| Name | 57cfa30bb860b95b_84fb0b56.dat |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\84FB0B56.dat |
| Size | 52.0B |
| Processes | 1108 (WINWORD.EXE) |
| Type | Targa image data - Map - RLE 5 x 65536 x 0 "\004" |
| MD5 | 07ffeff17a8a1a1209ab3c2690d569d4 |
| SHA1 | 37cb513fabddcdbbaa2e7296b31a4bc9832e1b01 |
| SHA256 | 57cfa30bb860b95b7012ed62427025959b671d270aaf67fc406fbc3c4f3c48d4 |
| CRC32 | 898B0AFD |
| ssdeep | 3:Vm1olpUktK0Xg/lrll0:MW6kK0XgtI |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 52daabeb35ba0789_~$normal.dotm |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\Microsoft\Templates\~$Normal.dotm |
| Size | 162.0B |
| Processes | 1108 (WINWORD.EXE) |
| Type | data |
| MD5 | f0737e8de4bb679b27fc1d36fcad0d2c |
| SHA1 | 777b2a49e05c0587a2253b874f65728c482fe2c6 |
| SHA256 | 52daabeb35ba07892775bda32cf8c4aabee4bc0201a8489a744c5f5b94013ccf |
| CRC32 | 84EE95CF |
| ssdeep | 3:yW2lWRdvL7YMlbK7lAll:y1lWnlxK7u |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | b3d510ef04275ca8_excludedictionaryen0409.lex |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\Microsoft\UProof\ExcludeDictionaryEN0409.lex |
| Size | 2.0B |
| Processes | 1108 (WINWORD.EXE) |
| Type | Little-endian UTF-16 Unicode text, with no line terminators |
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| CRC32 | 88F83096 |
| ssdeep | 3:Qn:Qn |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 7bd40c5357b81112_~$p description.docx |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\~$p description.docx |
| Size | 162.0B |
| Processes | 1108 (WINWORD.EXE) |
| Type | data |
| MD5 | dfda74a77f154b3c492b012ca0986d9c |
| SHA1 | 0ffa0e086d4405abe141fcbf296dccbd7c73eb6f |
| SHA256 | 7bd40c5357b81112e81fc1b13e11ede2e47c1a221f149b457c8bb0d0858b41ac |
| CRC32 | 06E8E99E |
| ssdeep | 3:yW2lWRdvL7YMlbK7lZunNWJkv/l:y1lWnlxK73tkX |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | a937ce47ec268ee2_~wrs{dc5d6f33-c5be-4507-9e4f-708e61d53fe3}.tmp |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{DC5D6F33-C5BE-4507-9E4F-708E61D53FE3}.tmp |
| Size | 4.1KB |
| Processes | 1108 (WINWORD.EXE) |
| Type | data |
| MD5 | 5f8afc2a1a892d4faed796e0ba71074b |
| SHA1 | 4cf7071a3326320e875a1cc26863cecea9bd2e70 |
| SHA256 | a937ce47ec268ee25fe07199da88bb404e3b9945126b5c5244b6a2d03a567640 |
| CRC32 | 11FD3E1B |
| ssdeep | 96:4xsxFsCAMj58jIsfdM+BECTFnLNSjBTQ1oLM:plAA5wItgSE1oLM |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 4826c0d860af884d_~wrs{49f0111d-868e-4fa0-b0e0-7477ab9be03f}.tmp |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{49F0111D-868E-4FA0-B0E0-7477AB9BE03F}.tmp |
| Size | 1.0KB |
| Processes | 1108 (WINWORD.EXE) |
| Type | data |
| MD5 | 5d4d94ee7e06bbb0af9584119797b23a |
| SHA1 | dbb111419c704f116efa8e72471dd83e86e49677 |
| SHA256 | 4826c0d860af884d3343ca6460b0006a7a2ce7dbccc4d743208585d997cc5fd1 |
| CRC32 | 23C03491 |
| ssdeep | 3:ol3lYdn:4Wn |
| Yara | None matched |
| VirusTotal | Search for analysis |