| Name | 5aa8ffc4da1066dd_xenyl.xlt.url |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\Microsoft\Office\Recent\xenyl.xlt.url |
| Size | 67.0B |
| Processes | 1896 (WINWORD.EXE) |
| Type | MS Windows 95 Internet shortcut text (URL=<https://officeproductupdate.com/xenyl.xlt>), ASCII text, with CRLF line terminators |
| MD5 | 915f8ae105c778e9aac18591b1bf9d23 |
| SHA1 | d9b56cc661f73df2fe5a288483901c690f81c7f0 |
| SHA256 | 5aa8ffc4da1066dd5024aade28186e7c3f00a9d313640125d594da76f1cfedd2 |
| CRC32 | 72878BA6 |
| ssdeep | 3:HRAbABGQYm2fiQGAEQpZtASLRovn:HRYFVm4iQGAEQuGovn |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 011d87d9764a93f7_officeproductupdate.com.url |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\Microsoft\Office\Recent\officeproductupdate.com.url |
| Size | 58.0B |
| Processes | 1896 (WINWORD.EXE) |
| Type | MS Windows 95 Internet shortcut text (URL=<https://officeproductupdate.com/>), ASCII text, with CRLF line terminators |
| MD5 | cf242f62774219ed8bc581509ccbf250 |
| SHA1 | 5b837aff96aaaf8c22f6dcea6a26b016f8ed3852 |
| SHA256 | 011d87d9764a93f7253271413ddee7a04faeb1911c814644e2e838944432cdbd |
| CRC32 | F19A7307 |
| ssdeep | 3:HRAbABGQYm2fiQGAEQpZYvn:HRYFVm4iQGAEQcvn |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | c4a1c2dc6c7a9f7a_fsd-cnry.fsd |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Office\15.0\OfficeFileCache\LocalCacheFileEditManager\FSD-CNRY.FSD |
| Size | 128.0KB |
| Processes | 1896 (WINWORD.EXE) |
| Type | data |
| MD5 | 0c39c80059f6c3f409d1fe5e104dcc5b |
| SHA1 | ca40db0a43fbe95081faf38f56ee1704d9fe66f2 |
| SHA256 | c4a1c2dc6c7a9f7ada4320cb653d92825d6c59c51e2d6a1d7618331dba0b0f21 |
| CRC32 | D678200A |
| ssdeep | 192:RKZ6tmCaft8phjXK76Nb3Lsz7VIIVp6AiNwYbHbHo4UoU2umj9HbHo4UoU2umj:I5TcXjLj |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 2e4a075ec8d41cc7_~$я руководства в работе.doc |
|---|---|
| Size | 162.0B |
| Type | data |
| MD5 | fb0dcd4b6067f758a297aa626e032553 |
| SHA1 | 1e377093afb326b675c8cbe772e9b10f73498746 |
| SHA256 | 2e4a075ec8d41cc762b754103d64a28f7f49c534139c6897752de93413f10669 |
| CRC32 | 4C912262 |
| ssdeep | 3:yW2lWRdB/SloW6L7+pTK7bVN2HItMNlNYHhF1tl:y1lWFWoWmOTK7/DMNnYHTF |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 001506920bc86bb0_fsd-{a6381347-9d24-4c40-877a-b32500f1916f}.fsd |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Office\15.0\OfficeFileCache\LocalCacheFileEditManager\FSD-{A6381347-9D24-4C40-877A-B32500F1916F}.FSD |
| Size | 128.0KB |
| Processes | 1896 (WINWORD.EXE) |
| Type | data |
| MD5 | 5cc94211c07ea880efc9a2a21e66de34 |
| SHA1 | 2503758f86ffa8b1ea4013016a371f87f325b4ec |
| SHA256 | 001506920bc86bb0f26525690f85ec6e887c06a02088af0ae2898d0df52f2008 |
| CRC32 | 3333D617 |
| ssdeep | 24:I3GRbaM0B3cLMlrSTYTTO4msUmcT1HwMKrkXMGYc/iM7lM7xdDaMnm4zl+eGhQlh:I3NB9ZEp7KOVe3Tn7z7aQlfSpS |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | eaf9cdc741596275_centraltable.ini |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Office\15.0\OfficeFileCache\CentralTable.ini |
| Size | 36.0B |
| Processes | 1896 (WINWORD.EXE) |
| Type | data |
| MD5 | 1f830b53ca33a1207a86ce43177016fa |
| SHA1 | bdf230e1f33afba5c9d5a039986c6505e8b09665 |
| SHA256 | eaf9cdc741596275e106dddcf8aba61240368a8c7b0b58b08f74450d162337ef |
| CRC32 | BA4496DE |
| ssdeep | 3:5NixJlElGUR:WrEcUR |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 47b811decc714e02_~$normal.dotm |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\Microsoft\Templates\~$Normal.dotm |
| Size | 162.0B |
| Processes | 1896 (WINWORD.EXE) |
| Type | data |
| MD5 | 437f58cc6078ba2f66da93749a8fff9e |
| SHA1 | 31b595fd8c48b532b9b07f5bb36326dbb9b8eb2b |
| SHA256 | 47b811decc714e026bf09d09b5dd76c40f59ea9b2a1f5211feaf27a3e71d4b1d |
| CRC32 | 917BF162 |
| ssdeep | 3:yW2lWRdB/SloW6L7+pTK7bVN2HItMNlNYHh96n:y1lWFWoWmOTK7/DMNnYHr6 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | e73d9fab37cd6bf9_centraltable.laccdb |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Office\15.0\OfficeFileCache\CentralTable.laccdb |
| Size | 128.0B |
| Processes | 1896 (WINWORD.EXE) 292 (MSOSYNC.EXE) |
| Type | data |
| MD5 | 0c2be3153a6602550b658e4bb5f073d5 |
| SHA1 | 3fe515761d3c3744fcb12b10de15e0d94ed36ba9 |
| SHA256 | e73d9fab37cd6bf9f8a66e6de08e8178a7d5b5d7ee7bd314f7a25132b17ec5f8 |
| CRC32 | D05CFEE4 |
| ssdeep | 3:IkFafOkFaV:zQu |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 69eb3489582c7598_centraltable.accdb |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Office\15.0\OfficeFileCache\CentralTable.accdb |
| Size | 472.0KB |
| Processes | 1896 (WINWORD.EXE) |
| Type | Microsoft Access Database |
| MD5 | 80093a060431678f43ee7578ae08a3fe |
| SHA1 | 29a748f3e761f04bc37ff28fbd2938ca91cedae4 |
| SHA256 | 69eb3489582c7598b9a2b2fd2ae249c79ac0ba96c847511e7fbe1da5c29da3ef |
| CRC32 | 4553F459 |
| ssdeep | 384:kGJCwLJrQ11ISFLI7ITRu1F+s/kd5NZYmVZO4F+Z:vJ59rwTs7KRuGbjZl2Z |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 8106fe1307089793_xenyl[1].doc |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTY94C7J\xenyl[1].doc |
| Size | 41.0B |
| Processes | 1896 (WINWORD.EXE) |
| Type | Rich Text Format data, version 1, unknown character set |
| MD5 | d20d7446a38b63cc1081e10f3c5f335f |
| SHA1 | b9b464359c31bd745c8e64363791f3edbf40cf1d |
| SHA256 | 8106fe1307089793d8c59a1eb93ee36c644f7859433a3b3cd251df3c07ac1e37 |
| CRC32 | 476EEAB3 |
| ssdeep | 3:gODMRRftwhnArn:Iftwton |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 3a1b016995dab2a5_fsf-{0e1eee64-e8c6-4e2a-9759-63cf07fd8988}.fsf |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Office\15.0\OfficeFileCache\LocalCacheFileEditManager\FSF-{0E1EEE64-E8C6-4E2A-9759-63CF07FD8988}.FSF |
| Size | 114.0B |
| Processes | 1896 (WINWORD.EXE) |
| Type | data |
| MD5 | ce95a29e2b1559254a27d5eb8fda473e |
| SHA1 | e5f6cc3795df8c7f215342fb6d8b12a654711126 |
| SHA256 | 3a1b016995dab2a50e57919a9a72cb4ee29a3283ffe5eca53fe6a97db538aac4 |
| CRC32 | 467EB829 |
| ssdeep | 3:yVlgsRlzI+KWlD6h38RlCWdIlW4gzq3g276:yPblzBIh8DtSdF3g22 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 4826c0d860af884d_~wrs{1a3a6883-ea14-494b-bb37-f5097f05093c}.tmp |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{1A3A6883-EA14-494B-BB37-F5097F05093C}.tmp |
| Size | 1.0KB |
| Processes | 1896 (WINWORD.EXE) |
| Type | data |
| MD5 | 5d4d94ee7e06bbb0af9584119797b23a |
| SHA1 | dbb111419c704f116efa8e72471dd83e86e49677 |
| SHA256 | 4826c0d860af884d3343ca6460b0006a7a2ce7dbccc4d743208585d997cc5fd1 |
| CRC32 | 23C03491 |
| ssdeep | 3:ol3lYdn:4Wn |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 42ab9021bbfa801a_fsd-cnry.fsd |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Office\15.0\OfficeFileCache\FSD-CNRY.FSD |
| Size | 128.0KB |
| Processes | 1896 (WINWORD.EXE) |
| Type | data |
| MD5 | b75905c5cf2a17631618665b90b3ef38 |
| SHA1 | 5e7e04541b4ee99527ff262dd4efe1ce27283a67 |
| SHA256 | 42ab9021bbfa801a2533f830081ea318656548574b3fd23d9885589495e85bed |
| CRC32 | 0D320729 |
| ssdeep | 48:I3TBahwkgAjsVjYv2adU/JEbQ6YZazfpQx9SJXS2Pnz0wypr3yMuM2uLog4wXoD4:KtahwQldU/JEbllfz0713v |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 7b39a4b3c7a25a32_index.dat |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\Microsoft\Office\Recent\index.dat |
| Size | 134.0B |
| Processes | 1896 (WINWORD.EXE) |
| Type | ASCII text, with CRLF line terminators |
| MD5 | 5be537fb0d30bf8604259ceddcae00de |
| SHA1 | 57099fd40f025db373a8bb3b226be8be0b99ff76 |
| SHA256 | 7b39a4b3c7a25a32896c3dfc048e84c56de46dbbfd212bc1d616e6ca9837464c |
| CRC32 | 5C53F182 |
| ssdeep | 3:bDuMJlwcXAlWCSPVQpZnS6MWqJHp6rp2mivoJRLK4y:bCkAkpQjSE9Ge9y |
| Yara | None matched |
| VirusTotal | Search for analysis |