Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
VM From (937) 669-5620 On Tue March 21 2023.msg
|
CDFV2 Microsoft Outlook Message
|
initial sample
|
 |
|
|
C:\Users\alfredo\AppData\Local\Microsoft\FORMS\FRMDATA64.DAT
|
data
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Microsoft\Windows\INetCache\Content.Outlook\MJCCDA3Z\?? voice020320231-1_2 (002).htm:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
modified
|
||
|
C:\Users\alfredo\AppData\Local\Microsoft\Windows\INetCache\Content.Outlook\MJCCDA3Z\?? voice020320231-1_2.htm
|
HTML document, ASCII text, with very long lines (65491), with CRLF line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\Outlook Logging\OUTLOOK_16_0_13929_20386-20230321T0622590045-6600.etl
|
data
|
dropped
|
||
|
C:\Users\alfredo\AppData\Roaming\Microsoft\UProof\CUSTOM.DIC
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
modified
|
||
|
C:\Users\alfredo\Documents\Outlook Files\Outlook Data File - NoEmail.pst
|
data
|
dropped
|
||
|
Chrome Cache Entry: 119
|
ASCII text, with very long lines (1993)
|
downloaded
|
||
|
Chrome Cache Entry: 120
|
Web Open Font Format (Version 2), TrueType, length 78168, version 331.-31196
|
downloaded
|
||
|
Chrome Cache Entry: 121
|
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1864
|
downloaded
|
||
|
Chrome Cache Entry: 122
|
ASCII text, with very long lines (48664)
|
downloaded
|
||
|
Chrome Cache Entry: 123
|
ASCII text, with very long lines (32012)
|
downloaded
|
||
|
Chrome Cache Entry: 124
|
MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors
|
downloaded
|
||
|
Chrome Cache Entry: 125
|
ASCII text, with very long lines (60130)
|
downloaded
|
||
|
Chrome Cache Entry: 127
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 128
|
ASCII text, with very long lines (32061)
|
downloaded
|
||
|
Chrome Cache Entry: 129
|
ASCII text, with very long lines (26500)
|
downloaded
|
||
|
Chrome Cache Entry: 130
|
ASCII text, with very long lines (19015)
|
downloaded
|
||
|
Chrome Cache Entry: 131
|
ASCII text, with very long lines (65447)
|
downloaded
|
||
|
Chrome Cache Entry: 132
|
ASCII text, with very long lines (10594)
|
downloaded
|
||
|
Chrome Cache Entry: 134
|
ASCII text, with very long lines (32065)
|
downloaded
|
There are 11 hidden files, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
file:///C:/Users/alfredo/AppData/Local/Microsoft/Windows/INetCache/Content.Outlook/MJCCDA3Z/%E2%98%8E%EF%B8%8F%20voice020320231-1_2.htm#De8I7ldDVcQPzOZv5aKslOaTD0clGWhL05o2MOLPQHbd2USsywLu9tfBJHoJ5HhIZ9R2dyU0k8tbYb9kjimP7E1imnHHNf7S8cvXFGWlJMfMtn3I3LcpsEH2efmezVAKd5bslUT5UjerHfAMDdetvA7e1Y94r9mIP9PLBludJS2pithsfdfO3DT8uQNZkgetImpTEWa8NHUmS39gaLjxZoRKhzkOOX961eOtCiSP44lXySYGW6U5CWwBdbZ7LxNlFIxlci9rKUqkchuvP87nrQx32uT4hmLlOIT1dgFFrYJe=enquiries@healthtranslationsa.org.au
|
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
jsdelivr.map.fastly.net
|
151.101.1.229
|
||
|
tinyurl.com
|
172.67.1.225
|
||
|
accounts.google.com
|
216.58.212.141
|
||
|
cdnjs.cloudflare.com
|
104.17.24.14
|
||
|
mycustomerconnect.com
|
54.68.60.236
|
||
|
maxcdn.bootstrapcdn.com
|
104.18.10.207
|
||
|
www.google.com
|
172.217.18.4
|
||
|
part-0017.t-0009.fdv2-t-msedge.net
|
13.107.238.45
|
||
|
clients.l.google.com
|
142.250.185.174
|
||
|
clients2.google.com
|
unknown
|
||
|
ka-f.fontawesome.com
|
unknown
|
||
|
code.jquery.com
|
unknown
|
||
|
tquip.mycustomerconnect.com
|
unknown
|
||
|
cdn.jsdelivr.net
|
unknown
|
||
|
kit.fontawesome.com
|
unknown
|
There are 5 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
104.18.10.207
|
maxcdn.bootstrapcdn.com
|
United States
|
||
|
142.250.186.170
|
unknown
|
United States
|
||
|
52.109.88.193
|
unknown
|
United States
|
||
|
142.250.185.227
|
unknown
|
United States
|
||
|
172.64.169.22
|
unknown
|
United States
|
||
|
13.107.238.45
|
part-0017.t-0009.fdv2-t-msedge.net
|
United States
|
||
|
69.16.175.10
|
unknown
|
United States
|
||
|
142.250.186.132
|
unknown
|
United States
|
||
|
142.250.184.227
|
unknown
|
United States
|
||
|
104.17.24.14
|
cdnjs.cloudflare.com
|
United States
|
||
|
151.101.1.229
|
jsdelivr.map.fastly.net
|
United States
|
||
|
142.250.185.67
|
unknown
|
United States
|
||
|
34.104.35.123
|
unknown
|
United States
|
||
|
54.68.60.236
|
mycustomerconnect.com
|
United States
|
||
|
172.67.1.225
|
tinyurl.com
|
United States
|
||
|
142.250.185.138
|
unknown
|
United States
|
||
|
142.250.185.174
|
clients.l.google.com
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
52.109.8.45
|
unknown
|
United States
|
||
|
192.229.221.95
|
unknown
|
United States
|
||
|
216.58.212.141
|
accounts.google.com
|
United States
|
||
|
104.18.22.52
|
unknown
|
United States
|
||
|
52.109.76.141
|
unknown
|
United States
|
||
|
127.0.0.1
|
unknown
|
unknown
|
There are 14 hidden IPs, click here to show them.