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://clients.config.office.net/user/v1.0/mac |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp | String found in binary or memory: https://clients.config.office.net/user/v1.0/macBearer |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp | String found in binary or memory: https://clients.config.office.net/user/v1.0/machttps://login.windows.net/common/oauth2/authorize |
Source: 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://clients.config.office.net/user/v1.0/tenantassociationkey |
Source: EXCEL.EXE, 00000001.00000002.611338171.000000001361A000.00000004.00000001.sdmp | String found in binary or memory: https://clients.config.office.net/user/v1.0/tenantassociationkeyL |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://cloudfiles.onenote.com/upload.aspx |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://config.edge.skype.com |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://config.edge.skype.com/config/v1/Office |
Source: EXCEL.EXE, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://config.edge.skype.com/config/v2/Office |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://config.edge.skype.com/config/v2/Officeb |
Source: 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://cortana.ai |
Source: 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://cortana.ai/api |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://cortana.ai/api-Y |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://cortana.aiIY |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://cortana.aietl |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://cr.office.com |
Source: 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://dataservice.o365filtering.com |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://dataservice.o365filtering.com-L |
Source: 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://dataservice.o365filtering.com/ |
Source: EXCEL.EXE, 00000001.00000003.527855395.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526977901.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339302511.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611671160.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325294672.00000000137D0000.00000004.00000001.sdmp | String found in binary or memory: https://dataservice.o365filtering.com/4 |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://dataservice.o365filtering.com/PolicySync/PolicySync.svc/SyncFile |
Source: EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://dataservice.o365filtering.com6L |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://dataservice.o365filtering.comLL |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://dataservice.o365filtering.comPI |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://dataservice.o365filtering.comUV |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://dataservice.o365filtering.comxLu |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://dataservice.protection.outlook.com/PolicySync/PolicySync.svc/SyncFile |
Source: EXCEL.EXE, 00000001.00000003.340165432.000000000FE6F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.476324827.000000000FE6F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.488905407.000000000FE6F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.462619600.000000000FE6F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.610948124.000000000FE6F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.490100931.000000000FE6F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.467872426.000000000FE6F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.420012413.000000000FE6F000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://dataservice.protection.outlook.com/PsorWebService/v1/ClientSyncFile/MipPolicies |
Source: 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://dev.cortana.ai |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://dev.cortana.ai2Y |
Source: EXCEL.EXE, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://dev.virtualearth.net/REST/V1/GeospatialEndpoint/ |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://dev.virtualearth.net/REST/V1/GeospatialEndpoint/H |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://dev0-api.acompli.net/autodetect |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://devnull.onenote.com |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://devnull.onenote.comt |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://directory.services. |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://ecs.office.com/config/v2/Office |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://enrichment.osi.office.net/ |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://enrichment.osi.office.net/)V |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/Refresh/v1 |
Source: EXCEL.EXE, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/Resolve/v1 |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/Resolve/v1G |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/Search/v1 |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/StockHistory/v1 |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/ipcheck/v1 |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/web/Metadata/ |
Source: EXCEL.EXE, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/web/Metadata/metadata.json |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/web/Metadata/metadata.json# |
Source: EXCEL.EXE, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/web/view/desktop/main.cshtml |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/web/view/desktop/main.cshtmlM |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/web/view/web/main.cshtml |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp | String found in binary or memory: https://enrichment.osi.office.net/https://login.windows.net/common/oauth2/authorizeMBI_SSLhttps://os |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://entitlement.diagnostics.office.com |
Source: EXCEL.EXE, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://entitlement.diagnosticssdf.office.com |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://entitlement.diagnosticssdf.office.comq |
Source: EXCEL.EXE | String found in binary or memory: https://entity.osi.office.net/ |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://entity.osi.office.net/t |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://eur.learningtools.onenote.com/learningtoolsapi/v2.0/getfreeformspeech |
Source: EXCEL.EXE, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://excel.uservoice.com/forums/304936-excel-for-mobile-devices-tablets-phones-android |
Source: EXCEL.EXE, 00000001.00000003.470099621.000000000FEA0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.340254925.000000000FEA0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.291670975.000000000FEA2000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.488934838.000000000FEA0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.461355081.000000000FEA0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.467269536.000000000FEA0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.493139849.000000000FEA0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.490225001.000000000FEA0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.475810638.000000000FEA0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.491199060.000000000FEA0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.610983542.000000000FEA0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.419576881.000000000FEA0000.00000004.00000001.sdmp | String found in binary or memory: https://excel.uservoice.com/forums/304936-excel-for-mobile-devices-tablets-phones-androidy |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://globaldisco.crm.dynamics.com |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://graph.ppe.windows.net |
Source: EXCEL.EXE, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://graph.ppe.windows.net/ |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://graph.ppe.windows.net// |
Source: EXCEL.EXE, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://graph.windows.net |
Source: EXCEL.EXE, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://graph.windows.net/ |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://graph.windows.net/l |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://graph.windows.net/ointZ |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://graph.windows.netse |
Source: EXCEL.EXE, 00000001.00000003.526779002.00000000136A7000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611442721.00000000136D7000.00000004.00000001.sdmp | String found in binary or memory: https://greenflag.esp.br/ |
Source: EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.419668761.00000000167C6000.00000004.00000001.sdmp | String found in binary or memory: https://greenflag.esp.br/yuINdRbM/tiynh.html |
Source: EXCEL.EXE, 00000001.00000003.324828323.00000000167C6000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.418599518.00000000167C6000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.419668761.00000000167C6000.00000004.00000001.sdmp | String found in binary or memory: https://greenflag.esp.br/yuINdRbM/tiynh.htmlZd |
Source: EXCEL.EXE, 00000001.00000003.526779002.00000000136A7000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611442721.00000000136D7000.00000004.00000001.sdmp | String found in binary or memory: https://greenflag.esp.br/z |
Source: EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://hubble.officeapps.live.com |
Source: EXCEL.EXE, 00000001.00000002.611338171.000000001361A000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/api/telemetry |
Source: 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/browse? |
Source: EXCEL.EXE, 00000001.00000002.611338171.000000001361A000.00000004.00000001.sdmp | String found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/browse?B |
Source: EXCEL.EXE, 00000001.00000002.611338171.000000001361A000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/browse?cp=remix3d |
Source: 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/microsoftcontent?initpivot=icons&premium=1 |
Source: EXCEL.EXE | String found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/microsoftcontent?initpivot=icons&premium=1 |
Source: EXCEL.EXE, 00000001.00000003.470099621.000000000FEA0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.340254925.000000000FEA0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.291670975.000000000FEA2000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.488934838.000000000FEA0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.461355081.000000000FEA0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.467269536.000000000FEA0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.493139849.000000000FEA0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.490225001.000000000FEA0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.475810638.000000000FEA0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.491199060.000000000FEA0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.610983542.000000000FEA0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.419576881.000000000FEA0000.00000004.00000001.sdmp | String found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/microsoftcontent?initpivot=icons&premium=1i |
Source: 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/microsoftcontent?initpivot=stockimages&premium=1 |
Source: EXCEL.EXE, 00000001.00000002.611338171.000000001361A000.00000004.00000001.sdmp | String found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/microsoftcontent?initpivot=stockimages&premium=1 |
Source: 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/microsoftcontent?initpivot=stockvideos&premium=1 |
Source: EXCEL.EXE, 00000001.00000002.611338171.000000001361A000.00000004.00000001.sdmp | String found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/microsoftcontent?initpivot=stockvideos&premium=1 |
Source: EXCEL.EXE, 00000001.00000002.611303760.00000000135FB000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/microsofticon? |
Source: EXCEL.EXE, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://incidents.diagnostics.office.com |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://incidents.diagnostics.office.comH |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://incidents.diagnosticssdf.office.com |
Source: EXCEL.EXE | String found in binary or memory: https://insertmedia.bing.office.net/images/hosted?host=office&adlt=strict&hostType=ImmersiveApp |
Source: EXCEL.EXE, 00000001.00000003.470099621.000000000FEA0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.340254925.000000000FEA0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.291670975.000000000FEA2000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.488934838.000000000FEA0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.461355081.000000000FEA0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.467269536.000000000FEA0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.493139849.000000000FEA0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.490225001.000000000FEA0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.475810638.000000000FEA0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.491199060.000000000FEA0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.610983542.000000000FEA0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.419576881.000000000FEA0000.00000004.00000001.sdmp | String found in binary or memory: https://insertmedia.bing.office.net/images/hosted?host=office&adlt=strict&hostType=ImmersiveAppR |
Source: 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://insertmedia.bing.office.net/images/hosted?host=office&adlt=strict&hostType=Immersive |
Source: EXCEL.EXE, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=Bing |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=Binguo |
Source: EXCEL.EXE, 00000001.00000003.340165432.000000000FE6F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.476324827.000000000FE6F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.488905407.000000000FE6F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.462619600.000000000FE6F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.610948124.000000000FE6F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.490100931.000000000FE6F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.467872426.000000000FE6F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.420012413.000000000FE6F000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=ClipArt |
Source: EXCEL.EXE, 00000001.00000003.340165432.000000000FE6F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.476324827.000000000FE6F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.488905407.000000000FE6F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.462619600.000000000FE6F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.610948124.000000000FE6F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.490100931.000000000FE6F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.467872426.000000000FE6F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.420012413.000000000FE6F000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=Facebook |
Source: EXCEL.EXE, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=Flickr |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=FlickrYO |
Source: 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=OneDrive |
Source: EXCEL.EXE, 00000001.00000003.340165432.000000000FE6F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.476324827.000000000FE6F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.488905407.000000000FE6F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.462619600.000000000FE6F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.610948124.000000000FE6F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.490100931.000000000FE6F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.467872426.000000000FE6F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.420012413.000000000FE6F000.00000004.00000001.sdmp | String found in binary or memory: https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=OneDriveX2i |
Source: 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://insertmedia.bing.office.net/odc/insertmedia |
Source: EXCEL.EXE, 00000001.00000002.611338171.000000001361A000.00000004.00000001.sdmp | String found in binary or memory: https://insertmedia.bing.office.net/odc/insertmediaq |
Source: EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://learningtools.onenote.com/learningtoolsapi/v2.0/GetFreeformSpeech |
Source: 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://lifecycle.office.com |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://lifecycle.office.comP |
Source: EXCEL.EXE, 00000001.00000003.339645774.0000000013881000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339423306.0000000013879000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.418797301.0000000013879000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.461136291.0000000013879000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.527925109.0000000013879000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611756255.000000001388E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.324103805.0000000013879000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.527045226.0000000013879000.00000004.00000001.sdmp | String found in binary or memory: https://login.live.com |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://login.microsoftonline.com/ |
Source: 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://login.windows-ppe.net/common/oauth2/authorize |
Source: EXCEL.EXE, 00000001.00000002.611338171.000000001361A000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows-ppe.net/common/oauth2/authorizeuo |
Source: 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://login.windows.local |
Source: EXCEL.EXE, 00000001.00000002.611338171.000000001361A000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.localtes |
Source: EXCEL.EXE, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://login.windows.net/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/authorize |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/authorizehNd |
Source: 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://login.windows.net/common/oauth2/authorize |
Source: EXCEL.EXE, 00000001.00000002.611338171.000000001361A000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorize%_3 |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorize& |
Source: EXCEL.EXE, 00000001.00000002.611338171.000000001361A000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorize&Z0 |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorize- |
Source: EXCEL.EXE, 00000001.00000002.611338171.000000001361A000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorize.S8 |
Source: EXCEL.EXE, 00000001.00000003.527855395.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526977901.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339302511.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611671160.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325294672.00000000137D0000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorize/ |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorize7 |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorize: |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorize; |
Source: EXCEL.EXE, 00000001.00000003.527855395.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526977901.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339302511.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611671160.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325294672.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorize= |
Source: EXCEL.EXE, 00000001.00000002.611338171.000000001361A000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorize?S |
Source: EXCEL.EXE, 00000001.00000002.611338171.000000001361A000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizeC_ |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizeD |
Source: EXCEL.EXE, 00000001.00000002.611338171.000000001361A000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizeE |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizeF |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizeG |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizeH |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizeJ |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizeK |
Source: EXCEL.EXE, 00000001.00000003.527855395.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526977901.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339302511.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611671160.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325294672.00000000137D0000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizeM |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizeMf |
Source: EXCEL.EXE, 00000001.00000002.611338171.000000001361A000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizeOP |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611338171.000000001361A000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizeR |
Source: EXCEL.EXE, 00000001.00000002.611338171.000000001361A000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizeS |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizeT |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizeU |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizeW |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizeX |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizeY |
Source: EXCEL.EXE, 00000001.00000003.527855395.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526977901.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339302511.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611671160.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325294672.00000000137D0000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizeZ |
Source: EXCEL.EXE, 00000001.00000002.611338171.000000001361A000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizea_ |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizeb |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611338171.000000001361A000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizec |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizef |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizeh |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizei |
Source: EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizeize |
Source: EXCEL.EXE, 00000001.00000003.527855395.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526977901.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339302511.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611671160.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325294672.00000000137D0000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizek |
Source: EXCEL.EXE, 00000001.00000002.611338171.000000001361A000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizelQ |
Source: EXCEL.EXE, 00000001.00000002.611338171.000000001361A000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizemP |
Source: EXCEL.EXE, 00000001.00000002.611338171.000000001361A000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizen_ |
Source: EXCEL.EXE, 00000001.00000002.611338171.000000001361A000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizep |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611338171.000000001361A000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizer |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizes |
Source: EXCEL.EXE, 00000001.00000002.611338171.000000001361A000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizesZ |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizeteV |
Source: EXCEL.EXE, 00000001.00000003.527855395.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526977901.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339302511.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611671160.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325294672.00000000137D0000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizex |
Source: EXCEL.EXE, 00000001.00000002.611338171.000000001361A000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorizezP |
Source: EXCEL.EXE, 00000001.00000002.611338171.000000001361A000.00000004.00000001.sdmp | String found in binary or memory: https://login.windows.net/common/oauth2/authorize~ |
Source: 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://loki.delve.office.com/api/v1/configuration/officewin32/ |
Source: EXCEL.EXE, 00000001.00000003.527855395.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526977901.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339302511.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611671160.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325294672.00000000137D0000.00000004.00000001.sdmp | String found in binary or memory: https://loki.delve.office.com/api/v1/configuration/officewin32/W |
Source: 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://lookup.onenote.com/lookup/geolocation/v1 |
Source: EXCEL.EXE, 00000001.00000003.527855395.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526977901.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339302511.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611671160.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325294672.00000000137D0000.00000004.00000001.sdmp | String found in binary or memory: https://lookup.onenote.com/lookup/geolocation/v1J |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://management.azure.com |
Source: EXCEL.EXE, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://management.azure.com/ |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://management.azure.com/l |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://messaging.office.com/ |
Source: EXCEL.EXE, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://metadata.templates.cdn.office.net/client/log |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://metadata.templates.cdn.office.net/client/log8 |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://na01.oscs.protection.outlook.com/api/SafeLinksApi/GetPolicy |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://nam.learningtools.onenote.com/learningtoolsapi/v2.0/getfreeformspeech |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://ncus.contentsync. |
Source: EXCEL.EXE, 00000001.00000003.340165432.000000000FE6F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.476324827.000000000FE6F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.488905407.000000000FE6F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.462619600.000000000FE6F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.610948124.000000000FE6F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.490100931.000000000FE6F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.467872426.000000000FE6F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.420012413.000000000FE6F000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://ncus.pagecontentsync. |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000002.603652781.0000000002E30000.00000004.00000020.sdmp | String found in binary or memory: https://nexus.officeapps.live.com |
Source: EXCEL.EXE, 00000001.00000002.611303760.00000000135FB000.00000004.00000001.sdmp | String found in binary or memory: https://nexus.officeapps.live.com/ |
Source: EXCEL.EXE | String found in binary or memory: https://nexus.officeapps.live.com/ne |
Source: EXCEL.EXE, 00000001.00000003.325048483.0000000016780000.00000004.00000001.sdmp | String found in binary or memory: https://nexus.officeapps.live.com/nete |
Source: EXCEL.EXE | String found in binary or memory: https://nexus.officeapps.live.com/nexus/rules |
Source: EXCEL.EXE, 00000001.00000002.611407310.00000000136A8000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526779002.00000000136A7000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://nexus.officeapps.live.com/nexus/rules?Application=excel.exe&Version=16.0.4954.1000&ClientId= |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://nexus.officeapps.live.com/nexus/rulesn |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://nexus.officeapps.live.comlatesForWord |
Source: EXCEL.EXE, 00000001.00000002.612479351.0000000016745000.00000004.00000001.sdmp | String found in binary or memory: https://noithat117.vn/ |
Source: EXCEL.EXE, 00000001.00000003.324828323.00000000167C6000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526779002.00000000136A7000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.418599518.00000000167C6000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611442721.00000000136D7000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.419668761.00000000167C6000.00000004.00000001.sdmp | String found in binary or memory: https://noithat117.vn/TSh7GBeIR/tiynh.html |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://o365auditrealtimeingestion.manage.office.com |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://o365auditrealtimeingestion.manage.office.com/api/userauditrecord |
Source: EXCEL.EXE, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://o365diagnosticsppe-web.cloudapp.net |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://o365diagnosticsppe-web.cloudapp.netW |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://ocos-office365-s2s.msedge.net/ab |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://ofcrecsvcapi-int.azurewebsites.net/ |
Source: EXCEL.EXE, 00000001.00000002.611338171.000000001361A000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://officeapps.live.com |
Source: EXCEL.EXE, 00000001.00000002.611338171.000000001361A000.00000004.00000001.sdmp | String found in binary or memory: https://officeapps.live.com% |
Source: EXCEL.EXE, 00000001.00000002.611338171.000000001361A000.00000004.00000001.sdmp | String found in binary or memory: https://officeapps.live.com) |
Source: EXCEL.EXE, 00000001.00000002.611338171.000000001361A000.00000004.00000001.sdmp | String found in binary or memory: https://officeapps.live.com/ |
Source: EXCEL.EXE, 00000001.00000002.611338171.000000001361A000.00000004.00000001.sdmp | String found in binary or memory: https://officeapps.live.com3 |
Source: EXCEL.EXE, 00000001.00000002.611338171.000000001361A000.00000004.00000001.sdmp | String found in binary or memory: https://officeapps.live.com5 |
Source: EXCEL.EXE, 00000001.00000002.611338171.000000001361A000.00000004.00000001.sdmp | String found in binary or memory: https://officeapps.live.com9 |
Source: EXCEL.EXE, 00000001.00000002.611338171.000000001361A000.00000004.00000001.sdmp | String found in binary or memory: https://officeapps.live.com= |
Source: EXCEL.EXE, 00000001.00000002.611338171.000000001361A000.00000004.00000001.sdmp | String found in binary or memory: https://officeapps.live.comC |
Source: EXCEL.EXE, 00000001.00000002.611338171.000000001361A000.00000004.00000001.sdmp | String found in binary or memory: https://officeapps.live.comG |
Source: EXCEL.EXE, 00000001.00000002.611338171.000000001361A000.00000004.00000001.sdmp | String found in binary or memory: https://officeapps.live.comM |
Source: EXCEL.EXE, 00000001.00000002.611338171.000000001361A000.00000004.00000001.sdmp | String found in binary or memory: https://officeapps.live.comQ |
Source: EXCEL.EXE, 00000001.00000002.611338171.000000001361A000.00000004.00000001.sdmp | String found in binary or memory: https://officeapps.live.comS |
Source: EXCEL.EXE, 00000001.00000002.611338171.000000001361A000.00000004.00000001.sdmp | String found in binary or memory: https://officeapps.live.comW |
Source: EXCEL.EXE, 00000001.00000002.611338171.000000001361A000.00000004.00000001.sdmp | String found in binary or memory: https://officeapps.live.comX( |
Source: EXCEL.EXE, 00000001.00000002.611338171.000000001361A000.00000004.00000001.sdmp | String found in binary or memory: https://officeapps.live.coma |
Source: EXCEL.EXE, 00000001.00000002.611338171.000000001361A000.00000004.00000001.sdmp | String found in binary or memory: https://officeapps.live.come |
Source: EXCEL.EXE, 00000001.00000002.611338171.000000001361A000.00000004.00000001.sdmp | String found in binary or memory: https://officeapps.live.comk |
Source: EXCEL.EXE, 00000001.00000002.611338171.000000001361A000.00000004.00000001.sdmp | String found in binary or memory: https://officeapps.live.como |
Source: EXCEL.EXE, 00000001.00000002.611338171.000000001361A000.00000004.00000001.sdmp | String found in binary or memory: https://officeapps.live.comu |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://officeci.azurewebsites.net/api/ |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://officemobile.uservoice.com/forums/929800-office-app-ios-and-ipad-asks |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://officesetup.getmicrosoftkey.com |
Source: EXCEL.EXE, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://ogma.osi.office.net/TradukoApi/api/v1.0/ |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://ogma.osi.office.net/TradukoApi/api/v1.0/u |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://omex.cdn.office.net/addinclassifier/officeentities |
Source: EXCEL.EXE, 00000001.00000002.611338171.000000001361A000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://omex.cdn.office.net/addinclassifier/officeentitiesupdated |
Source: EXCEL.EXE, 00000001.00000002.611338171.000000001361A000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://omex.cdn.office.net/addinclassifier/officesharedentities |
Source: 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://omex.cdn.office.net/addinclassifier/officesharedentitiesupdated |
Source: EXCEL.EXE, 00000001.00000002.611338171.000000001361A000.00000004.00000001.sdmp | String found in binary or memory: https://omex.cdn.office.net/addinclassifier/officesharedentitiesupdatedh |
Source: 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://onedrive.live.com |
Source: EXCEL.EXE, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://onedrive.live.com/about/download/?windows10SyncClientInstalled=false |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://onedrive.live.com/about/download/?windows10SyncClientInstalled=falseUN |
Source: 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://onedrive.live.com/embed? |
Source: EXCEL.EXE, 00000001.00000003.527855395.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526977901.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339302511.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611671160.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325294672.00000000137D0000.00000004.00000001.sdmp | String found in binary or memory: https://onedrive.live.com/embed?i |
Source: EXCEL.EXE, 00000001.00000002.611338171.000000001361A000.00000004.00000001.sdmp | String found in binary or memory: https://onedrive.live.comed |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://osi.office.net |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://osi.office.netM& |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://osi.office.netjY |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://osi.office.netst |
Source: EXCEL.EXE, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://otelrules.azureedge.net |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://otelrules.azureedge.netd |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611338171.000000001361A000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://outlook.office.com |
Source: EXCEL.EXE, 00000001.00000003.488654985.000000000FD75000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.475934601.000000000FD75000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.467719465.000000000FD75000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.461793870.000000000FD75000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.489721327.000000000FD75000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.610610633.000000000FD75000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://outlook.office.com/ |
Source: EXCEL.EXE, 00000001.00000003.340165432.000000000FE6F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.476324827.000000000FE6F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.488905407.000000000FE6F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.462619600.000000000FE6F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.610948124.000000000FE6F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.490100931.000000000FE6F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.467872426.000000000FE6F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.420012413.000000000FE6F000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://outlook.office.com/autosuggest/api/v1/init?cvid= |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://outlook.office.comX: |
Source: EXCEL.EXE, 00000001.00000002.611338171.000000001361A000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://outlook.office365.com |
Source: EXCEL.EXE, 00000001.00000003.488654985.000000000FD75000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.475934601.000000000FD75000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.467719465.000000000FD75000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.461793870.000000000FD75000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.489721327.000000000FD75000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.610610633.000000000FD75000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611338171.000000001361A000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://outlook.office365.com/ |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://outlook.office365.com/api/v1.0/me/Activities |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527855395.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526977901.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339302511.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611671160.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325294672.00000000137D0000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://outlook.office365.com/autodiscover/autodiscover.json |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://outlook.office365.com/autodiscover/autodiscover.json3 |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://ovisualuiapp.azurewebsites.net/pbiagave/ |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://pages.store.office.com/appshome.aspx?productgroup=Outlook |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://pages.store.office.com/review/query |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://pages.store.office.com/webapplandingpage.aspx |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://pages.store.office.com/webapplandingpage.aspxI |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.340165432.000000000FE6F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.476324827.000000000FE6F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.488905407.000000000FE6F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.462619600.000000000FE6F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.610948124.000000000FE6F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.490100931.000000000FE6F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.467872426.000000000FE6F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.420012413.000000000FE6F000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://partnerservices.getmicrosoftkey.com/PartnerProvisioning.svc/v1/subscriptions |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://pf.directory.live.com/profile/mine/System.ShortCircuitProfile.json |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp | String found in binary or memory: https://pf.directory.live.com/profile/mine/System.ShortCircuitProfile.jsonMBI_SSLpeople.directory. |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://pf.directory.live.com/profile/mine/WLX.Profiles.IC.json |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp | String found in binary or memory: https://pf.directory.live.com/profile/mine/WLX.Profiles.IC.jsonMBI_SSL_SHORTssl. |
Source: EXCEL.EXE, 00000001.00000003.462703099.00000000167D2000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.612583630.00000000167D2000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.418614920.00000000167D2000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.324846454.00000000167D3000.00000004.00000001.sdmp | String found in binary or memory: https://playsis.c |
Source: EXCEL.EXE, 00000001.00000003.462703099.00000000167D2000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.612583630.00000000167D2000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.418614920.00000000167D2000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.324846454.00000000167D3000.00000004.00000001.sdmp | String found in binary or memory: https://playsis.com |
Source: EXCEL.EXE, 00000001.00000003.462703099.00000000167D2000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.612583630.00000000167D2000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.418614920.00000000167D2000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.324846454.00000000167D3000.00000004.00000001.sdmp | String found in binary or memory: https://playsis.com.b |
Source: EXCEL.EXE, 00000001.00000003.527855395.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526977901.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339302511.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611671160.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325294672.00000000137D0000.00000004.00000001.sdmp | String found in binary or memory: https://playsis.com.br/ |
Source: EXCEL.EXE, 00000001.00000003.527855395.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526977901.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339302511.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611671160.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325294672.00000000137D0000.00000004.00000001.sdmp | String found in binary or memory: https://playsis.com.br/R |
Source: EXCEL.EXE, 00000001.00000003.462703099.00000000167D2000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.612583630.00000000167D2000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.418614920.00000000167D2000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.324846454.00000000167D3000.00000004.00000001.sdmp | String found in binary or memory: https://playsis.com.br/qJSL1B |
Source: EXCEL.EXE, 00000001.00000002.611442721.00000000136D7000.00000004.00000001.sdmp | String found in binary or memory: https://playsis.com.br/qJSL1BN5V/tiynh.html |
Source: EXCEL.EXE, 00000001.00000003.462703099.00000000167D2000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.612583630.00000000167D2000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.418614920.00000000167D2000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.324846454.00000000167D3000.00000004.00000001.sdmp | String found in binary or memory: https://playsis.com.br/qJSL1BN5V/tiynh.htmlvn/TSh7GBeIR/tiynh.html |
Source: EXCEL.EXE, 00000001.00000003.462703099.00000000167D2000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.612583630.00000000167D2000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.418614920.00000000167D2000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.324846454.00000000167D3000.00000004.00000001.sdmp | String found in binary or memory: https://playsis.com.br/qJSL1BNs |
Source: EXCEL.EXE, 00000001.00000003.462703099.00000000167D2000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.612583630.00000000167D2000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.418614920.00000000167D2000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.324846454.00000000167D3000.00000004.00000001.sdmp | String found in binary or memory: https://playsis.com.br/qJSL1n |
Source: EXCEL.EXE, 00000001.00000003.462703099.00000000167D2000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.612583630.00000000167D2000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.418614920.00000000167D2000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.324846454.00000000167D3000.00000004.00000001.sdmp | String found in binary or memory: https://playsis.com.br/qJSh |
Source: EXCEL.EXE, 00000001.00000003.462703099.00000000167D2000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.612583630.00000000167D2000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.418614920.00000000167D2000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.324846454.00000000167D3000.00000004.00000001.sdmp | String found in binary or memory: https://playsis.com.br/qt |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://portal.office.com/account/?ref=ClientMeControl |
Source: 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://posarprodcssservice.accesscontrol.windows.net/v2/OAuth2-13 |
Source: EXCEL.EXE, 00000001.00000002.611338171.000000001361A000.00000004.00000001.sdmp | String found in binary or memory: https://posarprodcssservice.accesscontrol.windows.net/v2/OAuth2-13db8 |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://powerlift-frontdesk.acompli.net |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://powerlift.acompli.net |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://powerpoint.uservoice.com/forums/288952-powerpoint-for-ipad-iphone-ios |
Source: EXCEL.EXE, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://prod-global-autodetect.acompli.net/autodetect |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://prod-global-autodetect.acompli.net/autodetect) |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://r4.res.office365.com/footprintconfig/v1.7/scripts/fpconfig.json |
Source: EXCEL.EXE, 00000001.00000002.611338171.000000001361A000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://res.getmicrosoftkey.com/api/redemptionevents |
Source: EXCEL.EXE, 00000001.00000002.611338171.000000001361A000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://roaming.edog. |
Source: 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://rpsticket.partnerservices.getmicrosoftkey.com |
Source: EXCEL.EXE, 00000001.00000002.611338171.000000001361A000.00000004.00000001.sdmp | String found in binary or memory: https://rpsticket.partnerservices.getmicrosoftkey.come |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://settings.outlook.com |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://shell.suite.office.com:1443 |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://skyapi.live.net/Activity/ |
Source: 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://sr.outlook.office.net/ws/speech/recognize/assistant/work |
Source: 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://staging.cortana.ai |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://staging.cortana.airlL? |
Source: EXCEL.EXE, 00000001.00000002.611338171.000000001361A000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://storage.live.com/clientlogs/uploadlocation |
Source: EXCEL.EXE, 00000001.00000003.527855395.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526977901.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339302511.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611671160.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325294672.00000000137D0000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://store.office.cn/addinstemplate |
Source: EXCEL.EXE, 00000001.00000003.527855395.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526977901.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339302511.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611671160.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325294672.00000000137D0000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://store.office.de/addinstemplate |
Source: EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://substrate.office.com |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://substrate.office.com/Todo-Internal.ReadWrite |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://substrate.office.com/search/api/v1/SearchHistory |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://substrate.office.com/search/api/v2/init |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://substrate.office.com4: |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://substrate.office.com7 |
Source: EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://substrate.office.comP |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://substrate.office.comR |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://substrate.office.comc: |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://substrate.office.como |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://syncservice.protection.outlook.com/PolicySync/PolicySync.svc/SyncFile |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://tasks.office.com |
Source: EXCEL.EXE | String found in binary or memory: https://tellmeservice.osi.office.net |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://tellmeservice.osi.office.netst |
Source: 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://uci.cdn.office.net/mirrored/smartlookup/current/ |
Source: EXCEL.EXE, 00000001.00000003.527855395.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526977901.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339302511.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611671160.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325294672.00000000137D0000.00000004.00000001.sdmp | String found in binary or memory: https://uci.cdn.office.net/mirrored/smartlookup/current/I |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://uci.officeapps.live.com/OfficeInsights/web/views/insights.desktop.html |
Source: EXCEL.EXE, 00000001.00000003.340165432.000000000FE6F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.476324827.000000000FE6F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.488905407.000000000FE6F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.462619600.000000000FE6F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.610948124.000000000FE6F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.490100931.000000000FE6F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.467872426.000000000FE6F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.420012413.000000000FE6F000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://uci.officeapps.live.com/OfficeInsights/web/views/insights.immersive.html |
Source: 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://visio.uservoice.com/forums/368202-visio-on-devices |
Source: EXCEL.EXE, 00000001.00000003.527855395.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526977901.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339302511.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611671160.00000000137D0000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325294672.00000000137D0000.00000004.00000001.sdmp | String found in binary or memory: https://visio.uservoice.com/forums/368202-visio-on-devicesV |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://web.microsoftstream.com/video/ |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://webdir.online.lync.com/autodiscover/autodiscoverservice.svc/root/ |
Source: EXCEL.EXE, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://webshell.suite.office.com |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp | String found in binary or memory: https://webshell.suite.office.comOCSettingsCloudPolicyServiceAndroidUrlhttps://clients.config.office |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://webshell.suite.office.comeH |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://word.uservoice.com/forums/304948-word-for-ipad-iphone-ios |
Source: EXCEL.EXE, EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://wus2.contentsync. |
Source: EXCEL.EXE, 00000001.00000003.340165432.000000000FE6F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.476324827.000000000FE6F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.488905407.000000000FE6F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.462619600.000000000FE6F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.610948124.000000000FE6F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.490100931.000000000FE6F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.467872426.000000000FE6F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.420012413.000000000FE6F000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://wus2.pagecontentsync. |
Source: EXCEL.EXE, 00000001.00000002.611338171.000000001361A000.00000004.00000001.sdmp, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://www.bingapis.com/api/v7/urlpreview/search?appid=E93048236FE27D972F67C5AF722136866DF65FA2 |
Source: EXCEL.EXE, 3638B7F6-A3D7-43B8-AAEC-D8550EE39223.1.dr | String found in binary or memory: https://www.odwebp.svc.ms |
Source: EXCEL.EXE, 00000001.00000003.527794289.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000002.611602960.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.526918525.000000001373F000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.339227200.000000001377E000.00000004.00000001.sdmp, EXCEL.EXE, 00000001.00000003.325087071.0000000013759000.00000004.00000001.sdmp | String found in binary or memory: https://www.odwebp.svc.msomP |