Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
cancellation.one
|
data
|
initial sample
|
||
|
C:\Users\eyup\AppData\Local\Microsoft\Office\16.0\onenote.exe_Rules.xml
|
XML 1.0 document, ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
||
|
C:\Users\eyup\AppData\Local\Microsoft\Office\OTele\onenote.exe.db
|
SQLite 3.x database, last written using SQLite version 3023002, writer version 2, read version 2, file counter 2, database
pages 1, cookie 0, schema 0, largest root page 1, unknown 0 encoding, version-valid-for 2
|
dropped
|
||
|
C:\Users\eyup\AppData\Local\Microsoft\Office\OTele\onenote.exe.db-shm
|
data
|
dropped
|
||
|
C:\Users\eyup\AppData\Local\Microsoft\Office\OTele\onenote.exe.db-wal
|
SQLite Write-Ahead Log, version 3007000
|
dropped
|
||
|
C:\Users\eyup\AppData\Local\Microsoft\OneNote\16.0\cache\header
|
Matlab v4 mat-file (little endian) , numeric, rows 1020487318, columns 0
|
dropped
|
||
|
C:\Users\eyup\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\1bc9bbbe61f14501.customDestinations-ms (copy)
|
data
|
dropped
|
||
|
C:\Users\eyup\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\7PWLWPSW8J08303KX079.temp
|
data
|
dropped
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
52.113.194.132
|
unknown
|
United States
|
||
|
52.109.13.64
|
unknown
|
United States
|