| Name | 3baadc49c95799d6_centraltable.accdb |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Office\15.0\OfficeFileCache\CentralTable.accdb |
| Size | 472.0KB |
| Processes | 652 (WINWORD.EXE) |
| Type | Microsoft Access Database |
| MD5 | 9968d551b96c4eac720f0f77b3dac8d1 |
| SHA1 | 40c6502fc0541eb1ebe9c885ddb389c895018024 |
| SHA256 | 3baadc49c95799d633d4925733d690091a3e4323dc78286d2a1aafd153a2a1fe |
| CRC32 | 858DABC0 |
| ssdeep | 384:YGQVmpJujISF+I7ITwuRpkvjbus8NG4mVZO4F/Z:bLJCTL7Kwu0PWGFXZ |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | def1c960dccb368c_fsd-{235ec4de-3896-4433-9cef-0f692fb2a083}.fsd |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Office\15.0\OfficeFileCache\LocalCacheFileEditManager\FSD-{235EC4DE-3896-4433-9CEF-0F692FB2A083}.FSD |
| Size | 128.0KB |
| Processes | 652 (WINWORD.EXE) |
| Type | data |
| MD5 | 167142bbf9350031776b432b858d2681 |
| SHA1 | 9ad053f8a32de868b0c689bea60a496dee30fc48 |
| SHA256 | def1c960dccb368c44333d84613639ce514a2cf42e0850e31abe4161741979fe |
| CRC32 | B8027216 |
| ssdeep | 48:I3EEFBuVsbl4sYiJyFMUV7z7mJhdw1K1:KjfumJRBKlPk |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | b066102429799dc4_~wrs{ab034307-da36-49fc-9139-fee3cc5c54a4}.tmp |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{AB034307-DA36-49FC-9139-FEE3CC5C54A4}.tmp |
| Size | 1.8KB |
| Processes | 652 (WINWORD.EXE) |
| Type | data |
| MD5 | af0e64454188a062b3c2a7e70376b186 |
| SHA1 | 0dee9a2ba4fa145154f77d96eaf1e637f702af13 |
| SHA256 | b066102429799dc45eb99d10130251672ff12d2c985ec5e5e48441e6d56b423f |
| CRC32 | AB025B2F |
| ssdeep | 12:Fbb2cYd4llakuHrkRGZS81G9q8w8ZCLXBBtP+6:FbbVY+0Jo8LLLXRb |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | a3cce0204b61f85d_~$normal.dotm |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\Microsoft\Templates\~$Normal.dotm |
| Size | 162.0B |
| Processes | 652 (WINWORD.EXE) |
| Type | data |
| MD5 | 35173197686f32948a0b0f022f49c8e2 |
| SHA1 | 699c80a1f4f07a5676fd04fcb65d1b2f4823cb35 |
| SHA256 | a3cce0204b61f85d812f5e7a5603d4af8d10289bba68c03fdcbcbf3930299f1e |
| CRC32 | 97A68B3D |
| ssdeep | 3:yW2lWRd3EdW6L7EszJK7aeEcIt8EhmfG:y1lWjOWmYwK7aeu8I |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | eaf9cdc741596275_centraltable.ini |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Office\15.0\OfficeFileCache\CentralTable.ini |
| Size | 36.0B |
| Processes | 652 (WINWORD.EXE) |
| Type | data |
| MD5 | 1f830b53ca33a1207a86ce43177016fa |
| SHA1 | bdf230e1f33afba5c9d5a039986c6505e8b09665 |
| SHA256 | eaf9cdc741596275e106dddcf8aba61240368a8c7b0b58b08f74450d162337ef |
| CRC32 | BA4496DE |
| ssdeep | 3:5NixJlElGUR:WrEcUR |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | e73d9fab37cd6bf9_centraltable.laccdb |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Office\15.0\OfficeFileCache\CentralTable.laccdb |
| Size | 128.0B |
| Processes | 652 (WINWORD.EXE) 2240 (MSOSYNC.EXE) |
| Type | data |
| MD5 | 0c2be3153a6602550b658e4bb5f073d5 |
| SHA1 | 3fe515761d3c3744fcb12b10de15e0d94ed36ba9 |
| SHA256 | e73d9fab37cd6bf9f8a66e6de08e8178a7d5b5d7ee7bd314f7a25132b17ec5f8 |
| CRC32 | D05CFEE4 |
| ssdeep | 3:IkFafOkFaV:zQu |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 4826c0d860af884d_~wrs{be4cdfd2-8279-41d0-b946-07cb50716005}.tmp |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{BE4CDFD2-8279-41D0-B946-07CB50716005}.tmp |
| Size | 1.0KB |
| Processes | 652 (WINWORD.EXE) |
| Type | data |
| MD5 | 5d4d94ee7e06bbb0af9584119797b23a |
| SHA1 | dbb111419c704f116efa8e72471dd83e86e49677 |
| SHA256 | 4826c0d860af884d3343ca6460b0006a7a2ce7dbccc4d743208585d997cc5fd1 |
| CRC32 | 23C03491 |
| ssdeep | 3:ol3lYdn:4Wn |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 17e2ef7b37219097_~$demo.dotx |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\~$Demo.dotx |
| Size | 162.0B |
| Processes | 652 (WINWORD.EXE) |
| Type | data |
| MD5 | d955956c875d112cf3ac1578b7f708fb |
| SHA1 | 23fcec628ebfc67760a3a3afdf235785766ac126 |
| SHA256 | 17e2ef7b3721909714f3893e8419f47180d64f67fa5df28fc6e8ddc8877e38b3 |
| CRC32 | 2599AA2B |
| ssdeep | 3:yW2lWRd3EdW6L7EszJK7aeEcIt8Ehmd4lll:y1lWjOWmYwK7aeu84l |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 959ce0374e2c447e_fsd-cnry.fsd |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Office\15.0\OfficeFileCache\LocalCacheFileEditManager\FSD-CNRY.FSD |
| Size | 128.0KB |
| Processes | 652 (WINWORD.EXE) |
| Type | data |
| MD5 | 8897fca138615198c4b2c7895cdf56a1 |
| SHA1 | 5d551c977b16b19c75b279248f43b0ca49c4b1a7 |
| SHA256 | 959ce0374e2c447edddc2fe691059bc9be264f026813d547fc7ec3382000c057 |
| CRC32 | 4D924885 |
| ssdeep | 48:I33FBBH7umJ6lfup+fEI+GtxhooH9/2sb1Kr3d4Lj4vXv:KVbb5J6lm4MK/R83d4Lj4f |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 3c55d4b588c3564d_fsf-{0e1eee64-e8c6-4e2a-9759-63cf07fd8988}.fsf |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Office\15.0\OfficeFileCache\LocalCacheFileEditManager\FSF-{0E1EEE64-E8C6-4E2A-9759-63CF07FD8988}.FSF |
| Size | 114.0B |
| Processes | 652 (WINWORD.EXE) |
| Type | data |
| MD5 | 9088fcb42964214344dbfa8eef7275dd |
| SHA1 | a707a53ff7ccde3ee197ad9dc33c5803433ffdd2 |
| SHA256 | 3c55d4b588c3564d442dff8d1a72155afbc233f68154ba7f62fe903f3a3edded |
| CRC32 | EECF2CCE |
| ssdeep | 3:yVlgsRlzSVl8aI47otGlLlXlsVECjl276:yPblzelS4UMlL86g22 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 5343bd9875876a4f_fsd-cnry.fsd |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Office\15.0\OfficeFileCache\FSD-CNRY.FSD |
| Size | 128.0KB |
| Processes | 652 (WINWORD.EXE) |
| Type | data |
| MD5 | ed145066700cf2f5e33c2e6ced4308fb |
| SHA1 | e8d2decbf8a3423d4e7858242f06b9d6f3626d87 |
| SHA256 | 5343bd9875876a4f7f248837628e39ad1aeeee539129ac6b056bbb74ef0d4749 |
| CRC32 | 5B7FD7C4 |
| ssdeep | 48:I3mBVZeju7sd8U0ytrIXpSusDSLr3YknyDnNOhkDnNOh:KOneK4d8HkuCSX3fiQgQ |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 88454e73f6ff7add_html[1].hta |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTY94C7J\HTML[1].hta |
| Size | 164.6KB |
| Processes | 652 (WINWORD.EXE) |
| Type | HTML document, Little-endian UTF-16 Unicode text, with very long lines, with CRLF line terminators |
| MD5 | 983e6b8aa3297cb348097d6df0e51e3a |
| SHA1 | 193a92708b2591397ebc706511f817e3ab069322 |
| SHA256 | 88454e73f6ff7add5733d4925d26d3102df75c0b86a354c7b185475441597fe2 |
| CRC32 | 2EF9B682 |
| ssdeep | 3072:S1QvI2X1Kwu7U1t66r+BBBT1BTQbQOQKQ+QSQHQrQhQ7QxQgQEQNQmQLQ8QyQBQO:SuHFiU68H4V4N4x4f4n4w4L4SQX2eq2E |
| Yara | None matched |
| VirusTotal | Search for analysis |