| Name | 3f547687e9c89f5b_~wrs{27863006-7d21-4dc0-a0a1-b6a3d45fffaa}.tmp |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{27863006-7D21-4DC0-A0A1-B6A3D45FFFAA}.tmp |
| Size | 39.8KB |
| Processes | 2552 (WINWORD.EXE) |
| Type | data |
| MD5 | 95849f8d7a319cc918834a5725b0da7d |
| SHA1 | a648e1a11b4bab9fb0285003baa3b6e46c9e605b |
| SHA256 | 3f547687e9c89f5b9eb9540c1de85410b1abcc4977bd9a87eb3d1c539fe7d342 |
| CRC32 | DE1F3473 |
| ssdeep | 768:WnZiEE39UIsSaLaOv4wjOdawLjr1WdjOYRUS68V9+0aCDj3EEMR1uJ:WnZa3iVSaLaOv4wjOdFPEdjOX8VkrCDN |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | b3d510ef04275ca8_excludedictionaryen0409.lex |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\Microsoft\UProof\ExcludeDictionaryEN0409.lex |
| Size | 2.0B |
| Processes | 2552 (WINWORD.EXE) |
| Type | Little-endian UTF-16 Unicode text, with no line terminators |
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| CRC32 | 88F83096 |
| ssdeep | 3:Qn:Qn |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | c08aabaf1b358795_~$w_recovery_tool_to_help_with_crowdstrike_issue_impacting_windows.docm |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\~$w_Recovery_Tool_to_help_with_CrowdStrike_issue_impacting_Windows.docm |
| Size | 162.0B |
| Processes | 2552 (WINWORD.EXE) |
| Type | data |
| MD5 | 8eaf2c8f5ea34b3b5c7fa888490d54ba |
| SHA1 | c8325bc276b480f765ea4714b780cae7f4cac778 |
| SHA256 | c08aabaf1b358795aa5e0252a27f12f360803e19a1904233714fd31e6cec214d |
| CRC32 | 3BC40096 |
| ssdeep | 3:yW2lWRdvL7YMlbK7lhZ2nAkcl:y1lWnlxK7Rdk |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name |
e3b0c44298fc1c14_cerF56C.tmp
Empty file or file not found
|
|---|---|
| Filepath | C:\Windows\cerF56C.tmp |
| Size | 0.0B |
| Type | empty |
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| CRC32 | 00000000 |
| ssdeep | 3:: |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 818ac9d3621dd802_~$normal.dotm |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\Microsoft\Templates\~$Normal.dotm |
| Size | 162.0B |
| Processes | 2552 (WINWORD.EXE) |
| Type | data |
| MD5 | ee32490f318ff4e444547a5f83870e80 |
| SHA1 | 09f2ae32c5f293e2ad8ab9eef34b353b0f27362c |
| SHA256 | 818ac9d3621dd80293562e5769e503579c6e9fe996e67c6145f7984c532d2f9b |
| CRC32 | 1A78502A |
| ssdeep | 3:yW2lWRdvL7YMlbK7lznXl:y1lWnlxK7 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 4826c0d860af884d_~wrs{bfb6cb33-d795-45a3-83f9-e6d7f4190124}.tmp |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{BFB6CB33-D795-45A3-83F9-E6D7F4190124}.tmp |
| Size | 1.0KB |
| Processes | 2552 (WINWORD.EXE) |
| Type | data |
| MD5 | 5d4d94ee7e06bbb0af9584119797b23a |
| SHA1 | dbb111419c704f116efa8e72471dd83e86e49677 |
| SHA256 | 4826c0d860af884d3343ca6460b0006a7a2ce7dbccc4d743208585d997cc5fd1 |
| CRC32 | 23C03491 |
| ssdeep | 3:ol3lYdn:4Wn |
| Yara | None matched |
| VirusTotal | Search for analysis |