| Name | f747ad74c93408ec_3uzfifzw.txt |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\Microsoft\Windows\Cookies\3UZFIFZW.txt |
| Size | 121.0B |
| Processes | 2552 (WINWORD.EXE) |
| Type | ASCII text |
| MD5 | 06aaa1b0ec1934f0624ca8125af68d7b |
| SHA1 | 8e7427e3b29281259368125a378f5dc7a1b21956 |
| SHA256 | f747ad74c93408eceff1193266d504e8884792e532d5246def09e1eac405d1f1 |
| CRC32 | 6F063DC8 |
| ssdeep | 3:YLyAIWRo6KLDtRXMVABAVyKfUQ2btGAE7QVvTPp/n:4yA9e3XVGVWXbt1YA7Px |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 019c4882ab7efc80_~$cument 896885.doc |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\~$cument 896885.doc |
| Size | 162.0B |
| Processes | 2552 (WINWORD.EXE) |
| Type | data |
| MD5 | a5b6857b04ed0b356d86dbdb61692b4d |
| SHA1 | c272b909ee24254048994348c82cc362502bc803 |
| SHA256 | 019c4882ab7efc80769fa3ec6c1359bc608738f8a9adf47c96e6a54ba8d600eb |
| CRC32 | 11ABDA8A |
| ssdeep | 3:yW2lWRdvL7YMlbK7lhZK0Uct:y1lWnlxK7Ract |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 96bcec06264976f3_2d85f72862b55c4eadd9e66e06947f3d |
|---|---|
| Filepath | C:\Users\test22\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\2D85F72862B55C4EADD9E66E06947F3D |
| Size | 1.4KB |
| Processes | 2552 (WINWORD.EXE) |
| Type | data |
| MD5 | 0cd2f9e0da1773e9ed864da5e370e74e |
| SHA1 | cabd2a79a1076a31f21d253635cb039d4329a5e8 |
| SHA256 | 96bcec06264976f37460779acf28c5a7cfe8a3c0aae11a8ffcee05c0bddf08c6 |
| CRC32 | 65E5A5B2 |
| ssdeep | 24:ooVdTH2NMU+I3E0Ulcrgdaf3sWrATrnkC4EmCUkmGMkfQo1fSZotWzD1:ooVguI3Kcx8WIzNeCUkJMmSuMX1 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | a114d96183f418a8_~wrs{e552cbb9-3515-42f5-8a9e-77a445de2617}.tmp |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{E552CBB9-3515-42F5-8A9E-77A445DE2617}.tmp |
| Size | 1.5KB |
| Processes | 2552 (WINWORD.EXE) |
| Type | data |
| MD5 | 902ba74cc36d354d3741fcbf3483d3cc |
| SHA1 | 46aadbceb8ad2becce10e52e98acbe7924b9ff9f |
| SHA256 | a114d96183f418a8d234648a7345dabfdc7c0ba2a978be209dbd8cbab9867ce8 |
| CRC32 | 4C42F7C3 |
| ssdeep | 6:IiiiiiiiiiE/bYflo3dc8++ZYSySkssqA1+tKHyl9:S/XtG+aSpk1j1+tKHyn |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 5198fa0f5db0645b_~$normal.dotm |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\Microsoft\Templates\~$Normal.dotm |
| Size | 162.0B |
| Processes | 2552 (WINWORD.EXE) |
| Type | data |
| MD5 | 8eb7ef27966ff233cf87b14b723ff88a |
| SHA1 | 8c0734adcb7a05ccf6d588c3a11749fd6c902126 |
| SHA256 | 5198fa0f5db0645b75383f7ff4a2a183b1233d88fa1585d3b72289901f4338ae |
| CRC32 | 8D0535B5 |
| ssdeep | 3:yW2lWRdvL7YMlbK7l0:y1lWnlxK7S |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 200819a7dc749285_2d85f72862b55c4eadd9e66e06947f3d |
|---|---|
| Filepath | C:\Users\test22\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\2D85F72862B55C4EADD9E66E06947F3D |
| Size | 192.0B |
| Processes | 2552 (WINWORD.EXE) |
| Type | data |
| MD5 | f3d41e9c13fca24545846c0b80d71333 |
| SHA1 | c9a7acebfdae318bf2cb9add81e5f51b60d17d7f |
| SHA256 | 200819a7dc74928549015d1943b0e4a10bc3a73bd7bb0afd18b71f1fdbba2c71 |
| CRC32 | EE043C92 |
| ssdeep | 3:kkFkl31REltfllXlE/HT8k+mvNNX8RolJuRdxLlGB9lQRYwpDdt:kKveT8ONMa8RdWBwRd |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 4826c0d860af884d_~wrs{bfb6cb33-d795-45a3-83f9-e6d7f4190124}.tmp |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{BFB6CB33-D795-45A3-83F9-E6D7F4190124}.tmp |
| Size | 1.0KB |
| Processes | 2552 (WINWORD.EXE) |
| Type | data |
| MD5 | 5d4d94ee7e06bbb0af9584119797b23a |
| SHA1 | dbb111419c704f116efa8e72471dd83e86e49677 |
| SHA256 | 4826c0d860af884d3343ca6460b0006a7a2ce7dbccc4d743208585d997cc5fd1 |
| CRC32 | 23C03491 |
| ssdeep | 3:ol3lYdn:4Wn |
| Yara | None matched |
| VirusTotal | Search for analysis |