5280edad...d81e | Files
Logo
Try VMRay Analyzer
VTI SCORE: 93/100
Dynamic Analysis Report
Classification: Riskware, Wiper, Pua, Ransomware

5280edad1dcecca9b0542556a775961bc620c31a06f2fe6383792a6f300ed81e (SHA256)

winhost.exe

Windows Exe (x86-32)

Created at 2019-01-19 11:52:00

...

Notifications (2/5)

Some extracted files may be missing in the report since the total file extraction size limit was reached during the analysis. You can increase the limit in the configuration settings.

Some extracted files may be missing in the report since the maximum number of extracted files was reached during the analysis. You can increase the limit in the configuration settings.

The maximum number of reputation file hash requests (20 per analysis) was exceeded. As a result, the reputation status could not be queried for all file hashes. In order to get the reputation status for all file hashes, please increase the 'Max File Hash Requests' setting in the system configurations.

Code overwrite was observed during this analysis. Note that the analysis results may be affected by this modification by the sample.

The operating system was rebooted during the analysis.

Remarks

Some extracted files may be missing in the report since the total file extraction size limit was reached during the analysis. You can increase the limit in the configuration settings.

Some extracted files may be missing in the report since the maximum number of extracted files was reached during the analysis. You can increase the limit in the configuration settings.

The maximum number of reputation file hash requests (20 per analysis) was exceeded. As a result, the reputation status could not be queried for all file hashes. In order to get the reputation status for all file hashes, please increase the 'Max File Hash Requests' setting in the system configurations.

Filters:
Filename Category Type Severity Actions
C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\winhost.exe Sample File Binary
Suspicious
...
»
Also Known As C:\Windows\System32\winhost.exe (Created File)
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\winhost.exe (Created File)
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\winhost.exe (Created File)
Mime Type application/x-dosexec
File Size 1.94 MB
MD5 0abf20f96310971d6d283016da547225 Copy to Clipboard
SHA1 e2d317eca0ce8767ed73bef5e05d233c28f47d95 Copy to Clipboard
SHA256 5280edad1dcecca9b0542556a775961bc620c31a06f2fe6383792a6f300ed81e Copy to Clipboard
SSDeep 49152:s6oJh3BEs5tKQoRffT2r5b3Mx+fqheqVlwLeY/iGNNC:sj/3BEs+nqr132GqheIwLUG2 Copy to Clipboard
ImpHash 2eabe9054cad5152567f0699947a2c5b Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
File Reputation Information
»
Severity
Suspicious
First Seen 2019-01-19 10:06 (UTC+1)
Last Seen 2019-01-19 10:28 (UTC+1)
Names Win32.PUA.Agen
Families Agen
Classification Pua
PE Information
»
Image Base 0x400000
Entry Point 0x8fb000
Size Of Code 0x56c00
Size Of Initialized Data 0x35e00
File Type executable
Subsystem windows_gui
Machine Type i386
Compile Timestamp 1992-01-27 00:38:55+00:00
Sections (6)
»
Name Virtual Address Virtual Size Raw Data Size Raw Data Offset Flags Entropy
0x401000 0x6e000 0x30000 0x1000 cnt_initialized_data, mem_execute, mem_read, mem_write 7.98
.rsrc 0x46f000 0x22dd8 0x19e00 0x31000 cnt_initialized_data, mem_read, mem_write 7.87
.idata 0x492000 0x1000 0x200 0x4ae00 cnt_initialized_data, mem_read, mem_write 1.14
0x493000 0x2c2000 0x200 0x4b000 cnt_initialized_data, mem_execute, mem_read, mem_write 0.26
iirxahhx 0x755000 0x1a6000 0x1a5800 0x4b200 cnt_initialized_data, mem_execute, mem_read, mem_write 7.95
qwkkawqz 0x8fb000 0x1000 0x600 0x1f0a00 cnt_initialized_data, mem_execute, mem_read, mem_write 7.03
Imports (1)
»
kernel32.dll (1)
»
API Name Ordinal IAT Address Thunk RVA Thunk Offset Hint
lstrcpy 0x0 0x49203e 0x92036 0x4ae36 0x0
Icons (1)
»
C:\MSOCache\All Users\{90140000-0044-0409-1000-0000000FF1CE}-C\InfoPathMUI.xml.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Unknown
...
»
Mime Type application/octet-stream
File Size 1.44 KB
MD5 89e33df2af84c61c5520b6968d44cf09 Copy to Clipboard
SHA1 5cc5c5f653f17ef6c7b94f19950abff28f53a118 Copy to Clipboard
SHA256 52add4d6153cb3bd1b8baccdfd02158bf2a35b4ae8a714f9d978ca8e9d3bc625 Copy to Clipboard
SSDeep 24:6L1DW2YeoOJxSKKJkCBAcMH3C/FgyfpyFp5DTC9QoFioZorHCekkRp+uu:6L1DWRe7JVXXCa8pej5SPu7CekkRRu Copy to Clipboard
C:\MSOCache\All Users\{90140000-0019-0409-1000-0000000FF1CE}-C\Setup.xml.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Unknown
...
»
Mime Type application/octet-stream
File Size 1.80 KB
MD5 30701f1c8ebc43cd2c20a821fb084dfd Copy to Clipboard
SHA1 1a3ddb78291466ffd03520dd980228aa366969de Copy to Clipboard
SHA256 0216dcdec769ad0d698e7075278dcd4fe0f79e4f10562f3881f19708273464d0 Copy to Clipboard
SSDeep 48:sjkeuB92WraQD5fc3ir6nwzCWcLcONXo3olPpZRRq:shujVrhd6ie+CWc7NXo3ypZRk Copy to Clipboard
C:\Boot\BOOTSTAT.DAT.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Unknown
...
»
Mime Type application/octet-stream
File Size 64.25 KB
MD5 3c97ae64ad4640e89fd205b61fa516d1 Copy to Clipboard
SHA1 06e29cc1e5e57fb4d98ef65081ab36bf1ff029a2 Copy to Clipboard
SHA256 1d7be6daf2aa4b94a8ba25cd132380c2dc2532ce89a305f872de19af62b5163f Copy to Clipboard
SSDeep 1536:FVrVOqNTw0KfeBewE2eSlKQ8s67BN0QqiUxFrssJuRNchgV2esFn9j:lNTw0h2BPQ8s24p4wPJx Copy to Clipboard
C:\MSOCache\All Users\{91140000-0057-0000-1000-0000000FF1CE}-C\Office32WW.xml.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Unknown
...
»
Mime Type application/octet-stream
File Size 4.42 KB
MD5 a1e5c3c13b5e48ad3220f13a4786473d Copy to Clipboard
SHA1 ce14d885ac6465150410160e2dc7cadde58b52ff Copy to Clipboard
SHA256 d2d1f23249adebbc22cdb733695d64865504f7f301fc1a73284a42cdbb4cc896 Copy to Clipboard
SSDeep 96:R4/ggy1fosCqVmjJfeUydoNTTXoE1B8WvMYP8Fk39TtkJ7/oyRi:R4/gxfIqPdoF71BbvMOr39ujoSi Copy to Clipboard
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proof.es\Proof.xml.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Unknown
...
»
Mime Type application/octet-stream
File Size 1.66 KB
MD5 a5c78836ab7a6231097b60ea73974181 Copy to Clipboard
SHA1 d8be07bc909cfe56a766ce1bf6be116097abae50 Copy to Clipboard
SHA256 bb7cdb5a6f68e642911ff6962368b8472c4192dd011836cb87b34f37bc257f60 Copy to Clipboard
SSDeep 48:sZ/BCQAkjnWWn5jcI8vmvdXpKdcgFiuj8ERRq:sdqdWn5fQmvNAdFQvERk Copy to Clipboard
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proof.en\Proof.cab.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Unknown
...
»
Mime Type application/octet-stream
File Size 10.00 MB
MD5 052b4a3aaf24e1879297e0f1408c7662 Copy to Clipboard
SHA1 ccf2d2087988828f8117c27f1ec3ccaf4b5b926d Copy to Clipboard
SHA256 6c23fd16b44e1eefdf52ac7ad99a1fc46a9b4b3e77c6643dd26d1ad79a2d1021 Copy to Clipboard
SSDeep 196608:Vf1gRyjQR9g8YYIcjfXontQdQGzFZaGkGdN7p06H1JX/WanfW/OIV0h:V1WbR9YY5AJGBZWGRz1kaza0h Copy to Clipboard
C:\MSOCache\All Users\{90140000-00BA-0409-1000-0000000FF1CE}-C\Setup.xml.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Unknown
...
»
Mime Type application/octet-stream
File Size 1.65 KB
MD5 e8c9c8052936b3772f89579f36f83d7a Copy to Clipboard
SHA1 62021c0d6a4dd1ae0968057cd9c6c520cdf876f4 Copy to Clipboard
SHA256 f0258434b2928ab607f4f7385689a162ec0f4154a64bc5b676c42651581b0382 Copy to Clipboard
SSDeep 48:TakfTiazh1tjP+2f7KB3hbTv7odRJhRRq:PfhzndP5f7Kxm9hRk Copy to Clipboard
C:\MSOCache\All Users\{90140000-001B-0409-1000-0000000FF1CE}-C\WordMUI.xml.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Unknown
...
»
Mime Type application/octet-stream
File Size 1.99 KB
MD5 1570aa80bf2f2cfd090ea4993daff6af Copy to Clipboard
SHA1 2d8d5205f9a6b9b98fa65e35a0acbe02f5fa290a Copy to Clipboard
SHA256 11e3cb0388dedb43eb9c98875920629fff6fa5195e7e7fdc8bfa2005ad3a5fa5 Copy to Clipboard
SSDeep 48:LoYpqP78jUPw7pTMrZWYvJLA7uz84eSmZHkR3gRiGDexRRm:LoYpA78KwNSW4l4w8Gmi3gORg Copy to Clipboard
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proof.en\Proof.xml.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Unknown
...
»
Mime Type application/octet-stream
File Size 1.55 KB
MD5 797781486f856d8da6aab48155b400fb Copy to Clipboard
SHA1 a272a020e4c2a6552f8ec50c2e971c0a301f5f2f Copy to Clipboard
SHA256 7b43b6c37af1f54fb44b529091c22c3bf98f53910e291fb9a74b0712fb7c0fa8 Copy to Clipboard
SSDeep 48:FufGyn6oAp4HxKlQlWVkLQTtsjBeg0rRRq:FufGyngwKlNGkTtsVhURk Copy to Clipboard
C:\MSOCache\All Users\{90140000-0018-0409-1000-0000000FF1CE}-C\PptLR.cab.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Unknown
...
»
Mime Type application/octet-stream
File Size 10.00 MB
MD5 6b078cbccbab0d5edeaa1d85f11ba58a Copy to Clipboard
SHA1 66820f091ea72f244d2d2019748cbda0b7b9702d Copy to Clipboard
SHA256 7597007b7fd82fa6fc079ad255cc80561c20be4bc515df7968b4b0e377292774 Copy to Clipboard
SSDeep 196608:H4KKCX5FvaeoDcBdxmOJR7nxOKOmE7dzaNQwr:H4KKCX5FvaVczxmUJnYSE7dzAT Copy to Clipboard
C:\MSOCache\All Users\{91140000-0011-0000-1000-0000000FF1CE}-C\Setup.xml.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Unknown
...
»
Mime Type application/octet-stream
File Size 30.60 KB
MD5 12c303f44ae7eca9b187a4a15e6b3959 Copy to Clipboard
SHA1 d960bb494a1bb0c8438b89e46d4e32cf5cdbc55a Copy to Clipboard
SHA256 0ae8dedffb22b76aa7bf2ebda8d677de92bbde9be4cd25272a2802b84655fdc8 Copy to Clipboard
SSDeep 768:RL+EmssbpmfKqlXEw2cf28BMDK9NrBIZp8sS0:4EmtPq9k86d8q Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\OCT.CHM.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Unknown
...
»
Mime Type application/octet-stream
File Size 69.80 KB
MD5 78dd9d4760f5cfb8647a0922e4b29779 Copy to Clipboard
SHA1 91777171ef6d9cbd8818d4f3d0c577cfcf9e3e79 Copy to Clipboard
SHA256 7bcac030fd6e436d999c021fc3bca5cedaafe91b2af6f2c31d67b005f72bcf82 Copy to Clipboard
SSDeep 1536:5KTZDpXBbb/tRXq4mtptat2XInVlyEM/D+80Mg8ggv7gNBGFad1NySw/Co6x:5KTJpR/tR6LI1nryEM/DV0MggvENBmaT Copy to Clipboard
C:\MSOCache\All Users\{90140000-0117-0409-1000-0000000FF1CE}-C\Access.en-us\branding.xml.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Unknown
...
»
Mime Type application/octet-stream
File Size 582.61 KB
MD5 0cb18785332d67ed751528a7dc94b4d4 Copy to Clipboard
SHA1 9a3cb4e07d9d6951f34192291844170384f13e69 Copy to Clipboard
SHA256 30e263c66fe3cc8c6c4e94c447aaf5a88702e5c72cd589d01d2a49b620180a37 Copy to Clipboard
SSDeep 12288:H6NyoOWkUR1+n+N/D7KojJpGOT9rNdsSYebBnnBWDHZGfhMec9vX:H6NVOW9GUXQU9rfLYe9nnBWrZyUP Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\PSS10R.CHM.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Unknown
...
»
Mime Type application/octet-stream
File Size 26.79 KB
MD5 cff168db7198ea359bcd5104e7cbb5ec Copy to Clipboard
SHA1 04c48ec5ac547805ff5e7d9913a957d0d8f26879 Copy to Clipboard
SHA256 e033a7cae8e323ce33f5bd380d5bfed5c8652f168ac6bc618f845779be940f80 Copy to Clipboard
SSDeep 768:ZYjtIFoxqQxXbJWnGjNlFehhIyIWKVX19Xbl2:IIuEQxXbJW5hKLnd0 Copy to Clipboard
C:\MSOCache\All Users\{91140000-003B-0000-1000-0000000FF1CE}-C\Office32WW.xml.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Unknown
...
»
Mime Type application/octet-stream
File Size 4.42 KB
MD5 f856b24cbc51a742e13e92a42b70f08f Copy to Clipboard
SHA1 dea01942518e7a46ba2b4bcaacd17cce7cefd9bd Copy to Clipboard
SHA256 c3ea8fdce2f7569f3e3162c1389374b713b4232803c9977ea6c1996fc689ce61 Copy to Clipboard
SSDeep 96:sd07Wp78I863F9MDr2/oZFhaGxEEZF6J0FxXJoomruBSkjx/9skzgih8VRi:sd00kDr2MIqnfA0FIomrMPskzgsQi Copy to Clipboard
C:\MSOCache\All Users\{90140000-0043-0409-1000-0000000FF1CE}-C\Setup.xml.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Unknown
...
»
Mime Type application/octet-stream
File Size 2.54 KB
MD5 6019498e041a8c3e9c83c2cf90e968fa Copy to Clipboard
SHA1 a129888ebcf54d54fdec80d520d0301d75f5dda1 Copy to Clipboard
SHA256 657a9e4ea586782335853578a148a5dfc61173958a20a1ab1922a7d91a738445 Copy to Clipboard
SSDeep 48:2/c2mlFzsqGaOKiyAfCJz8xMgiLAUUeahwokRwJ7G/QlvMEHzodnxeMRRq:uKjmoz8i709kCJ74QlvMEEdxvRk Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\MS.EPS.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Unknown
...
»
Mime Type application/octet-stream
File Size 14.94 KB
MD5 cf21f6c976ff64d7ca47c8362c7f620a Copy to Clipboard
SHA1 8dd8e46e6bfea6fb069cf3e4581f05a962e6415c Copy to Clipboard
SHA256 6971e26e603c593af4cabf722b078965ddfbf9b83ab659255eb099f636868a0d Copy to Clipboard
SSDeep 384:kwICJ30o4itqLJ+YVC0fjfWXzpIJPK3f8F9FNdiXU8RfCS:kwBp0IQV+x0L+XNgPKEFNdikUL Copy to Clipboard
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proofing.msi.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Unknown
...
»
Mime Type application/octet-stream
File Size 848.75 KB
MD5 8f8d89567b93ca369a50daf0b2c834b1 Copy to Clipboard
SHA1 306f7581f38e5278e2f74d28be8dc664003ed8e2 Copy to Clipboard
SHA256 7bc3a8f2ff933dd3ca228768f76f9e2cb9802f25ecb0884a1cedec9be4b446fe Copy to Clipboard
SSDeep 24576:JKFhlG/CZp1t7eIk1vX2ozUV6d9zfSq9RmLPLvkzza5MoQ:oFi/CZpQcU9equcfRoQ Copy to Clipboard
C:\MSOCache\All Users\{90140000-0115-0409-1000-0000000FF1CE}-C\branding.xml.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Query Error
...
»
Mime Type application/octet-stream
File Size 582.61 KB
MD5 710037f0e7730110069840e5f3ed8d74 Copy to Clipboard
SHA1 91dfc4357ec413ac0b157839f6cd0bf16fb19d8c Copy to Clipboard
SHA256 7ec2d534c6e10e9fe6de560b9ae7a1e6b1d039ddd5da9747d731815a09e2d1f2 Copy to Clipboard
SSDeep 12288:yZhcfiLiD7QyciZUQLyD+ygKE/yBtT0MFbxSwkoL2Ob+UhNHCmp+4zOa0:ycaeDoiZUQlygr/yHT0MnSxC2ObXKsz2 Copy to Clipboard
C:\MSOCache\All Users\{90140000-0016-0409-1000-0000000FF1CE}-C\ExcelMUI.xml.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 1.76 KB
MD5 7e7caea7fa2e7906f35d52bcd383cf76 Copy to Clipboard
SHA1 1f2f53f3704527af881fd241580d3dc3f0aae4bc Copy to Clipboard
SHA256 996db237e90086a4d35c5de5a726f3ff29c7fbf0fec84ebf3ad558be6e8b702f Copy to Clipboard
SSDeep 48:1+g36CNQslCzatg4cBcEXu/IbWBcjsjHhsiSz2jJueORRQ:1p6Rslt2cMuAY4FUJsR2 Copy to Clipboard
C:\MSOCache\All Users\{90140000-0016-0409-1000-0000000FF1CE}-C\ExcelMUI.msi.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 3.14 MB
MD5 77265fdf3e1e8b3da63be0fdbb7207fd Copy to Clipboard
SHA1 07b2d79497fdb4861dde29c93a3f37f56e648490 Copy to Clipboard
SHA256 93a8cc9acde4611609f86f16de1f2d8057745db247fd9683a02377a22497cf07 Copy to Clipboard
SSDeep 49152:zDxL8QBo0Tex4S120ytJy7HcrV9VYIXezhSlH61:zR89t1b6VYeeIla1 Copy to Clipboard
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proof.fr\Proof.xml.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 1.66 KB
MD5 f15d75aac66599aed4cd540b27ace4d1 Copy to Clipboard
SHA1 d4ef0e57845a1f07018505c01d6bdb38ab8b71dd Copy to Clipboard
SHA256 b183e5403e49cbf77da37c1728bbe57a2dcec9b003e5ed11f7baee2e5fda33ef Copy to Clipboard
SSDeep 48:dJgHDEmP9aVKnMW041UZYEZJt1j0hzEoFa12Vs5RRq:dJgAIeW0+e9hYzEuQC0Rk Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\PSS10O.CHM.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 26.54 KB
MD5 97ba776acb1b04a1f0f8a26a1987cd48 Copy to Clipboard
SHA1 ec220d3e3ecbb8f9d1c7346518211ad5b8ea234a Copy to Clipboard
SHA256 a5db45b1f3e74243d580a0044efd39e641034f5fabd28c510662cb0d68b11da0 Copy to Clipboard
SSDeep 768:al73IdGkeLwEmO7H/knUQFCs1hTuDuvM9vcnvjQc3Pzri:oMe3VMUECs1hSL9vEjQc3Pze Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Excel.en-us\SETUP.XML.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 2.47 KB
MD5 71184df7f653f23ce559265e1c1be9df Copy to Clipboard
SHA1 99205a5c68e8eae9548f7bd006b3eae5b9f753eb Copy to Clipboard
SHA256 a82bf8b670a0c48713babad96a9db5819ab54317a2399a04bb2bd787716dc6e1 Copy to Clipboard
SSDeep 48:DCF0joO1t98DnFUCEKYAnk8zOvYyJli0h5llcSaB9BhTsyVE3A+u+pFECzYRRq:2F0jFeDnFUhKAcODJ40hy9vE3hzF5zY2 Copy to Clipboard
C:\MSOCache\All Users\{90140000-00B4-0409-1000-0000000FF1CE}-C\Setup.xml.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 2.07 KB
MD5 8d396c638f7a183405d8818b59216075 Copy to Clipboard
SHA1 26e01962512c292ac5d3ca78193a8bf8ac1cbe1b Copy to Clipboard
SHA256 bed5430086df550347a7efa0dd9337e52cca861313688c6646236b19ebac5401 Copy to Clipboard
SSDeep 48:8SYprgjbK3/46D5d+exbapWoMD/1p5L0uP2SkRRq:tS8ADLSWznBP2SkRk Copy to Clipboard
C:\MSOCache\All Users\{90140000-001A-0409-1000-0000000FF1CE}-C\Setup.xml.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 4.33 KB
MD5 5988b79bcb872afea86f6813365820b3 Copy to Clipboard
SHA1 469de3deb7b172eacb4537b077c9fa9acea32637 Copy to Clipboard
SHA256 0071f42a55ef514f4509bde7ff3a9ac09f422374e74fea7054fc5d7fe4159b37 Copy to Clipboard
SSDeep 96:LS7JLCIjvRi+VlzFvCXFdBmUHywSs8c+DoZvQ6f7kdRk:aJmITRflZWmUSwSsd+DoFQWAPk Copy to Clipboard
C:\MSOCache\All Users\{90140000-001A-0409-1000-0000000FF1CE}-C\OutlookMUI.msi.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 3.48 MB
MD5 60fefb34dff1ec45c74c039d410b1555 Copy to Clipboard
SHA1 2cbacebe4649c16b6afd6f1351034048bd873bb2 Copy to Clipboard
SHA256 e5dd9007a07d5d719153e78a8431e24b0b35df39b5b594646db614cf70182589 Copy to Clipboard
SSDeep 49152:fHYLL/WoWLljb1R6rOSN20yRJ64iRySonD3WtD9DbAcst:fqLVW6vlK3uD9DbAtt Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\PowerPoint.en-us\PowerPointMUI.XML.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 1.66 KB
MD5 fa5bd644a6151e1c3117e8497abfc21f Copy to Clipboard
SHA1 00e7ad69faa99e230d2bde312a4f7146882c3a45 Copy to Clipboard
SHA256 ff126a378659e0aa3d8ec3cf3fbc20d54010c540efdc0a7dee47f2692376ba45 Copy to Clipboard
SSDeep 48:RIOQ1iaIgoVPFbx/yKT6ZUi/cPEcWHdjlQtmRRa:RIO9alo5FbE30PEcW9BdR0 Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\PSCONFIG.CHM.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 37.04 KB
MD5 c97dab3e5a389ca0f0d18eebcaf6278c Copy to Clipboard
SHA1 4d8c6211ec80cfbdcc067e6c64f00e001f0c4971 Copy to Clipboard
SHA256 d7ae795c1cfe01770e91cbe746de6f83e51fe1c9b88f7ea362b6f6970acfb413 Copy to Clipboard
SSDeep 768:+78Es3cU8O70ppSC8l2ZGqWLJzk6fw1yZM/oTcfV8lnNydw9jNV08VKESE:4XO70ppb8MWLJiYZXUV8zydw9hpSE Copy to Clipboard
C:\MSOCache\All Users\{90140000-00A1-0409-1000-0000000FF1CE}-C\OneNoteMUI.xml.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 1.81 KB
MD5 f430765a3607df43a288f743622c9eab Copy to Clipboard
SHA1 4e6ee1dacdf701f963b5cf5ca73607be200c4ccc Copy to Clipboard
SHA256 a38214c534d881f777509e054614bfd73ada1f440b077b9e9a3bbdac5162612d Copy to Clipboard
SSDeep 48:dWQKqLa8LC6lVCTrTexqqGWvXjQ9CfeLRR8:dJLaNTrTelGMknRi Copy to Clipboard
C:\MSOCache\All Users\{90140000-0115-0409-1000-0000000FF1CE}-C\OfficeMUI.xml.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 5.67 KB
MD5 27f7533f2a317f9a018fae1340a1393f Copy to Clipboard
SHA1 bbccca97fd4ecaa388d23f8b39f3ac7c0d3dab76 Copy to Clipboard
SHA256 63fec2a90c08fdf33bcf78f031a5f3532e3105c721926fccda752210d8b54353 Copy to Clipboard
SSDeep 96:zuHVAKG6FxXnt6BRtW/TauDZA+JaaHpDGhUd77YAmm5Z5GiAPlyTxhYvERi9ARs/:qHpptX8VaJDGhG7HSiA6x2Mds/ Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\BRANDING.XML.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 582.61 KB
MD5 56386cffb83397ed9ba243189adcfaea Copy to Clipboard
SHA1 ed61411a19b9c6d1f1cccb2f0966e272cef10f7c Copy to Clipboard
SHA256 389cecd2d7305c781b7ed2c171c46a2637ed58162bd6402aee12040500724d36 Copy to Clipboard
SSDeep 12288:R382G8nCm2ozrdJnsm9yw+dDrVnzkp/1rvtbJlMUMCVfX8me:i2G8B2oN19S5zkp/ByUM3me Copy to Clipboard
C:\MSOCache\All Users\{90140000-0019-0409-1000-0000000FF1CE}-C\PublisherMUI.msi.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 3.15 MB
MD5 8f2eafa3553af202456da16937a4cf7c Copy to Clipboard
SHA1 15d623e543eaf2a94ea982ef0012957d20f53b93 Copy to Clipboard
SHA256 7f17ef0e07dfe866f801fd4461aed0ac6ba137ae83b572e4ff399ebf42ae4e70 Copy to Clipboard
SSDeep 49152:zDxL8QBonTex4S120ytJyqzfS3IPMWm/vnYKo3S4Ccz:zR89K1CzfSwMWYnY1T Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\OfficeMUISet.XML.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 1.05 KB
MD5 d686dabeeeb3f46daaa967c8034325bf Copy to Clipboard
SHA1 af7e26f91fbd638a6ef98613c2060187ad6caf97 Copy to Clipboard
SHA256 db5ea74cc2942c8508c1bfb90bfceead7d7107f2f846ce6b7c7286dd50a66c1b Copy to Clipboard
SSDeep 24:CjOVeZhCUJITH5yjNjIGFKQINvllrc/YaTfzA+oUIEECS2NRp+uY:CjOYhpJI1yujx9xWTfzA+okS2NRRY Copy to Clipboard
C:\MSOCache\All Users\{90140000-0019-0409-1000-0000000FF1CE}-C\PubLR.cab.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 10.00 MB
MD5 153c60b8828273493fedce6a7762fee0 Copy to Clipboard
SHA1 e94b06f4f7964347622b24d5e379e599a759ca8e Copy to Clipboard
SHA256 836e58072fe1b65d3839e720d550a451575815f83c0729d89e551613e9ffcdcf Copy to Clipboard
SSDeep 196608:aPUvTYpH9RBl/tus7o4L7tZiTnp/jE4U/bxlLRx+iJL4:MUvTiNhU4L7tZiTnprP0txRso4 Copy to Clipboard
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proof.en\Proof.msi.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 855.24 KB
MD5 357c2f109b5ab821d8e2e1d491e1a8c6 Copy to Clipboard
SHA1 e8d4da0a14562b1737665d33f3f3f4775df19bc7 Copy to Clipboard
SHA256 ff1a8f19f5c7e130944c65423754e5f0e32681a7598bf51b07d3214ae601d43c Copy to Clipboard
SSDeep 12288:E8m/euC3owifSEYReWHoIc0eHEHU5Ni0poGE8/g1zcfPgpwKdsjFYoO5cXC:E8/3oPfBdk05NrDE8Y1QfPgbAW5 Copy to Clipboard
C:\MSOCache\All Users\{90140000-0016-0409-1000-0000000FF1CE}-C\ExcelLR.cab.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 10.00 MB
MD5 2fb10a322517f7cbfb3a6cfe3f7ec571 Copy to Clipboard
SHA1 f50dbea0bf05e4a4f73abb265fef52fa43db4e07 Copy to Clipboard
SHA256 5ef870f132dab830dd5380a5f66f2db9ead790ee6610fc191c638c2aecd616a4 Copy to Clipboard
SSDeep 196608:6a8A7fKP0ReD0wXKLUEfRrDXP2ifogB2jHcSBLWiyvyWJRMLhdPWfi:6aRDKP0q0wM9JrL2ifJcjhW/6vL3Ai Copy to Clipboard
C:\$Recycle.Bin\S-1-5-21-3388679973-3930757225-3770151564-1000\desktop.ini.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 0.37 KB
MD5 0197d9893432a09002c7db38d88f3a9d Copy to Clipboard
SHA1 98f62155f91d3d271e0cc98a0838937439c010e6 Copy to Clipboard
SHA256 8cba127df6756bbc43f8e7c8265fc936e630a371e5d41669198a48de4ec50cb1 Copy to Clipboard
SSDeep 6:AIhjduMO0zJ/bxBG/6WCe1dNAuvGo0rMm3PrgXdJUf+bz2YIsn/:J9FJ/ySEnAfFYm38XQ+bz22/ Copy to Clipboard
C:\MSOCache\All Users\{90140000-00B4-0409-1000-0000000FF1CE}-C\ProjectMUI.xml.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 1.66 KB
MD5 8fbc1c16db48ef1afb476e0aa217762c Copy to Clipboard
SHA1 553add178d00e9588c86439c8ccb81addd4ab716 Copy to Clipboard
SHA256 87ebbb9f7df88d3d59dfda3bcbeec2f6eab28489d33ebe65ca33badd5ed3986d Copy to Clipboard
SSDeep 48:mzlBiQx2Vnf33nT+T92Dn7FzMGRwfkqXtIsePRR8:SlwFf33rVzMjfkqIHRi Copy to Clipboard
C:\MSOCache\All Users\{91140000-0057-0000-1000-0000000FF1CE}-C\Setup.xml.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 20.33 KB
MD5 6aa9d137e79508aeb384dc40ce185c75 Copy to Clipboard
SHA1 f7fbfd110ad439f87164f4c35ee4bf461b7fdb33 Copy to Clipboard
SHA256 50d64af14db4f5e9934010ee47e0d788551c1fb3d7fd2d7612c4b6d15aa09283 Copy to Clipboard
SSDeep 384:Rd9ZLn7CgDI7nowvxa3uJ1Pf+rfj8hDfmPIj3FWUXF80k:RRn7RDIDiYeDQxmPChW Copy to Clipboard
C:\MSOCache\All Users\{90140000-0115-0409-1000-0000000FF1CE}-C\Setup.xml.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 9.37 KB
MD5 814bdc3a3b241272ab911b07cba84a8e Copy to Clipboard
SHA1 3a843e6fd9ec585c6f7c320b93cb458803e5ecac Copy to Clipboard
SHA256 6e434e3919f4a0cdefd0426516560f4de27ca7d5d5736fc9f620a3010be173a5 Copy to Clipboard
SSDeep 192:uyGbwTnMWT2qgtGE9jEIhP8GNyRjW5mP/ZnpAXZTRBxk:uyGMYWT28IhP87PAT/xk Copy to Clipboard
C:\MSOCache\All Users\{90140000-0044-0409-1000-0000000FF1CE}-C\InfLR.cab.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 3.10 MB
MD5 26c291382476a64258a95e90bad79b0a Copy to Clipboard
SHA1 d9807a07196f5dfbb633490c9d3cc75ed6e5ea4f Copy to Clipboard
SHA256 0c6560fb46bc7e1c547e65b3090f0cea73f112c66004abb053b9fe4bd512ac3a Copy to Clipboard
SSDeep 49152:Crh2TUGD0HEytsDd5D9kwfbF4diB/SC9GMzff7Nz7kk7oU0PnHFltB+t5VfI:llyaDH9kcidg6C9NfjN0+inHftQa Copy to Clipboard
C:\MSOCache\All Users\{90140000-0117-0409-1000-0000000FF1CE}-C\AccessMUISet.xml.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 1.05 KB
MD5 2ebf116af2c1d891839991fa10f89ac7 Copy to Clipboard
SHA1 1da45480f2b759e550fff9edec6c131f046ebb00 Copy to Clipboard
SHA256 25f04fbd7f34b03b543087bc55e3d4942e7bd826754098fd0d707845cae24b67 Copy to Clipboard
SSDeep 24:XcBIlcZlybiLx85m7VkwyXVZ1xPOBi7cYjEFQA55cxBWS2k6Rp+uY:Xq13AiLxY9NFZ1xPOmcIA562PRRY Copy to Clipboard
C:\MSOCache\All Users\{90140000-0117-0409-1000-0000000FF1CE}-C\Setup.xml.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 2.80 KB
MD5 e2a34b0347beefa76cdf1b7e1b7676d8 Copy to Clipboard
SHA1 fccdc8e65afe9c284fb98700ef3e6f8b02daf04b Copy to Clipboard
SHA256 298f48a1cd86b9b5335a1ff4db58fb1bbc402f0807f90f121b535fe4b7a1c31e Copy to Clipboard
SSDeep 48:xCKuxqxGFlRIzupqHPK/rxzPn8sM8pxJhgKMPU1nmNmDf9eRzcNRTOHIiJZaveaY:IKiqxYAOQmxBFhZuy/yoiJy5Rk Copy to Clipboard
C:\MSOCache\All Users\{90140000-001A-0409-1000-0000000FF1CE}-C\OutlookMUI.xml.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 3.36 KB
MD5 2d4340f37a1ebc40122cfa6079c87e0a Copy to Clipboard
SHA1 b15efc60befaa862efe9b1b8eee769104475e9de Copy to Clipboard
SHA256 9ec6b8a814b0dc98f442bf0b0c54cceecc0b34e4042ad4ea5f8122a86925c6d3 Copy to Clipboard
SSDeep 96:IXed5cpB4fFZDQ/Ks5a8RZPXF/UA0MBWNMFzJTHW56Ri:IXewpqFZDQ/Kb8RB1/n0MFzV1i Copy to Clipboard
C:\MSOCache\All Users\{90140000-0054-0409-1000-0000000FF1CE}-C\Setup.xml.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 6.33 KB
MD5 6f71b71d6b72eb568852bfcb2ac019a7 Copy to Clipboard
SHA1 d304b4ac7e0873c5d1fe252113fd3ba23bc648cb Copy to Clipboard
SHA256 5b5d7684487a8658df2df1941b3defe207a45cb1d1463a04ab46cf9638f07f33 Copy to Clipboard
SSDeep 192:1n6y6qzH+jesK+ZrVrQjr1M9wuinHDqtZGfTfs0FARk:oygysVZZkj5MyuinHDqtMs2ARk Copy to Clipboard
C:\MSOCache\All Users\{91140000-0011-0000-1000-0000000FF1CE}-C\Office32WW.xml.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 4.42 KB
MD5 73e6baeb8b3967ee46ed7ffcf351b2a8 Copy to Clipboard
SHA1 7744b7cc4bd8eb65378563db39bebc32ff49979e Copy to Clipboard
SHA256 6a934b8b939d333f93c91ab1de5660bb32c837e0c6fb60587545a00d51ef3748 Copy to Clipboard
SSDeep 96:+ni1unwKHK8wVcK/qPmRSX3+qlDOn7k+LUBikW56BXUngXeC6D/S8yRi:+n9qZVcVPmS+ql2krBid56BXUngXebSS Copy to Clipboard
C:\MSOCache\All Users\{90140000-0043-0409-1000-0000000FF1CE}-C\Office32MUI.msi.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 853.75 KB
MD5 0e6aa8b61e014c6f32f699d860e03d98 Copy to Clipboard
SHA1 5dab29cd104a31b920c3a0a86f43875e4c547e1d Copy to Clipboard
SHA256 de2cd3f15caeb3b466395373a93514a82a913ce64d05a544533ad2a5b21b9b63 Copy to Clipboard
SSDeep 24576:XMH2MRgxwPxdSIF0jV/cpzOrHFhi2ph9IH/8iyADF:8FgxwPxdSw0JuzODFAshuUIR Copy to Clipboard
C:\MSOCache\All Users\{90140000-0117-0409-1000-0000000FF1CE}-C\Access.en-us\AccessMUI.xml.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 1.56 KB
MD5 75e01117454f337136abd6e18cc29eaa Copy to Clipboard
SHA1 7733bca36412a00514132ad001ecbdab7c32e8fd Copy to Clipboard
SHA256 406d96623d716db09d6ec88be56860f6682bd7fa79de649d6e6bd629ee526fc8 Copy to Clipboard
SSDeep 24:SX4G2TJ4AsdKbGu+rEU0Rl4DUXdzMZ4NQDvUuhtYZvzIoiMQfjYWSeiRp+uC/:zF4vKTs0Rl4GsvUuhmzIDMPeiRRC/ Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Access.en-us\AccessMUISet.XML.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 1.05 KB
MD5 2c3b753ba7ee4eb1e55714740278a2a2 Copy to Clipboard
SHA1 4efc636c18007b9cd0164f724307d6be1818495c Copy to Clipboard
SHA256 4f38e233f6b8c76fb98925ed63ed4b76d7e56b7f15f8bbd8fd6ae5d0bfe21a1a Copy to Clipboard
SSDeep 24:Z8/b6TQwzecek7pZPZret8zbbmoPFgXYWyQuMoBeGI7WS2uRp+uY:CeQcPJOPowYW7Ga2uRRY Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Groove.en-us\GrooveMUI.XML.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 1.14 KB
MD5 0ba42dc2dd3111d466779cb5580fb6e0 Copy to Clipboard
SHA1 813e0321472835ea963186270582eaebe08b7e42 Copy to Clipboard
SHA256 d2e4bc7406b8fe24c5f0a0f7a2561f66e6050026538ceaa85b06fb5d1aa4e827 Copy to Clipboard
SSDeep 24:pwC/FBQQrPZlQrSz+3pzWjR9r7h3ZW7hknOyegr16SRp+uC/:fHYS4G9/hs7hknOdmkSRRC/ Copy to Clipboard
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proof.es\Proof.msi.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 860.74 KB
MD5 f3f84b637239e366a35bd8196726382e Copy to Clipboard
SHA1 dc9f3685cea7904af690a6fee8c0499d86b0216f Copy to Clipboard
SHA256 d90edc27a470b5754491c4ac3251317e85b3d712911327e63be0d1df77286a0a Copy to Clipboard
SSDeep 24576:xLbVHeUuLaq7sjKWrm1VRkXynXxavqu/2DE:JV+UueKoKWrm1VOXeav9/N Copy to Clipboard
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proof.fr\Proof.msi.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 865.24 KB
MD5 8d744fd0f003d094aacf2a46724ce66e Copy to Clipboard
SHA1 bbe0a53353b2b29ad433f75648b5c289dfaba547 Copy to Clipboard
SHA256 947e755e1f9d59a1006e6bd20c4b1a8e22ce55322f15f05ffd6ce1474bfd4a5b Copy to Clipboard
SSDeep 24576:CGLDkxazl0zE4NJfbVMh2Z8RSC3cNNCNzaggU:T3kxazp4NpxMhXRSCcNwzz Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Groove.en-us\SETUP.XML.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 1.65 KB
MD5 0284a987a8a5b7675dae5c42c3ff61b1 Copy to Clipboard
SHA1 193554d386d175fccc54c9b2839fee80e13eee50 Copy to Clipboard
SHA256 f362e123d44c2f3b628e03d2756b8b739625b8a0b96f5d6067ee9134e48cd728 Copy to Clipboard
SSDeep 24:Vbyutz//Jyr9J/RZM0cyaCMy5LAfWvMzTFXxlU+/x7wcB7j0Rp+ua/:Vby6//cpJpR51c+YTbX5T50RRq Copy to Clipboard
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proof.fr\Proof.cab.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 10.00 MB
MD5 3d0e1f18676626331ffefafe53b18248 Copy to Clipboard
SHA1 80d370bf723a4b00b769c1a7266d63de82280ab0 Copy to Clipboard
SHA256 9ceac29cec7a9772266c3c6ed68bc7f25dcb38c12c388fe9f21e58890e9cf26f Copy to Clipboard
SSDeep 196608:PFNUxdiOm1j3/abCsYwFOSQo2pWDOQs4hW6s63HS:qPmN3/abtYIQoROQ93RS Copy to Clipboard
C:\MSOCache\All Users\{90140000-00A1-0409-1000-0000000FF1CE}-C\Setup.xml.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 2.18 KB
MD5 90b96966df27ee3f2ca7063daed03cb4 Copy to Clipboard
SHA1 3d7aa4ab7a91a09e916a04c374dbfb02ad86f18e Copy to Clipboard
SHA256 aa974e2e19352501b62f9dd9417d0cdd76de9eefe7b3bc2a0c5791e798e3cfd1 Copy to Clipboard
SSDeep 48:MXhkmNCaRcyiAMEuNBXQ3UvYy99B8+dWlt8EY1DdqVd/LywRRq:MWmIHynuDXQkvYy99B8+dW3k+ZfRk Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\README.HTM.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 2.13 KB
MD5 5d3e2d4819ab06ba011ada3c346cb5a2 Copy to Clipboard
SHA1 15d7b4ce073d800ec5d60f5bf60872bd9cf74f61 Copy to Clipboard
SHA256 d60dfaf2fc78d388379b07e71f4e339386887673dd50ee1449b1c9cf4a108450 Copy to Clipboard
SSDeep 48:Nvq04bGNVXrA7HkB6MWYyPn/oWsmg4w7dlTGVePRRU:NCAXrAwB6MWYyPn/dPedjR6 Copy to Clipboard
C:\MSOCache\All Users\{90140000-001B-0409-1000-0000000FF1CE}-C\WordMUI.msi.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 3.16 MB
MD5 bb72566e564403ca03ba56f4037a4ea3 Copy to Clipboard
SHA1 b08743bfb3a60b4e4a8fe84f115a68585d404804 Copy to Clipboard
SHA256 b6e9a97c765bb53895dd40d7a0e38417a4297dd06581fe84879b0e900f3fc11c Copy to Clipboard
SSDeep 49152:zDxL8QBoSTex4S120ytJySzTvL9J6+CLzPFj:zR89r1+9J6+CPdj Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\InfoPath.en-us\SETUP.XML.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 2.04 KB
MD5 391bdbfa3a71bbe786274e88d87583eb Copy to Clipboard
SHA1 9825eae5ded338c195d1aa192335b50b030f525f Copy to Clipboard
SHA256 564387505b76d3265378c491b90ce7f198a7b3cc06a5ab06d9a585da3d72a2f6 Copy to Clipboard
SSDeep 48:/pAAUW1dtqwfbJo9QvLYXUFe9WKK0bjavxRRq:/BIIJyQKUYWKxPavxRk Copy to Clipboard
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Setup.xml.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 5.97 KB
MD5 346a0525b645969f4eff9948b8569d4c Copy to Clipboard
SHA1 922c4699311f4021bf36750da91f4833a7bd87a9 Copy to Clipboard
SHA256 a617367c8506ab3049b27986ee3ac7411f33c7c5b9cf8bda1137b3db28a2d36a Copy to Clipboard
SSDeep 96:LjJp8zcDkvoFuo7ZxMnpNJ798lJtGUwYLg74NgTPAAaaloVHzgNTYluubIRk:LiXvMFxajAJ8fRTPAB6gHzMElnok Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Outlook.en-us\SETUP.XML.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 4.33 KB
MD5 337d8f3dba45b2d2bac749d7cd80c327 Copy to Clipboard
SHA1 49eaef1299b447f0a204ffa30f478a68ad73446b Copy to Clipboard
SHA256 30ba567dca4d4ff3d06a6f6b67b2745b7efb14d063641933781d594f4aa57b71 Copy to Clipboard
SSDeep 96:2MqSdlZPilBTDhMV0HjXBnlh+CAc4xh1swR/hyp7uRk:VdlZiftM85/+C1wR/hy0k Copy to Clipboard
C:\MSOCache\All Users\{90140000-001B-0409-1000-0000000FF1CE}-C\WordLR.cab.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 10.00 MB
MD5 4fb6c079967f604d4b8cdf477caf6de0 Copy to Clipboard
SHA1 a8777ca0e49e5d98d01a6b007c7b62b5dffb5b63 Copy to Clipboard
SHA256 9fac05c1ffc4b8060b0a5b942d35cc90c0bff012af1a00a6712c6d03018b083f Copy to Clipboard
SSDeep 196608:MaurJM4k8IMj3kMxfGbWaxJMKMA4JxuiNQG3A2r7rfiSFhysD8uxDxKj:EOn8IQkM2BFEx96G3AUf7FnzKj Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\SETUP.XML.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 9.37 KB
MD5 4cdf9459b7fa06ee5b2e4ef49ab01f9d Copy to Clipboard
SHA1 eec0b035d32afaed2a2cd89b68d82f2e88d6aa18 Copy to Clipboard
SHA256 fb59293278823f3068c268b8781b5544a75f93fb7368ffe02e806a731471f315 Copy to Clipboard
SSDeep 192:TnKj755F5uhsuQjwUJVHEAgiPgtPb4H1CAgwlxZmweyTzEnYk:gfF8O+ttPb1sxOI0Yk Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\MS.PNG.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 1.88 KB
MD5 759bea95e646a6c529099c8506112b2e Copy to Clipboard
SHA1 1995ab2c7593dc2c93d3979f3722b3e357707184 Copy to Clipboard
SHA256 6c8679038bf9c6c46b38d25798e11c17cc48d6aa4dc671c09e94f19eefda85e5 Copy to Clipboard
SSDeep 48:lenyAjm5nBeQFXl7rFiuvIMBE59azIeq6r5kgURRM:0yAdAdrhv5BE59azVrURS Copy to Clipboard
C:\MSOCache\All Users\{90140000-0115-0409-1000-0000000FF1CE}-C\setup.chm.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 65.85 KB
MD5 068ec279cc98551bca5075bd68b86833 Copy to Clipboard
SHA1 e720330355ac865895c1f67d67020648a2b99b6c Copy to Clipboard
SHA256 0b5fc318ab2a9c5f19c87c57ed04e9ba213af1dfe1ea58fe2f23b94875f82a76 Copy to Clipboard
SSDeep 1536:uJofnBvtoBcBPfFKMMTvOIYQf2+eMQE/z9vdQYbcrWf9B:JvtScBnFKMZdQfx/z9vOK99B Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Outlook.en-us\OutlookMUI.XML.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 3.36 KB
MD5 466d8414a7ad06284815d535c4c3a0c5 Copy to Clipboard
SHA1 631aa6db368c57f151e507e183cfbb6b4d2dd2d2 Copy to Clipboard
SHA256 196d266cdd65848f3a56398fe73f096edb371d715895c6a8fe629888f864d36b Copy to Clipboard
SSDeep 96:f3pLUz+OOXNihe60cWy6i/G4l7CbFm3yS++y/rYRi:f3pLUiOO9iY60Zy634lLCSi0i Copy to Clipboard
C:\MSOCache\All Users\{91140000-003B-0000-1000-0000000FF1CE}-C\PrjProrWW.xml.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 6.51 KB
MD5 adf5f087050d90239fa7e6bbb52aa04d Copy to Clipboard
SHA1 b2b1aee768eeec25a87424cd8d02798b694b9040 Copy to Clipboard
SHA256 615ec990e4fbd836738f0a125aae9161fafbbf32209932d7cbc8899af97095d9 Copy to Clipboard
SSDeep 192:9FmqXAkS9UulQmZE08vZ/cr2eXtKUOWuWs/:OqXiNgO2eXcUBuWM Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Access.en-us\SETUP.XML.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 2.80 KB
MD5 3cafc4b6475b44f42869acedf3667d5a Copy to Clipboard
SHA1 f49d7db629bfde4835bdfc718af6e15d663d3ed5 Copy to Clipboard
SHA256 9bb13d46bdacff5fcc23ae67b03cf57b2e9f34e135c55c688b640b22310e87b1 Copy to Clipboard
SSDeep 48:1/uSy/cp/XRliCrW5+gIsB8XDa843W7dQjFdzjdPYPB/8TH1BRRq:acpRt8+HsB8TnuW7CANQ1BRk Copy to Clipboard
C:\MSOCache\All Users\{91140000-0011-0000-1000-0000000FF1CE}-C\ProPlusrWW.xml.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 16.70 KB
MD5 d579775e62e522583ecb56f15f88218f Copy to Clipboard
SHA1 f1557753ef342f64eee7ee4380a992fc138c2c40 Copy to Clipboard
SHA256 2048bbcb9a7d8af2594b4af8362e5c0315461f27489c22f32f68512f69dc79b3 Copy to Clipboard
SSDeep 384:knzRcrMeDSJkugdpHk8rpTry+PrnsuxaQiwlFrnE9JomH1B1d5IfgPfi:MzRcrsJkuWrp/yE2dMTE96mHfJ6gi Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Excel.en-us\ExcelMUI.XML.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 1.76 KB
MD5 ed54bca86e480eeba08226b54e43893e Copy to Clipboard
SHA1 98961f4363114f92c61d6fea61d685f359655dda Copy to Clipboard
SHA256 33010a288c8c46964406d09193804f7400c2ab4aa8c7d4f40608081471169d76 Copy to Clipboard
SSDeep 48:RQj/bfktk2vvZgv355uzhnYSL40oUcHQRRQ:Wamv3adnYwR2 Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\PowerPoint.en-us\SETUP.XML.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 2.07 KB
MD5 be1bb2df171b1c3e4b25d92019c7f391 Copy to Clipboard
SHA1 d8a92547e4c82f5ccfe68ec853e775edd0845933 Copy to Clipboard
SHA256 ea6d8b20087335c3291aaffddbd158946665a78cb907dc31fd67016ddd65815c Copy to Clipboard
SSDeep 48:Ng8lVb4USrWG4UhTc1sxRt434fEqZ3ZsaExZ4SxNA+oRRq:uib4USrWGBSs/uIfEqDExZ4SxNA+oRk Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\SETUP.CHM.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 65.85 KB
MD5 52f6a699715aa13f04045525bcaf3925 Copy to Clipboard
SHA1 060b2b055a65ab2115eecd0fed50211ddc4fa35c Copy to Clipboard
SHA256 3b736586dd3e8ae89e3a140d79e1959b64ccd216a14173fb60d379b9399e6118 Copy to Clipboard
SSDeep 1536:zsNREg6RQImdjYh9fiPX7x5TXbyqNj2Egkb/Zq:TnQgHfiPX7xpLyqNj2Q/Q Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\OneNote.en-us\SETUP.XML.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 2.18 KB
MD5 f620d835441eca8a59c160f61ef7727c Copy to Clipboard
SHA1 c42956e70612b77e04867ce58771172382ec9d15 Copy to Clipboard
SHA256 a2f237b13b8767a13e1c92f105c5c16f7fef2ac97908977ebb349b35c5d6a9c8 Copy to Clipboard
SSDeep 48:ywM/UwccTPJICYTD7naEQs8IU/YCsuCsMAdEBEJwRRq:yPLJIJTDzaED8I1eCsndEBEJwRk Copy to Clipboard
C:\MSOCache\All Users\{90140000-0018-0409-1000-0000000FF1CE}-C\Setup.xml.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 2.07 KB
MD5 9ec4983b2b9bf21bc0d82e35914fdc3e Copy to Clipboard
SHA1 a0568c2f805ceb4a650d43ea1ba24c8fb8c1fb19 Copy to Clipboard
SHA256 2575f49a98dbd97eef503aaf4a8c6d148bccd8457b0b5d6ba93065bacd62536a Copy to Clipboard
SSDeep 48:iYNDqGgxRjud9e90IWEvmLb8H3ACQDH/BJpS4XYDdFpqSPS5QpJmUXj2URRq:imgxRjufBNYmfGApZXGXkSPS5MJmCXRk Copy to Clipboard
C:\MSOCache\All Users\{90140000-001B-0409-1000-0000000FF1CE}-C\Setup.xml.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 2.60 KB
MD5 a2ec79d1d1dae489f8b1262bb07bf984 Copy to Clipboard
SHA1 34e4ea7deedc0202ee176b27aea65a1600e75fad Copy to Clipboard
SHA256 6976df28c8b89c85be67a32c0b05b561e7aaf93d32cac5cbda0b4721a999db08 Copy to Clipboard
SSDeep 48:ahgU8msBS9rGLzdd/oaSYooLTSlKycD3JzxXmN/djqZ2cK22GRRq:ayU7GLZdwRou/du2cK22GRk Copy to Clipboard
C:\MSOCache\All Users\{91140000-0057-0000-1000-0000000FF1CE}-C\VisiorWW.xml.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 8.76 KB
MD5 479c6232f9b6407d799f8dea47ed132c Copy to Clipboard
SHA1 6b62198198de88c9a13afedb3b856109b39efb4c Copy to Clipboard
SHA256 d54bcd389f05f4cc6ce142e61a7c39a308e16f2bea498152ef8d2b21514df3ad Copy to Clipboard
SSDeep 192:6TswFvG56JwZT58RlU41pJpGmjtabX+OwJ9V2:6IwkAJ25MGq5VjAuL2 Copy to Clipboard
C:\MSOCache\All Users\{90140000-0016-0409-1000-0000000FF1CE}-C\Setup.xml.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 2.47 KB
MD5 2aba5f9839ae4a308cb3ef202e53a188 Copy to Clipboard
SHA1 31bbdc7a9efb97bbf227d7099b917b109059bb7f Copy to Clipboard
SHA256 a1b00ef10195c3394457eaafe00a03e51513258f608df2e85cc7c4ec52620991 Copy to Clipboard
SSDeep 48:1dFzI8pWt2BkEFAEs0Lqd/yQh/MfO7xNKCeCNUBcGMLX6TyRRq:1k2BkESd/yQEO7HiBctLiyRk Copy to Clipboard
C:\MSOCache\All Users\{90140000-0044-0409-1000-0000000FF1CE}-C\Setup.xml.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 2.04 KB
MD5 25e91bd3799e8673d80c265ca872cf18 Copy to Clipboard
SHA1 bd96d3a694cb0e9543baeacbdaf8c3e511000311 Copy to Clipboard
SHA256 c6c20a36fbab44c753ee1f8d2bf70e1c36a24cb0843a27a24d2f8b997c7e59a6 Copy to Clipboard
SSDeep 48:rWYy39XwFy1/L78B3OYibkPQMnAVbKvVHk5KMbD7XSuRRq:rWYEP1Ttb0QMH0KU/CuRk Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\MS.JPG.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 1.27 KB
MD5 cfb1441166a49c44b228b3181308dcb6 Copy to Clipboard
SHA1 15723884fc4c1c77aaad8ee510450dbe7e1c44a6 Copy to Clipboard
SHA256 3faa1830403d83fe57edec460012d161c2b31de11673291f7513d4c9edf743be Copy to Clipboard
SSDeep 24:lY+V7jUuR94YXRj0gBkSf/HTBIXOYYGQUohzX3Tk3GRp+uM:l/R94XgCXuUoxT3RRM Copy to Clipboard
C:\MSOCache\All Users\{90140000-0115-0409-1000-0000000FF1CE}-C\OfficeMUISet.xml.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 1.05 KB
MD5 c3566e19af813ddf532a95cc69561934 Copy to Clipboard
SHA1 556cc6d19602e41a4f2f6d7651ca05004d508d00 Copy to Clipboard
SHA256 625ea5f7a2a8ae9e486b5bfd912c11e9ab8f28ba040f2e6c3615287b6283aefd Copy to Clipboard
SSDeep 24:bn/JlhVpkqKwjexYH8msGTnya28RBNqCZoGBFwtx/l4S2MFRp+uY:tZpkqVxFBNqzGWx/l4S2MFRRY Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Access.en-us\AccessMUI.XML.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 1.56 KB
MD5 ab942da4a446aea61cc7fc57f2fb7849 Copy to Clipboard
SHA1 438879a9502d97e73ecacab10d3ebab4fa0c3e77 Copy to Clipboard
SHA256 c2555e0db5a7313f872e8490e2e031270826a69745ec3043c514ada8335f220f Copy to Clipboard
SSDeep 24:SUzn/IaB74Cg03CPPgrLqg5ss3Idut5Y2+3sHYPCg4SYWRXjBWe27TmHWSdRp+uS:SPeJmPgrLn5Y2WRXl2W9dRRC/ Copy to Clipboard
C:\BOOTSECT.BAK.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 8.25 KB
MD5 74ed685f31870465c11e21a636a14e87 Copy to Clipboard
SHA1 61d9f0c2a9698233556e9f295e4879673363e6d2 Copy to Clipboard
SHA256 7019e62a6e501ade19d556794811c72e8149870058e2365fab5776a5940365da Copy to Clipboard
SSDeep 192:IFNBxUw6IAeCDZnJNLz46T17x0eBepZnQKPKpTqDz42aSBr8M4y5a0R2:IFN36ILCDZJNHPTF+eBohKpSzyKrQy5M Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\ADO210.CHM.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 2.35 MB
MD5 e4bae88e56b1f20a40d8b0f3fcff753b Copy to Clipboard
SHA1 e98842e8a3212ac74a184155195824c40195199f Copy to Clipboard
SHA256 279f9fcd7d10c0008611007076d5d499339f7e4001ee239749097c9eb3340a01 Copy to Clipboard
SSDeep 24576:nzyc0opacbhmgk5gHL7a35AyjQgz9vzBA4rdeNjiku5OVeCw83Dr8XWA0FjC32Ja:R0opH/cgHa3HRxz+4goA/wkn89gjY2aX Copy to Clipboard
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proofing.xml.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 1.03 KB
MD5 75d66490befe1864b9bbbe87b246927c Copy to Clipboard
SHA1 5dbce99167c929051108687c138a75787ab4ef19 Copy to Clipboard
SHA256 257e2de222beb0ae62bbb7952b94da706df3d99c98f88e9590175481f4d1666c Copy to Clipboard
SSDeep 24:Nbw893hrHRKZCemTRsI2HZUx+Yxic1nN88UIRdBZLY0kRp+uQn:Nbw4sZzmlzx+6G0TLYTRRQ Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\MS.GIF.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 1.27 KB
MD5 2cc7cc983b71c6a4631fc4134d036ee0 Copy to Clipboard
SHA1 2d29613dfccd763f2381bead04d5ef76b9956098 Copy to Clipboard
SHA256 ec7d51326329881c07951f41bd2ff30f2cb4b2f9f109870c12a30f42b12e0d54 Copy to Clipboard
SSDeep 24:udTRMzx75GE1P9QUTzB4YVcYh8xvJ+372UrjWf3GgPfNI5/N+goDURp+uM:0lMzxNXQAz3j8xRi72UC3FPV6LjRRM Copy to Clipboard
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proof.es\Proof.cab.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 10.00 MB
MD5 42ac6eff5aa1dad153cb32ec3d616e43 Copy to Clipboard
SHA1 8d8693b1d4aa27f2f48345e6f2e760c5f205d163 Copy to Clipboard
SHA256 b8984acb419b90aab0f7fd9addaa90b10847e75aeaabfde74fc133085adf3455 Copy to Clipboard
SSDeep 196608:Yu6eDsIwHBL4B9lCzT2bOgcDuihGYrLpVUBJ/7HAFGtNy6aMhnRTU+:WqsIwHNB26gVE7e/7JNMM5RTU+ Copy to Clipboard
C:\MSOCache\All Users\{90140000-0043-0409-1000-0000000FF1CE}-C\OWOW32LR.cab.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 3.10 MB
MD5 783e08eb15e1f1f815c144f034eafe10 Copy to Clipboard
SHA1 e55b444758c64cb3bf71870947a4ab3aba2a03b9 Copy to Clipboard
SHA256 61dd12ee9de9bbdd897d8e4ba3b32f7cca359e5b801e3713b3a62ac1c644512c Copy to Clipboard
SSDeep 49152:AeFNMMFrwnbddIOxFOSOwPFhbYRjfIDPHLoBTv5oJBB47q5Fqcip3lbDv+8u+:zDMUwxyODPFhbY12HLodiF4+5rip3dp Copy to Clipboard
C:\MSOCache\All Users\{90140000-0054-0409-1000-0000000FF1CE}-C\VisioMUI.xml.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 9.51 KB
MD5 97ad7f91c2dffb8751b30d95e9fea80e Copy to Clipboard
SHA1 1581a8818179fd1a3f6cf00704e45e34afee5610 Copy to Clipboard
SHA256 3c0ba75072e253df13264af2f51267ecc25d26034518f69ad62328780e0897d0 Copy to Clipboard
SSDeep 192:2JhlDpbRu0aEkBprSi/cjniJt7nzU82CcAl7eqKnxKFCI6an3E2:2vBaZp7/c2Jt7z/2CcAwbMi2E2 Copy to Clipboard
C:\MSOCache\All Users\{90140000-00BA-0409-1000-0000000FF1CE}-C\GrooveMUI.xml.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 1.14 KB
MD5 db605a25f6e036b575bacc09b4d01e26 Copy to Clipboard
SHA1 413dc0b67dfb436180ef1383afb3a99051631b8c Copy to Clipboard
SHA256 79f8bf8bf55e8edcd08c01a7eb46e87321acc1435eaf765d00086a1536c5f635 Copy to Clipboard
SSDeep 24:PZ0AxYCv/bRG2Rezp5MQXklu6LKwe3jCQPnJeRHvRp+uC/:PZXxxv9G2RS55P6ebW6JeVRRC/ Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\OneNote.en-us\OneNoteMUI.XML.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 1.81 KB
MD5 fde484c4db88244db44df0fcfb77e64f Copy to Clipboard
SHA1 d5967784e8b309a4b08f60119af8462e622a686c Copy to Clipboard
SHA256 50953976b85f86766347ac535febbd3eb3f199b1a44ec5f30301210ea0a320cb Copy to Clipboard
SSDeep 48:NBNOzrSb/XBZ4+g3zrjGE4sJQbM8uq3zJRR8:N7OzrOXg3zrjG/sJQb9XVRi Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office32.WW\Office32WW.XML.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 4.42 KB
MD5 d91b6b90f43baa0b6a08c1b062b17ee9 Copy to Clipboard
SHA1 5c93d9c8e2ffc38acb43f747f9f27ff4c0048da1 Copy to Clipboard
SHA256 338556512cf7578f1444ed4a7f856cb2bdd77a1d175a6992b1bd98d9e9f4e7d4 Copy to Clipboard
SSDeep 96:2tCBaBpomIS8EU1ahUcBpDt9aY4/RpTAmPIcYwyGwHHcGtqusRi:2aavoLeU1aRBpDtUvA3cYwyGwHHr0uMi Copy to Clipboard
C:\MSOCache\All Users\{90140000-0018-0409-1000-0000000FF1CE}-C\PowerPointMUI.xml.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 1.66 KB
MD5 4d6f3ac9d4d80441feeccbdd4883bd07 Copy to Clipboard
SHA1 5a00b3de0840853baebaac8245b80978e6666b29 Copy to Clipboard
SHA256 25868a26ec996d85b10eb2b6c42f740dd3409abfc2e733f86db4de5c1f348d41 Copy to Clipboard
SSDeep 24:+Juwl/XC1kEQNDYcWLo9CTCRP/b4ZHxHs7u05uYJHJ7bZjUYtefHRp+ua:FOC1kErLo9MYji+u0UYf95te/RRa Copy to Clipboard
C:\MSOCache\All Users\{90140000-0043-0409-1000-0000000FF1CE}-C\Office32MUI.xml.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 1.60 KB
MD5 31caf4a16f805480b88c90e6a6a5fdff Copy to Clipboard
SHA1 be01c346d941aed01b3b4ef2177708fd68bf298b Copy to Clipboard
SHA256 62719441ce214da0a051589e1b20412e7119e3ff2a3e55f6e1b1c995ab73ace6 Copy to Clipboard
SSDeep 48:CSXtSeQLsJt2esJymqpxkByNJ23mXl1erRRu:f9AsJt2esJdqpx4cdGRI Copy to Clipboard
C:\MSOCache\All Users\{91140000-003B-0000-1000-0000000FF1CE}-C\Setup.xml.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 16.52 KB
MD5 3312dd311589764992d96f85bf572443 Copy to Clipboard
SHA1 1a4287fa696ff7f9fe720be2f07826437a311d52 Copy to Clipboard
SHA256 241e5d5c9787ab1d8ef007770ec60ae380db2683a1299591914a4f0aa3377253 Copy to Clipboard
SSDeep 384:H3RxiDRlSTR0j8wnvz2BGD4TB0ZVqHsKe3uBpe4TRjk:XRxiDqTR90rTDKB0rqHsKeefE Copy to Clipboard
C:\MSOCache\All Users\{90140000-0019-0409-1000-0000000FF1CE}-C\PublisherMUI.xml.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 1.66 KB
MD5 4006762eda8fcf9652a970a3d537cabb Copy to Clipboard
SHA1 6966bdacf6ecbf93be0156811608d49988fe8cc5 Copy to Clipboard
SHA256 4c2d73efcdc097611fee9ef467e5954745918f51ed2cde12cb3d8eec9b5542df Copy to Clipboard
SSDeep 48:c7z4ac3CrHQ5vjyjgi5c7fzeuRdJtA1D6YhgfPeT+RRY:c7zV8ow5vcgisfzltAmXfvRe Copy to Clipboard
C:\MSOCache\All Users\{90140000-0018-0409-1000-0000000FF1CE}-C\PowerPointMUI.msi.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 3.14 MB
MD5 0fd3cf594c6ddc5a07e48cfc04fa2cab Copy to Clipboard
SHA1 2572a9addeaec5e4cb40f18cf85bb44247a2232a Copy to Clipboard
SHA256 89a3fb1bb129cd8f4c0fa6dcce0f633f9079bee5e22259f5066050b0c7493411 Copy to Clipboard
SSDeep 24576:zxnP6WBzkm83xgDBo8o93HmJP9VB5bxQrzVDFJdjHs5wuofLfdky20ytJytLm6JB:zDxL8QBo6Tex4S120ytJyDrRHndZZEYZ Copy to Clipboard
C:\MSOCache\All Users\{90140000-0115-0409-1000-0000000FF1CE}-C\pss10r.chm.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 26.79 KB
MD5 ee6d88d173e6cf11720a8b595613fe3e Copy to Clipboard
SHA1 9ca915f9fa7f3fbd0c52f53ed72d61daf428b0e3 Copy to Clipboard
SHA256 9965f67274187a2ef8131f719a9eec476c0698f9319f56d0fd5728c204a2d155 Copy to Clipboard
SSDeep 768:6j3fjREGXE7Wal0oujQlYP0NXi9vZ3KZ7Y+:wfNE+0WwXKQlC0NXKv5KpY+ Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\InfoPath.en-us\InfoPathMUI.XML.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 1.44 KB
MD5 0b3128bac23568d731e0a449064e75f0 Copy to Clipboard
SHA1 653b9d6ecc4730ab65b05c90d4beaa29c988358e Copy to Clipboard
SHA256 a29b9abf1a548127af866238699cd4027c0ffc16fb659d8346e3ba25b244dd73 Copy to Clipboard
SSDeep 24:SqmyEfmIsI+9cXrhZSpnCOVRXsG6oK0a5VH2wEhmA1hdfDdsrRp+uu:eFmIg9uAnCO8R0a5UwSVfxwRRu Copy to Clipboard
C:\MSOCache\All Users\{90140000-001A-0409-1000-0000000FF1CE}-C\OutlkLR.cab.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 10.00 MB
MD5 0132354deb06c352353675fce278a129 Copy to Clipboard
SHA1 82f447263c0d4d83d398af15034413083edcbc35 Copy to Clipboard
SHA256 8e5451128ff68d309300dd54c2a3bb83f196e6fefb39f1e8d6b7c24b8a6f7307 Copy to Clipboard
SSDeep 196608:TIwm3nNVAl+ig71eZ8FclBElWHEbyLbyo9crpLlR8ioLO0ZF9CrpbQ:OL71eiFge/GHyo2rpLkcoCrpbQ Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\OfficeMUI.XML.id-9C354B42.[Decisivekey@tutanota.com].AUF Created File Stream
Not Queried
...
»
Mime Type application/octet-stream
File Size 5.67 KB
MD5 e51fb235f0c871c45bc2ab3516e0877d Copy to Clipboard
SHA1 3046adeb22ac9ca5c2001de4a2ee22baf3585584 Copy to Clipboard
SHA256 20cdf444f8845f19b1894b1296a17b53a4902d2397dab3ebcc572c8d02bd023e Copy to Clipboard
SSDeep 96:H3d/DtGzsUNx/JDTu+1n8o23TS/qthGQ9A0Ibv+1beKS9PVBuArKxBynpv600HUk:H3dJnYvusn8Vw2Wv+1LS9NItBQxz0rrp Copy to Clipboard
Exit-Icon
WHOIS Domain Information
Domain Name
WHOIS Response 

       		
      

     

    

   

  

  

  

  

   

    
    

     Function Logfile
    

    

     

      Download-Icon
     

    

    

     Exit-Icon
    

   

   

    

     

      
       This feature requires an online-connection to the VMRay backend.
      
      

      

      An offline version with limited functionality is also provided.
      

      The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".
     

     

    

   

   

    Before
   

   

    

     

      
       This feature requires an online-connection to the VMRay backend.
      
      

      

      An offline version with limited functionality is also provided.
      

      The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".
     

     

    

   

   

    After
   

   

    

     

      
       This feature requires an online-connection to the VMRay backend.
      
      

      

      An offline version with limited functionality is also provided.
      

      The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".
     

     

    

   

   

    

     
      

       
       
       
       
      

     
     
     
    

   

  

  

   

    
    

     Screenshot
    

    

     Expand-Icon
    

    

     Exit-Icon
    

   

   

    

     icon_left
    

    

     icon_left
    

   

   

   

   

    image