71506a33...10fb | Files
Try VMRay Analyzer
VTI SCORE: 97/100
Dynamic Analysis Report
Classification: Keylogger, Riskware, Wiper, Ransomware

71506a3322b0e0bc6fc2c1a1f0ac844a82a8c3fbbfeb4e6452013b4ade7610fb (SHA256)

SauvegardeProjet.exe

Windows Exe (x86-32)

Created at 2018-10-28 08:51:00

Notifications (2/4)

Some extracted files may be missing in the report since the total file extraction size limit was reached during the analysis. You can increase the limit in the configuration settings.

The maximum number of reputation file hash requests (20 per analysis) was exceeded. As a result, the reputation status could not be queried for all file hashes. In order to get the reputation status for all file hashes, please increase the 'Max File Hash Requests' setting in the system configurations.

The overall sleep time of all monitored processes was truncated from "21 seconds" to "10 seconds" to reveal dormant functionality.

The operating system was rebooted during the analysis.

Remarks

Some extracted files may be missing in the report since the total file extraction size limit was reached during the analysis. You can increase the limit in the configuration settings.

The maximum number of reputation file hash requests (20 per analysis) was exceeded. As a result, the reputation status could not be queried for all file hashes. In order to get the reputation status for all file hashes, please increase the 'Max File Hash Requests' setting in the system configurations.

Filters:
Filename Category Type Severity Actions
C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\SauvegardeProjet.exe Sample File Binary
Unknown
»
Also Known As C:\Windows\System32\SauvegardeProjet.exe (Created File)
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SauvegardeProjet.exe (Created File)
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SauvegardeProjet.exe (Created File)
Mime Type application/x-dosexec
File Size 597.50 KB
MD5 ee754ea777505e2fd2870afb325f50e8 Copy to Clipboard
SHA1 be8724e9bd48665ae0c6eedbaf8de23e5987dc45 Copy to Clipboard
SHA256 71506a3322b0e0bc6fc2c1a1f0ac844a82a8c3fbbfeb4e6452013b4ade7610fb Copy to Clipboard
SSDeep 12288:td5UKfiOLkxMAgyJ/4zBSqGuKCYminksnkyr2OMnVVs4OgcwdPsc:X5LAHPDuKC8n/dCD9Zsc Copy to Clipboard
ImpHash f34d5f2d4577ed6d9ceec516c1f5a744 Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
PE Information
»
Image Base 0x400000
Entry Point 0x496c3e
Size Of Code 0x94e00
Size Of Initialized Data 0x600
File Type executable
Subsystem windows_gui
Machine Type i386
Compile Timestamp 2018-10-26 18:42:15+00:00
Version Information (11)
»
Assembly Version 6.3.4.5
LegalCopyright Copyright © 2008-2018 Chemix
InternalName SauvegardeProjet.exe
FileVersion 6.3.4.5
CompanyName Chemix
LegalTrademarks -
Comments -
ProductName Inaccordant
ProductVersion 6.3.4.5
FileDescription Inaccordant
OriginalFilename SauvegardeProjet.exe
Sections (3)
»
Name Virtual Address Virtual Size Raw Data Size Raw Data Offset Flags Entropy
.text 0x402000 0x94c44 0x94e00 0x200 cnt_code, mem_execute, mem_read 7.87
.rsrc 0x498000 0x400 0x400 0x95000 cnt_initialized_data, mem_read 3.13
.reloc 0x49a000 0xc 0x200 0x95400 cnt_initialized_data, mem_discardable, mem_read 0.1
Imports (1)
»
mscoree.dll (1)
»
API Name Ordinal IAT Address Thunk RVA Thunk Offset Hint
_CorExeMain 0x0 0x402000 0x96c14 0x94e14 0x0
C:\MSOCache\All Users\{91140000-003B-0000-1000-0000000FF1CE}-C\PrjProrWW.xml.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Unknown
»
Mime Type application/octet-stream
File Size 6.51 KB
MD5 b72a98db394cdff2da756227b2d3f1d3 Copy to Clipboard
SHA1 36442a3a916d6e0b6ff4761dbe94053d3baa62ea Copy to Clipboard
SHA256 e0464059bab7555b02f62578a885ce5537fe187ab2aa0a13e3576f48f676ab12 Copy to Clipboard
SSDeep 192:06kIUGC3zDStLKr38ah0B7aep3ZdaSOnRNaNU9/uZrtQedB:060DSd0Lh63n6RNSeORvdB Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\THEMES14\COMPASS\PREVIEW.GIF.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Unknown
»
Mime Type application/octet-stream
File Size 1.49 KB
MD5 cf0f09005aab5054c106a72fb3adb77c Copy to Clipboard
SHA1 e2ae286822326e9b2dea3157b81fe7b1a1db82bf Copy to Clipboard
SHA256 1db7c6b150178b6a2c2e1a8edd402451febbee358a8fc92819b2d389fcba2d58 Copy to Clipboard
SSDeep 24:NGms4z79pp96CqT0M6n8H0WltVQPn3zhHWUP7r4TTu3yL45A2PwyHL0FVBQAGpO6:NGK79sCeTH0WlnQPYUPIT9L45HwqLYVC Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\THEMES14\AXIS\THMBNAIL.PNG.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Unknown
»
Mime Type application/octet-stream
File Size 34.34 KB
MD5 5ddab25fd0fba58f6c40d6814792be70 Copy to Clipboard
SHA1 622b8c70490af81d2098e9c31a2fdfea1f48578c Copy to Clipboard
SHA256 5fe96e7946d0d8d0e1c938aecc9ea86a0112a22c85afca1a083a50123ead292f Copy to Clipboard
SSDeep 768:x9xHBlX4ZPB3E8KLJETCC4EGLNxC64Ek77lTpYC7/ecuAT0fZ:xvHBt4ZdKLGn43L7V9k3XYU/zpwR Copy to Clipboard
C:\MSOCache\All Users\{90140000-0019-0409-1000-0000000FF1CE}-C\PublisherMUI.xml.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Unknown
»
Mime Type application/octet-stream
File Size 1.66 KB
MD5 5778fbe525f5cdf44c5a7e231e8b3296 Copy to Clipboard
SHA1 ead6a47363d12022da6f95cf5c61541d55ec1a1d Copy to Clipboard
SHA256 5f1e9891524e5c3f31dc5e961c402457c2a8b39f18e62bf231062ee11f6e7f32 Copy to Clipboard
SSDeep 24:/cEIz/NsKybMHbKeYcIOEX2DGdsccimOBkLUdZaZ58rL5q2qldpWbeC0vpO+VURk:Etz1gbMeeYXzehiFhTaHf0beBcquk Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\SETUP.XML.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Unknown
»
Mime Type application/octet-stream
File Size 9.37 KB
MD5 0e645dad2744760bbfa6eebb97a8afd2 Copy to Clipboard
SHA1 01856d9ea1e282e00573deb5202da95a6b32d49d Copy to Clipboard
SHA256 5cd74117e414932f106769e91f8bdb056003ac9b797b9769d37d38a990f8b1bf Copy to Clipboard
SSDeep 192:0Zwn41DaidCnQovhkHnifjGabAez6QjAI/B4dZ:fWH+FJfjGaEeCICdZ Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Outlook.en-us\OutlookMUI.XML.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Unknown
»
Mime Type application/octet-stream
File Size 3.36 KB
MD5 5e59db80e3cee22a71d4c4025dcacbe1 Copy to Clipboard
SHA1 138ad020e71b52870287ebb88c5bd93db4ab4eec Copy to Clipboard
SHA256 c9501f91e9661849eb7268f2f086c9721ad17eefbd0bf9ae32c9ab0450142e2f Copy to Clipboard
SSDeep 96:u+TIMfIIhOa61JouQD3MzDCHx7gWSHFvCnsdr:u+/3t6/BQD3M60bHFDdr Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\PROPLUSR\ProPlusrWW.XML.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Unknown
»
Mime Type application/octet-stream
File Size 16.70 KB
MD5 babd1f2d5e96f18e6a5dfdcdd5c725bf Copy to Clipboard
SHA1 aaf81ba7aa8eb6d83d8daf5b8bfb95feeadb5d89 Copy to Clipboard
SHA256 848d6b25df64a52c305d2250730ce39c12d3328aadf3d7d076b53c83c17bbccd Copy to Clipboard
SSDeep 384:EPjDDepCwgz3wIBh7o66DpSl/pDv/CAdr:4+pCwPIT/YpSlhDvfF Copy to Clipboard
C:\MSOCache\All Users\{90140000-0018-0409-1000-0000000FF1CE}-C\PowerPointMUI.xml.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Unknown
»
Mime Type application/octet-stream
File Size 1.66 KB
MD5 add117809ed2b396ea168da281d0adc5 Copy to Clipboard
SHA1 c5e3c5d0c198a4522703e6096368826f3864d5c3 Copy to Clipboard
SHA256 cb7695ef1c03a1e5b4649d4545bfe2011f023e51e6c773589a18c0f280c67392 Copy to Clipboard
SSDeep 24:zRlqCrHJfJh0KeraWLemxwasGbv1wQTRzheaEbxwuZee4xaw5aQjS7dFYteC5+5n:z3qChF+p1bv1QNw6ePxawdMuteJ5cquO Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLUEPRNT\THMBNAIL.PNG.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Unknown
»
Mime Type application/octet-stream
File Size 27.00 KB
MD5 b26ac12e65c1681392532e6b04bcbdd7 Copy to Clipboard
SHA1 0922dcaddf7dace58722972555b8c8e613e38c9b Copy to Clipboard
SHA256 17729fab3ebc40da841e0cc24668a66436d9665370c89a4ce935c48227395370 Copy to Clipboard
SSDeep 768:ZPQAuHC9UOxj1ZVD/1qtK06vibBHwdM6XtUEP90zeyXdqKoNgZ:ZPQAuH4t3qtK0uibBHwdM69UEPidcKgU Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\PSCONFIG.CHM.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Unknown
»
Mime Type application/octet-stream
File Size 37.04 KB
MD5 c5d41dc21ce101e24239fefd9c7e556b Copy to Clipboard
SHA1 2c288b40f074d244165e870e1fe8761b9fca6a2f Copy to Clipboard
SHA256 06ed40515af88d4084fb9be35da5049f1a55908d822ccfe9f1e8778979d4650c Copy to Clipboard
SSDeep 768:6ZZGtrZZsr9ZVBDyGerx5UBrnr2utzMVdagfG63QZ:oGTZg2T5UBrnrMjG/ Copy to Clipboard
C:\MSOCache\All Users\{90140000-0044-0409-1000-0000000FF1CE}-C\InfoPathMUI.xml.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Unknown
»
Mime Type application/octet-stream
File Size 1.44 KB
MD5 38a55d6468dacc5bbf69f3de7ed9dd9c Copy to Clipboard
SHA1 9e209b099e62286e2aa920c5e3db61629440b36a Copy to Clipboard
SHA256 76f08dab75aabfb9708bc925839b922307a407f5db1e9c580842e4a7275405c2 Copy to Clipboard
SSDeep 24:zKBk0ruCLcHurci4ocE3vQXyCDCTCdXmAIAPPeHd3lO4y6TeCjCpO+VUR6:b0rVcHuHoE3AC6nIAP2HDWse2Ccqu6 Copy to Clipboard
C:\MSOCache\All Users\{90140000-0115-0409-1000-0000000FF1CE}-C\OfficeMUI.xml.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Unknown
»
Mime Type application/octet-stream
File Size 5.67 KB
MD5 7ad4bfb18dbe532c6e1faf085b31bb44 Copy to Clipboard
SHA1 98945c552bb0f4b76abe3159331d6c167ea85c8f Copy to Clipboard
SHA256 656dcf75cc29d3ae9e61c0940bf1e600629f2f551f46b6111d2b640b542f1339 Copy to Clipboard
SSDeep 96:lKrgax3y+glm5eAO63R8jNGXALJhUtlom9QQQLr9tQQS2/R9qdzubdrGS7imTHI1:l3ax3DglmUAO63R8pGehUEI0Zmg5kIxg Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLENDS\PREVIEW.GIF.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Unknown
»
Mime Type application/octet-stream
File Size 2.37 KB
MD5 7e123f170a1c4e0d7223012343d5d57a Copy to Clipboard
SHA1 a7efd30a3e7c076884884665fae691503ea76998 Copy to Clipboard
SHA256 4cefff60e6a8cc40794e87857979cc0278e8d2c392b9d0096a7fdd7c3f9110de Copy to Clipboard
SSDeep 48:zB19BQ4OVR+yt53Tj0QyunWEeikXQXZ3wcH3dLTMsgDDqlwR/U45cquy:91vmRHtl39k+n9TMsgDDCwRM45dt Copy to Clipboard
C:\$Recycle.Bin\S-1-5-21-3388679973-3930757225-3770151564-1000\desktop.ini.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Unknown
»
Mime Type application/octet-stream
File Size 0.37 KB
MD5 762dc1684f6ee4fbccc0ab2ccc61b243 Copy to Clipboard
SHA1 8dbe4f88c1f17cf416338289ee7e850e76620844 Copy to Clipboard
SHA256 e6cfd5c8cc0358d9933ccb42bd0f5602cdc96e8864ec8844802f42323a7b3674 Copy to Clipboard
SSDeep 6:gp1IgQkLFn4YuGqlu+ZVc6WClUac2HBewYKFYdudUS8ENqY+VAtOCZZK3xnCvMV/:20SDuGp+ZV3jUacPwYKmudUSxNqY+VUk Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\Smart Tag\LISTS\1033\PHONE.XML.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Unknown
»
Mime Type application/octet-stream
File Size 2.04 KB
MD5 f04b43af8991b91ebbb0f82b4037ec78 Copy to Clipboard
SHA1 86c6403451a2d039dce9a7b880d8057bbafb45fc Copy to Clipboard
SHA256 a5264e048103bb95d4f74b7c617a431f9bd42defae37606c646a7370abdeadfd Copy to Clipboard
SSDeep 48:ZZwj1Zx4j6FV5JV19gUOrSlodXYsjdbIDHXcque:aVicVjV19gDSe/KHXdZ Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\OfficeMUISet.XML.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Unknown
»
Mime Type application/octet-stream
File Size 1.05 KB
MD5 80a1f6455dd02a4946f960d44ef246c1 Copy to Clipboard
SHA1 9ff420ad6a25e9dcd2c36533cebf6ad75fe753a9 Copy to Clipboard
SHA256 5f415532eab5c8fa7ffadce28092f5f88dad250a3d90b84b4c80071ed596ddb7 Copy to Clipboard
SSDeep 24:EhRO7WQA8Izx9Ca8/DIOj+Fuu+bqYW7KH7XRemOxYJWjIXlaRlS2MKpO+VURk:K4A8cxn8/XKFOFEmFQUaRlS29cquk Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\MS.JPG.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Unknown
»
Mime Type application/octet-stream
File Size 1.27 KB
MD5 c6714d156c66d2911df66c312722b68d Copy to Clipboard
SHA1 c53bea6c43bf9d53e3ea9e8982e318930cf60f4e Copy to Clipboard
SHA256 9de9e6999d78899947906c2bfaeda3f19d2ddc5304ed6fc2950ecea54737ebf1 Copy to Clipboard
SSDeep 24:usHLi8iT9yQUCydHH56UFgBpuJjbcrF4RqArDnDaKdFGXlpO+VURAl:3HL0ZsZ+2tbwF4RqArr2KdcVcquAl Copy to Clipboard
C:\MSOCache\All Users\{90140000-0043-0409-1000-0000000FF1CE}-C\Office32MUI.xml.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Unknown
»
Mime Type application/octet-stream
File Size 1.60 KB
MD5 fe37b4230a3b06ac4512d73cdfc7d36c Copy to Clipboard
SHA1 890e0fe2ca366375fa338b794fd983abba8c2de9 Copy to Clipboard
SHA256 abd1f4a48451926534df9e68b690926bc81705f8e8582a0e5276827dea240561 Copy to Clipboard
SSDeep 48:Bd/+/g1gnAX0kEXP0stXj1Hy9h+cXdD4QAe1e6cqu6:Bd/+ECc6pH4hx9HVdV Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\MS.GIF.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Unknown
»
Mime Type application/octet-stream
File Size 1.27 KB
MD5 7aa2cf1f1616e72c6d2bb955548f7f5e Copy to Clipboard
SHA1 57e1ff0616683b106a3cc12dc755e8338bc7eb98 Copy to Clipboard
SHA256 622efa8c25e3f1ae464b53e435ba8739a9c5a801f6a3b93e33faf7e9774472b0 Copy to Clipboard
SSDeep 24:bEFqGRuXCWMnUAN7eWtQvT9xdedKfRRBG3NcFUmQqt29SpO+VURAl:RGRuS1nlN7e2e9BG3iFiqxcquAl Copy to Clipboard
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proof.en\Proof.cab.id-9C354B42.[GetDataBack@fros.cc].gdb Modified File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 10.00 MB
MD5 052b4a3aaf24e1879297e0f1408c7662 Copy to Clipboard
SHA1 ccf2d2087988828f8117c27f1ec3ccaf4b5b926d Copy to Clipboard
SHA256 6c23fd16b44e1eefdf52ac7ad99a1fc46a9b4b3e77c6643dd26d1ad79a2d1021 Copy to Clipboard
SSDeep 196608:Vf1gRyjQR9g8YYIcjfXontQdQGzFZaGkGdN7p06H1JX/WanfW/OIV0h:V1WbR9YY5AJGBZWGRz1kaza0h Copy to Clipboard
c:\users\5p5nrgjn0js halpmcxz\appdata\local\gdipfontcachev1.dat Modified File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 106.27 KB
MD5 92e128dcb152d05f07faf5da64bd1c91 Copy to Clipboard
SHA1 2174814ca563fc2b9679fffbf1b40bdf3ac9abec Copy to Clipboard
SHA256 11437a99f5f9c0a6df09c64abc8828ad3ecd8cf4fa601340ded86b8945edff43 Copy to Clipboard
SSDeep 768:i8HrbdvVyZHgTl7ho5sZWN/Ys9byFRQ+AwqGuGyZoVyOF7rrlqTIyMnm:/pVyZHgTl7h6tKR7AwqlGyZQVO1Mnm Copy to Clipboard
C:\MSOCache\All Users\{90140000-001A-0409-1000-0000000FF1CE}-C\OutlookMUI.msi.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 3.48 MB
MD5 702d6ff89285b8dd2236b640ec15d814 Copy to Clipboard
SHA1 c30524cc4592f4770a853254ba0fdfaaf90caa15 Copy to Clipboard
SHA256 a8cb7fe25d3a684c1d8672e7e509333dce960df8397bad3163b18330a19b24af Copy to Clipboard
SSDeep 49152:fHYLL/WoWLljb1R6rOSN20yRJ6F5sy0SauOGw7ov:fqLVW6vHsy02/Xv Copy to Clipboard
C:\MSOCache\All Users\{90140000-0018-0409-1000-0000000FF1CE}-C\PowerPointMUI.msi.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 3.14 MB
MD5 5b92c8dae5fee3e68c2ee2c2561e6a6e Copy to Clipboard
SHA1 5a60c2110a36c205888ecb97b68727d7a575d87d Copy to Clipboard
SHA256 7304c8594ab930f2605a609e08ad97abd60b5e806f41795153c50ed87af717d2 Copy to Clipboard
SSDeep 49152:zDxL8QBo6Tex4S120ytJycuW3Pci1hvWrhFFawPUQMyP:zR89j1U9cUuVbawPXP Copy to Clipboard
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proof.fr\Proof.msi.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 865.24 KB
MD5 9f676d541a88a63e4c0fcfbbb6b349b0 Copy to Clipboard
SHA1 02c876eb13716b8492147d492eb40318f66a5768 Copy to Clipboard
SHA256 f4dc955baaadeb662fc05812262582f4267d64fa27cc0c7f27a90ad115fef558 Copy to Clipboard
SSDeep 24576:HUE6+CcXJ4gxRxuTge6ferywhWWdIQ50+14vl8GP:pXd9pwhtd5h1g Copy to Clipboard
C:\MSOCache\All Users\{90140000-0115-0409-1000-0000000FF1CE}-C\setup.chm.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 65.85 KB
MD5 3fe518f401734e00823c8cb59552c5ec Copy to Clipboard
SHA1 90d17e201db829d44de26aa36aab65c7bd02bb3e Copy to Clipboard
SHA256 0bbeae761a30fe358380cc93a18ac0f2321b9f10b6448950f5ff1fc7aaa24a69 Copy to Clipboard
SSDeep 1536:+hUgBnUt4lfZBgollwnWUcshGbw5FOY0jH:+ltUylfRl6WUjdzOjH Copy to Clipboard
C:\MSOCache\All Users\{90140000-00A1-0409-1000-0000000FF1CE}-C\Setup.xml.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 2.18 KB
MD5 cd8f2f1f93b18f36cbc474ab84f01a50 Copy to Clipboard
SHA1 f11c87f88f9f8bcb21c27c7186d3a84084f470cc Copy to Clipboard
SHA256 06b7538c5ddb495d57b667037c0638cb36321d32994068736ed180bf26045225 Copy to Clipboard
SSDeep 48:hFcT4j898uxieOkNcPxdBI+XKbceigvzBNcVJvm+53UiRlcque:rc8459km+Xoi4Fiv13UildZ Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Word.en-us\SETUP.XML.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 2.60 KB
MD5 c2f17e41c9fa73da2316e243b7f4ab69 Copy to Clipboard
SHA1 cbddd605ff602d674349f7eeac50c207a5bab7e9 Copy to Clipboard
SHA256 42888d4e3eeda7d5524402210abd77fc40b323d77d0b9783b39b1e9f5dcde03b Copy to Clipboard
SSDeep 48:uqShOUmmcalTzTRF8j7C1nmFLG19HdDBorHcDX3iDDcGcque:uqSh1ciTl11vVorHuCDDcGdZ Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLUECALM\THMBNAIL.PNG.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 32.48 KB
MD5 c12bef59ebf32652e6cb84e9a666691a Copy to Clipboard
SHA1 41956e1b76a4480d23aabe1209f683b5c901e53f Copy to Clipboard
SHA256 4dd5c93bf680344866f468abe684e513c9dfc154b58ddb07c8d6a068e703103d Copy to Clipboard
SSDeep 768:1n7/rlgr1DAUji8F+My/Wg92VKmomqN5c9uDJhubZ:RFgh1e8F+D6KmovTc9oja Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\PSS10R.CHM.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 26.79 KB
MD5 86e7b21dc207abe878196275b4062a3a Copy to Clipboard
SHA1 cbbda8fa440a52c904e7fc778ab781ddd64852b7 Copy to Clipboard
SHA256 82c722f2ef548d770db00ad0bbcaf5ece7f60481fd38fdbef40f68318c2215fe Copy to Clipboard
SSDeep 768:WYnugA7jCI0hA3MQ4k12QvAAivdnXUoKJ86k2t:T0CHhtFe2fAilnDgku Copy to Clipboard
C:\MSOCache\All Users\{90140000-0117-0409-1000-0000000FF1CE}-C\Access.en-us\branding.xml.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 582.61 KB
MD5 7d9185fd5d805788ba7c2b9c6e5c7bfc Copy to Clipboard
SHA1 bccc953f0f770813374837b6ee0ba29aa97fe4ca Copy to Clipboard
SHA256 c7769b46ec497c0ead33b3db592e4d4b553966f45e172367106de4a2c253d0a7 Copy to Clipboard
SSDeep 12288:Dzydu7IKqOmVnPnynqPjb2Th/HKPAdDoo2tQOzkDGhrJa+k:3ySIKqjRDjb8NKIdDzOzuIsB Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\Smart Tag\LISTS\1033\STOCKS.DAT.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 38.34 KB
MD5 0174138c365fe3dce525161068b201f3 Copy to Clipboard
SHA1 da7a810b5e22df5547655058b4e918bc44162299 Copy to Clipboard
SHA256 cec7790a40b742172cd327c1ea29d0195b7a3cffb810da470386d52e09662bc4 Copy to Clipboard
SSDeep 768:IINFc2hMV4QYNQ3fy1YWb5O+H9Uj/Khfutyf82tCcA+jt8BnB79PmWI4yt:IKmBVS59C/6utyf8tcA+jt8pvPm9 Copy to Clipboard
C:\MSOCache\All Users\{91140000-003B-0000-1000-0000000FF1CE}-C\Setup.xml.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 16.52 KB
MD5 53022c80e4d6f552717866bde0ae32f4 Copy to Clipboard
SHA1 fdef44902db6999a910d62e7cb88420b3ee8eeda Copy to Clipboard
SHA256 428d23a6d136babc269dbdea8b032ccae11d20bada03f31a4604794af5e7c10c Copy to Clipboard
SSDeep 384:tCDK+tbHcLSOkUrsVWrzPjpMASWpiHVIzbfcrcBY81ZdZ:ADK6bHc5kU8WWDVIMOrX Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Proofing.en-us\Proofing.XML.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 1.03 KB
MD5 ffaf6e74d43bdba72370048bf78d160c Copy to Clipboard
SHA1 5915aa5517dfae25553c3f92522f66d4572ca81e Copy to Clipboard
SHA256 2d480b3d131a9183d5c05ac488695ddfd1e9a48d0b86c4011fcccd7ee0388ab3 Copy to Clipboard
SSDeep 24:APavACVe09chxOj4nJFhxi2FM9OY22Lmy9ilAoGtOnpO+VUR0l:AQVe09chxOcJnxg9OY2hy9waAcquc Copy to Clipboard
C:\MSOCache\All Users\{90140000-0043-0409-1000-0000000FF1CE}-C\Setup.xml.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 2.54 KB
MD5 ec6e614494d5d2baba425516d97ba071 Copy to Clipboard
SHA1 7855a2653b0896c31186ce75cd4ed4f717bb35fb Copy to Clipboard
SHA256 9d2601994cdf2fe33be87c3f279c36a3a16dd2af1ca085c02277203007c24b57 Copy to Clipboard
SSDeep 48:OelpgdYGp5y8Tb0L+P/9P3HdcKbUEKnNlCCzgomYnKrgl50E7Byecque:OelpgdPoyf99bu39FJb7ByedZ Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Access.en-us\SETUP.XML.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Compressed
Not Queried
»
Mime Type application/zlib
File Size 2.80 KB
MD5 c280946cf8eb45a05a1a0216aa0f972e Copy to Clipboard
SHA1 b01b112dc142b8f7054c4fedd83eb7e0f7b4009c Copy to Clipboard
SHA256 6ade530fe19b9cae27a1768ef8da97d512f2461068182967caee771bd6e351af Copy to Clipboard
SSDeep 48:33X8KYYJ3Cy+AO6HSw6eyNTKqjqF0I2gcZrEllDtYM7CiVZb9uywX+x0PtDN2del:HMU32AO5wMNvS/2HZrcplZEM0PtDkdel Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Excel.en-us\SETUP.XML.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 2.47 KB
MD5 af3dadad9a933b7a69be3fb73c6d5988 Copy to Clipboard
SHA1 8ea5038a9b8f89fbec9e7febfba4dae0f63a23cd Copy to Clipboard
SHA256 9bf88f9a2de455ee2317d5c3bd6366c90841186330082ff8c52e808429c3990f Copy to Clipboard
SSDeep 48:X9YHSzjUUkRrneb4w84YaqJYVbxchblJP4b/3z+ZezP4yG0Ydfonckcque:X9cS3ARrU4w84YwVuhR1cieP4yG0Ydfo Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 0.87 KB
MD5 2862968c37e9980e24921d7b5518c214 Copy to Clipboard
SHA1 1411c49bf8a89bead36b285db235d1d3ad2904c1 Copy to Clipboard
SHA256 a3932e48fc3a40bbe08f2302c14dcec06aff5366e7de1190a956b6481f95177a Copy to Clipboard
SSDeep 24:Mp60CBEMYhQy8dDoDiXqmKFmabQDV818rTVXygnz2pO+VURy:ipC2MYCd1fIZ8BfIcquy Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\THEMES14\BOLDSTRI\PREVIEW.GIF.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 3.63 KB
MD5 fac85c4021c4375d913332346b50c6b4 Copy to Clipboard
SHA1 63fa02c9280e88ede2e84cd10143a932c56441d4 Copy to Clipboard
SHA256 078abc42269e80b3a86163b478d022e65b58d22599c82c8fa9ef0d3f962327cb Copy to Clipboard
SSDeep 96:H92nYWza957RGB18sBvNsYkAvysQ9wtZI3AzdK4hjAEdt:ezadcZaYk4Qqt5DaEdt Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Proof.fr\Proof.XML.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 1.66 KB
MD5 dbf50a87cf036cd8b53319cbb1a5a5a5 Copy to Clipboard
SHA1 603bd1434f55124fb8ef7c6bf2a39ebabba31f92 Copy to Clipboard
SHA256 ecbd515c83a6e316227f17b0b46d92440dbbecc889baf42ef83cf4f39abf2b7c Copy to Clipboard
SSDeep 48:hJxEQ+3kBUEPv3Lgg9luPcuK0AcC+AhWecque:HiXkDPv7nlpv0DCvWedZ Copy to Clipboard
C:\MSOCache\All Users\{90140000-0043-0409-1000-0000000FF1CE}-C\OWOW32LR.cab.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 3.54 MB
MD5 2f60bc4c9f30493535406110db115725 Copy to Clipboard
SHA1 bc9031e55b2c9df010fbf6f36f66db7ec225adda Copy to Clipboard
SHA256 9b5c5539786a65f9c1886fa0a13aad933d74afa49e3c82add08072a9021d8938 Copy to Clipboard
SSDeep 98304:zDMUwxyODPFhbY12HLodiF4+5riRrlFGW:z4UwVthio4xrXGW Copy to Clipboard
C:\MSOCache\All Users\{90140000-001A-0409-1000-0000000FF1CE}-C\OutlookMUI.xml.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 3.36 KB
MD5 612e98c48e5b0dde45ef6826c33c2a03 Copy to Clipboard
SHA1 df4eb98afcb9ad605d06cbf6aded917d513edaaf Copy to Clipboard
SHA256 a3ee6b9c9317909b56a9fe2c78e3aa5d8832d562a218540a683a5563971dc4b3 Copy to Clipboard
SSDeep 96:GYDbyXampd2KYjgmMQCfjAfkjNPreWVz3rN7+Epdr:3/qRYa79jNPrx3Rdr Copy to Clipboard
C:\MSOCache\All Users\{90140000-0019-0409-1000-0000000FF1CE}-C\PublisherMUI.msi.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 3.15 MB
MD5 f3d9896ec823b10f0655e4640b4e3ce9 Copy to Clipboard
SHA1 7be2c8c6d698534b05a8e2b2615f7edd89dc7ed5 Copy to Clipboard
SHA256 fb7d0cfc7e76407e659470bfd1d8c454f4b6560762cb7fccb86310ddc885327d Copy to Clipboard
SSDeep 49152:zDxL8QBonTex4S120ytJyIjdhquHC6dgKXb:zR89K1gKt6dgKXb Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office32.WW\Office32WW.XML.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 4.42 KB
MD5 389199b0c29020c44e4c5a7635c2f04e Copy to Clipboard
SHA1 63e2785f34852e2eba7e4df2cf42ebaf16cadaed Copy to Clipboard
SHA256 dcc50dd45964299d7dc6fe3cacaee055802bbf27fca4be1b2ee53e3533eef1e5 Copy to Clipboard
SSDeep 96:R6+yIgSZlhg+YZHzzpXsmcNMFg3y17cTqwcScH6lmMZFSSNfHFdr:R6ol+Fzir8OyVFwbjbZYSNfldr Copy to Clipboard
C:\MSOCache\All Users\{90140000-0016-0409-1000-0000000FF1CE}-C\ExcelLR.cab.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 10.00 MB
MD5 2fb10a322517f7cbfb3a6cfe3f7ec571 Copy to Clipboard
SHA1 f50dbea0bf05e4a4f73abb265fef52fa43db4e07 Copy to Clipboard
SHA256 5ef870f132dab830dd5380a5f66f2db9ead790ee6610fc191c638c2aecd616a4 Copy to Clipboard
SSDeep 196608:6a8A7fKP0ReD0wXKLUEfRrDXP2ifogB2jHcSBLWiyvyWJRMLhdPWfi:6aRDKP0q0wM9JrL2ifJcjhW/6vL3Ai Copy to Clipboard
C:\MSOCache\All Users\{90140000-0016-0409-1000-0000000FF1CE}-C\ExcelMUI.msi.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 3.14 MB
MD5 a2eb48274499a833149b152fd9aa6109 Copy to Clipboard
SHA1 ed9407654f08e844ea5eb685e1aa6c5281592d88 Copy to Clipboard
SHA256 94a447e8a3f149f2b73e474eda74b50e9ab8b028df48b129673378e0dc7b9ecb Copy to Clipboard
SSDeep 49152:zDxL8QBo0Tex4S120ytJyeil1f4zfNbw/IGAp3:zR89t1msV4zftWdA5 Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Publisher.en-us\PublisherMUI.XML.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 1.66 KB
MD5 94e32a48409c1edbefa89625df231f28 Copy to Clipboard
SHA1 5679d61a36d71fb297b99a6303e3aa416e5a468c Copy to Clipboard
SHA256 1f777e4b88438e4b292e7c4109d99968b69eb2995b60039c62bfe23280fa8f0a Copy to Clipboard
SSDeep 48:xUzBIvIdkMAHpGvQ7R7HzciM+/bAecquk:mSvpMAWQNHzcI/bXd/ Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\THEMES14\CAPSULES\PREVIEW.GIF.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 2.23 KB
MD5 87532bd649be7ea20e2ff091df8e829a Copy to Clipboard
SHA1 7c460a82ccbff89dafd9a3ede4cd86b9b396e982 Copy to Clipboard
SHA256 3d37aaf907691958a45839a249d41f60dc83e996000b5b135d7f630f0a85587a Copy to Clipboard
SSDeep 48:RK9Y7PA5fT1KyfEKGOJsRlt1MQuR1CRJcNzKkDHBSLYA/P3cquy:RKugT1KJKGblt1MQuRAJSGagj//dt Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office32.en-us\Office32MUI.XML.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 1.60 KB
MD5 85753d8b5aa841421d6170de3aeb0c25 Copy to Clipboard
SHA1 cd9d0c659d6080498647a4e41b007f7740e0b46f Copy to Clipboard
SHA256 83662720631a5c200abafd35141c5f29c3f7aaedd8e7bdb0e1faa413a1106def Copy to Clipboard
SSDeep 24:EmBUgDFQ/pHwMFamHWeS/tSFeSEonwLllnjIVv+UjQgk2lXM6HpO+VUR6:xBepHw6am2eIScSEoWr0Vv+5g1tcqu6 Copy to Clipboard
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proofing.xml.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 1.03 KB
MD5 e917caa77e729aa47703bd67caa22000 Copy to Clipboard
SHA1 64006bf57d5999ca8501f608186d8503d94fb9fb Copy to Clipboard
SHA256 4b1cd5e9fff5c4d0d0a5b94256855822910f3bbe52bbd31e0d9665c282e8ad55 Copy to Clipboard
SSDeep 24:h+cgwZ1d+T1ltWrpAJQ4LmpVNzbdqNyaLpO+VUR0l:h+cZ1Mripzsvcquc Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\SETUP.CHM.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 65.85 KB
MD5 239d011cd94d2b5375a43b2647f6c30c Copy to Clipboard
SHA1 5bc2a9e884d9cd92ab8a30964f3360ae5056e61b Copy to Clipboard
SHA256 11c290afc255fd1f502e7e5a30cc03ef27e00aa8e5ecd8a3b25d80e9857be7f3 Copy to Clipboard
SSDeep 1536:qHOSeHxIIavxk+B4Dp8GQivJLm8+L3ie/hMh44KHxt:qHOmIIxv4Dp3QivcxL3gAHD Copy to Clipboard
C:\MSOCache\All Users\{90140000-0115-0409-1000-0000000FF1CE}-C\branding.xml.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 582.61 KB
MD5 27c280ae20a88d6b023dcee08ab4a701 Copy to Clipboard
SHA1 4a272567fbb71a1ff79023bc5920846f4b8ecb3c Copy to Clipboard
SHA256 43ab1900850c94804ab361da3db5b9958a449d725dd6fdefa4fcb1f6ede46d67 Copy to Clipboard
SSDeep 12288:tT6rSb8GB6Pz2jxN34ryqu9UCLHHvD5lpBE3iF1Xi16vwhjJ/FmCb:tT6rkH334mqqUCDr5pPG64xVFmCb Copy to Clipboard
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proof.es\Proof.xml.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 1.66 KB
MD5 b7da4d25699d20eac31adfa694507d5a Copy to Clipboard
SHA1 2da3a9c1a33affb7c7c24eab8542f8efb178e8e8 Copy to Clipboard
SHA256 66262af057ebfdbedb4bc136d62a08798dd461f020d0c96bd4b3a76f92fe47ab Copy to Clipboard
SSDeep 48:U5Z3hIdWdbm2NQKkquiVL8Cy5FCftBkRwqcque:U5DIdWdb/tkqJL8DSILdZ Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\VISIOR\SETUP.XML.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 20.33 KB
MD5 187f1fd1753eb3384298881bc40e06d9 Copy to Clipboard
SHA1 b310cd205283918e4b81653a5248a31bf2366f37 Copy to Clipboard
SHA256 5f9d310e6fee8971b780860dbbd7d6323a624ca52f2daef882915ecfd5b66732 Copy to Clipboard
SSDeep 384:GN4AIvHg9KxozeJwylOVyADocOJZ+OO7Ifcp/psnnuFB32/XM4i8dZ:GmtPgPeWyQ7D/On+OaCnAA/28X Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\THEMES14\AFTRNOON\THMBNAIL.PNG.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 24.89 KB
MD5 abd5234ad2e8b0db21f72bcf24cfc37d Copy to Clipboard
SHA1 1add5cd17d248355197bea7afdf0c0dc38184ee3 Copy to Clipboard
SHA256 f42accd832039c00a26d37b08700527e78b26ae2b70bb521da6350107d6a5757 Copy to Clipboard
SSDeep 384:oV//N3aenJLXUHxmwyy53foVlpwuGvrTIDZYZ0zqndE3ifigrDRpmn4pZWdX:Y//N31FYJJSwu63Itlwd0mr6dZ Copy to Clipboard
C:\MSOCache\All Users\{90140000-0054-0409-1000-0000000FF1CE}-C\VisioMUI.xml.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 9.51 KB
MD5 bc184749ba51e73ea113ca3cf3e64b3f Copy to Clipboard
SHA1 4c4f01e9da1b81e41e2b5ca1b9dac330563d51d3 Copy to Clipboard
SHA256 0759d338fa3256fcf54df78aabd3a28890fd700183beb42ee72f14a28116edef Copy to Clipboard
SSDeep 192:09r1SWOFyJ/WkFcDWIDFYiUabv020s8qtGy/MZrtxHajAQ75eTK8dX:UOFEFcC+Yyjws8Cj+25eT1dX Copy to Clipboard
C:\BOOTSECT.BAK.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 8.25 KB
MD5 9a5042baea9eeff042a88cbb5ef43cce Copy to Clipboard
SHA1 b9e11a02f17bee0d5b9f3344e7b8ccbf85c4ea57 Copy to Clipboard
SHA256 4c7b7ab34392ad16198364d7f21b84001ed017bce91fc66c55e3224431b643c0 Copy to Clipboard
SSDeep 192:HR5fM52vqw+uoocbeoZzUr8cO45J78m4LzgXSm6RAnzdoAvdX:xRE2vqwHo1b6Hr5eBnRAnp/vdX Copy to Clipboard
C:\MSOCache\All Users\{91140000-0057-0000-1000-0000000FF1CE}-C\Setup.xml.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 20.33 KB
MD5 35d0ba60605e1ce9275c09fbb217ac39 Copy to Clipboard
SHA1 48cdbb56ef8deb4c0846765829b721636f438b97 Copy to Clipboard
SHA256 b18d5f7e88d5a6d3b0360bef4c70e5ad02fec59e39be00d1e748e9813755ed48 Copy to Clipboard
SSDeep 384:zpOl8h1oDtKzTkeHXGbtu1ZKdru90gKTnWqCoodR5js6yXC91dZ:Aah18tETkeHQtgUntDw3DyX8X Copy to Clipboard
C:\MSOCache\All Users\{91140000-0011-0000-1000-0000000FF1CE}-C\ProPlusrWW.xml.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 16.70 KB
MD5 126f3362d073b8bbbec1f00227df450c Copy to Clipboard
SHA1 add773ba1003fca0750b251389b20b26dedccb80 Copy to Clipboard
SHA256 a31636d24fd7223ebedfc5f33b8c4741e8cb0a2f428e2184b8aa407a6ed99009 Copy to Clipboard
SSDeep 384:V836aUfe1rKptiEQwsaR2nPLcS6XNuviotuG6WhP0MnCsssdIqfitVUleIQdr:Vo63mR2iEAaKIS6Xovi+unSP9djfic6F Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Access.en-us\AccessMUI.XML.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 1.56 KB
MD5 e47b564bd86263155ae1598586659512 Copy to Clipboard
SHA1 9d873004081239659a90e1daf4fecd31d1e6e6a6 Copy to Clipboard
SHA256 a23dc97c98a5d92e3a2ffc824f223c2e778f4e1ae2177100f505ce94fdedf0cd Copy to Clipboard
SSDeep 48:lXjc1pyCzM6Oun8ee+f0vcxIuTWsJeAGu3mRcquG:lozM6Ou9flTWIeAGu2RdB Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\THEMES14\BOLDSTRI\THMBNAIL.PNG.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 31.32 KB
MD5 d46e5bdc18e03ac3cfa3b58bd182536f Copy to Clipboard
SHA1 8c07b0cb3b5c13dc804fa41033c17a815af3f93c Copy to Clipboard
SHA256 0f3317b8e6d6e7a427a14bda21c8e1b83b92794380cfc925e78ec6567b56552c Copy to Clipboard
SSDeep 768:Ad8koS8QFMvKYHcEqp151YmmvBnEEVI575nRpC1Z:AOksKScEW6OYI575nRpCf Copy to Clipboard
C:\MSOCache\All Users\{90140000-0115-0409-1000-0000000FF1CE}-C\Setup.xml.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 9.37 KB
MD5 1431c7bd379cabb6527da12087e4d8ec Copy to Clipboard
SHA1 18bf5f73d4a10b0e670924512ec0b278fab09474 Copy to Clipboard
SHA256 1ed6ea43a3802747b61afc151e7a69f4b88be2208f90efe52d1f5a3ab43a9947 Copy to Clipboard
SSDeep 192:Cu5alfbnb/lqyUyAZJnd7oe7pZiKh9xz4SefQibZHuEYkk4/dZ:Z5alfbnxTnAOe7pZLhSfQibcEYr4/dZ Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\THEMES14\COMPASS\THMBNAIL.PNG.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 20.32 KB
MD5 b16fb27a1a7d287ef011c70d1d3b8e27 Copy to Clipboard
SHA1 3c4738a5fd4c013fedc1c0356d4e6dbcf1639173 Copy to Clipboard
SHA256 b8883aafb8a0e68ba00e0b8af06b7dbfe120971ded0c34c5608dc42b6977d2b3 Copy to Clipboard
SSDeep 384:eG7gl5VnH0mzisfO8th9gBpxkiM74WwNMda1V161sprRpga5AjZhU3y9nL74iu48:18ZNzisfbgBpxkd74Wwycu16rRpL5AVi Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\THEMES14\BREEZE\THMBNAIL.PNG.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 42.50 KB
MD5 cec0cb4878867c041e1cf75c80d4072c Copy to Clipboard
SHA1 39bdb052e39506fa7d74b486c5204d207923236b Copy to Clipboard
SHA256 65db1c370f76418629950c8d1c9e4c029ca5a2c7a1bcca43b263de752bf38e24 Copy to Clipboard
SSDeep 768:YuPp8MBFn0oLC96dCHIe2bweE+vM5C7/QInE4IV9QAggN321BMvtteohvnId3vs9:tnO68TilhLQiE4M97dl21Wfwv81n Copy to Clipboard
C:\MSOCache\All Users\{90140000-0117-0409-1000-0000000FF1CE}-C\Setup.xml.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 2.80 KB
MD5 0e0ef73a33b5f2ce6fe3e0bfe0549d1b Copy to Clipboard
SHA1 a71e8a2f21eb58e3fe3cbd18ad42e0c5c8e66460 Copy to Clipboard
SHA256 7fba145519566eea9b61bdc4b9962140b2bbcafd598238c34e37ed22fd314408 Copy to Clipboard
SSDeep 48:ZTMkvoa4VVKqTV4TtFgh2cFzy9HSiefEJScy0Mb6ItEpB0EhJ708ZVe/D0V1aAhX:ukvI2mV6/nyy9/Mcy0MdCpJ/7DMMhdZ Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Visio.en-us\VisioMUI.XML.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 9.51 KB
MD5 41537d05e0f5b0f59d0349ca14a207cc Copy to Clipboard
SHA1 57f91e7b21ce81284b5e4e966210827ebcaf9fa1 Copy to Clipboard
SHA256 b0b1a8cb405be62b9a04bc640bb2596d8707bff644f8d5fbcb15dad1f01e42bf Copy to Clipboard
SSDeep 192:A0vTO6MrzQ9pdC/12168NhJBOVuPFOY0tbhuOQQVd5vdX:A0va64zCjz5IVEOY0t1rVPvdX Copy to Clipboard
C:\MSOCache\All Users\{91140000-003B-0000-1000-0000000FF1CE}-C\Office32WW.xml.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 4.42 KB
MD5 5009ea9153f3ca3b986f7984f3cb04d2 Copy to Clipboard
SHA1 e6a78a5378cc753e76da345654dc61c94aee4e6f Copy to Clipboard
SHA256 1579a8a13ff54e2bbaa7c878fe871d0ab143fc103cd7f47de3602db6c32a61cf Copy to Clipboard
SSDeep 96:upkdCliFAWUVVwVVO/sQr7rbBokqsSQlFqbQGHVMfkYWjcTcSkdr:upkgl57wvOEQr7v6k8QlgdVMMYSJSkdr Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\THEMES14\CANYON\THMBNAIL.PNG.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 32.07 KB
MD5 8c1a36aa88e261d3efb3d367b07e4867 Copy to Clipboard
SHA1 a6ad28ee00b3ecf63792f0ad60fbd9472f4bb963 Copy to Clipboard
SHA256 dc174635244201fb53fccfb18c0615072deb0f950a41242df8b157929e289942 Copy to Clipboard
SSDeep 768:WI7s5xttTXQ5yFwRLj1BSOORFDK4/qiY/pwidE8aaBgaaCCFKPlO5uYpLzZ:ns7XQqiSFDK4yiY/62BfCFUs5lpx Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\THEMES14\BREEZE\PREVIEW.GIF.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 2.90 KB
MD5 47fbe67fc520380b9687e1a537784ed7 Copy to Clipboard
SHA1 c101774345cf973ff3612e90f085a760a27299d4 Copy to Clipboard
SHA256 9283268df918db43b8f09e5cd5aad97d1154c9cdc1d31fea2c4eda2379ec3339 Copy to Clipboard
SSDeep 48:YQRQxlt60om9lHPQoP/1o0BEUIwsgoWzUmJ/rIe4QKSPkaCgcquy:Yro5oFojw9o678e4p1addt Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\BRANDING.XML.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 582.61 KB
MD5 0ae368e7e00fcded2d84189b1d7c516e Copy to Clipboard
SHA1 4bdd91ebb8a89374d75cdd4130b0d2d6aa056f80 Copy to Clipboard
SHA256 dbb0a04f622959d7ee3d4146d80e74e7a0afbb35073876be0aa40a15b1f0542b Copy to Clipboard
SSDeep 12288:ctyvUyoBTohW3rQbmEHBOP2VGkfqvpIUJJDv0fT+cV:pvUyoBUgEbpYuMkfqhDkb+cV Copy to Clipboard
C:\MSOCache\All Users\{91140000-0011-0000-1000-0000000FF1CE}-C\Office32WW.xml.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 4.42 KB
MD5 923b77fbee59b12f2cb4275aaa349e16 Copy to Clipboard
SHA1 080fbf743f5c824a789fc0a8d383a51713ae294b Copy to Clipboard
SHA256 32573b1a034cf541fd8de9eaecf962d8977f7eea772216cace8bebb0b2e89407 Copy to Clipboard
SSDeep 96:2SGi0eq/QTs53qIsw69LinAGLixTJ6cfMLsqtbdr:+i0bGIsw6LitivffKsqtdr Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Visio.en-us\SETUP.XML.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 6.33 KB
MD5 f8f5b611e55830b180458d3c8ac43ad4 Copy to Clipboard
SHA1 4355506be7c1f6ffbbb97cc9aea875379004f283 Copy to Clipboard
SHA256 97e2890a611bec64c71b2fe8bc763f7ce91d2a1ca937a93027a122e303c98654 Copy to Clipboard
SSDeep 192:Vk5JKWuMOE8hLVtaaIwBV8wYZZDZgwuRUmdZ:VuxDiV8wY7ZERfdZ Copy to Clipboard
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proof.fr\Proof.cab.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 10.00 MB
MD5 3d0e1f18676626331ffefafe53b18248 Copy to Clipboard
SHA1 80d370bf723a4b00b769c1a7266d63de82280ab0 Copy to Clipboard
SHA256 9ceac29cec7a9772266c3c6ed68bc7f25dcb38c12c388fe9f21e58890e9cf26f Copy to Clipboard
SSDeep 196608:PFNUxdiOm1j3/abCsYwFOSQo2pWDOQs4hW6s63HS:qPmN3/abtYIQoROQ93RS Copy to Clipboard
C:\MSOCache\All Users\{90140000-0019-0409-1000-0000000FF1CE}-C\Setup.xml.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 1.80 KB
MD5 e009947c1224d51ac1934449af1fb9de Copy to Clipboard
SHA1 915082fd1c41c4497a7ad2be16fad9aac7ca5fcb Copy to Clipboard
SHA256 e215ab9835cc516708f726c6d71160f852ad127f1cafd9863d1ec3e6453a430f Copy to Clipboard
SSDeep 48:rr16RVkG9TlPbbKIdDPwq2G3PIXBJxvaz2cque:rr868TJaaDPwq9P3z2dZ Copy to Clipboard
C:\MSOCache\All Users\{90140000-001B-0409-1000-0000000FF1CE}-C\Setup.xml.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 2.60 KB
MD5 ce17c431da69beb8d629e607ebcb86ea Copy to Clipboard
SHA1 359974bdc861c3ba7e1ab987a1c6425d60d72755 Copy to Clipboard
SHA256 893ecaadfa063b1d4b4e343fbbd1f56a2ec8baf5ca50b3e099388dd474dc49b0 Copy to Clipboard
SSDeep 48:ER0Qf+syClgb8S7b9gkXuiJQtTSuA0XHRlKDhzS1K2WmVLKRk8/94OemLcque:ERYsyCl+z7byeuBFxXHX0o1gegkROemL Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Outlook.en-us\SETUP.XML.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 4.33 KB
MD5 48d6366954703db3195082d7a5361685 Copy to Clipboard
SHA1 a4279f4ce6b82e461fae6a0d137a3e952118e194 Copy to Clipboard
SHA256 f7160cab97ebca29c997dea385340c18e1bf491af84621919869a6422474a9d7 Copy to Clipboard
SSDeep 96:yjeDoLYq/lqw9LAhmbFv1VL6VvnWHKXC9WEWp2fhZpI6hrggvjSBV4RdZ:yEoLYWlqw9LAhmbFvbOvn64SWEWpo3LZ Copy to Clipboard
C:\MSOCache\All Users\{90140000-0115-0409-1000-0000000FF1CE}-C\pss10r.chm.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 26.79 KB
MD5 e4ebe66cebea0e0409deb8232a766139 Copy to Clipboard
SHA1 97242223b91b9e7318c61534e489a7fba314b1fa Copy to Clipboard
SHA256 e1ac70a7e48a7338a8321c3e30e14209862b73c2d937ec168773a0d3e9b2b0eb Copy to Clipboard
SSDeep 768:nXOlMaOAOgIIOc3fvoKCgjTl29mGBRytpPX0t:+ulw3fpAMZtNE Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\MS.EPS.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 14.94 KB
MD5 d431e85a68670f5a15fbd33f2f847f1a Copy to Clipboard
SHA1 4934a89540f1d09c23fb86bb697005616373bedf Copy to Clipboard
SHA256 69f232c277a6b90a23b1d1c9bc78f922de313e1692d3760200f6c577d8325c6a Copy to Clipboard
SSDeep 384:ZnX6GGZGsEOcObt/Zrib9H52t7684n/5Tetw/eVD/9vOQUdb:pw0kZUHI1gey2B/QQU1 Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\THEMES14\AFTRNOON\PREVIEW.GIF.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 1.78 KB
MD5 fa09cc57dc773cc1d28301104019dc75 Copy to Clipboard
SHA1 5dd9e294bbe8e4fb4edcee3ea22ef78bd7bb8c3c Copy to Clipboard
SHA256 c37cdbb85817bfcc6786bff42bbb36c716ff06d75a70e017c180b51b8a054184 Copy to Clipboard
SSDeep 48:Ro90Xc05LRoZoES1Atd+bB9JUFcM2NREQkiZheBbm4CKPcquy:QURns01DUFeNRJvhB7KPdt Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Proof.es\Proof.XML.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 1.66 KB
MD5 f1f2f2442d25ed431ad4a55b30fd6744 Copy to Clipboard
SHA1 4354819ea5344e88b23cf7f0566d4d11290ae96a Copy to Clipboard
SHA256 e768904192cc05fb5d35520fc9e2979d9b66077e34f92ff59daa8fca733b6cc7 Copy to Clipboard
SSDeep 48:PXuyDhjE007iLeJMu2u5HSbUeoWDVj0u6cque:l+00UU5HCULyv6dZ Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\PowerPoint.en-us\PowerPointMUI.XML.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 1.66 KB
MD5 2fd91c43630e0fef2a653b23131f1db2 Copy to Clipboard
SHA1 50e5332212ae1ae15dc524364bfde41c417550e7 Copy to Clipboard
SHA256 9808ebfa0709b4327b977ba2e2aab12897c047ec047d70bcf7f267ccaefcc53a Copy to Clipboard
SSDeep 48:fLvg/33Tq0c8ft0iIdqfp8QPtSFmkTpddJyB4ZRJJrkQk2tycquO:fLg/33+0b2iqqfbFSkkTpM8b3kPdp Copy to Clipboard
C:\MSOCache\All Users\{90140000-001B-0409-1000-0000000FF1CE}-C\WordLR.cab.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 10.00 MB
MD5 4fb6c079967f604d4b8cdf477caf6de0 Copy to Clipboard
SHA1 a8777ca0e49e5d98d01a6b007c7b62b5dffb5b63 Copy to Clipboard
SHA256 9fac05c1ffc4b8060b0a5b942d35cc90c0bff012af1a00a6712c6d03018b083f Copy to Clipboard
SSDeep 196608:MaurJM4k8IMj3kMxfGbWaxJMKMA4JxuiNQG3A2r7rfiSFhysD8uxDxKj:EOn8IQkM2BFEx96G3AUf7FnzKj Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\OCT.CHM.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 69.80 KB
MD5 9faa87231770b373bf6273cfc4612bb3 Copy to Clipboard
SHA1 5390b232787aa39535a75fc279992716ae93bf99 Copy to Clipboard
SHA256 a39e9b9f3c63f5f26f589697b83b32b183d0cfd978c623cba4a9db1562f2f554 Copy to Clipboard
SSDeep 1536:zO9j6nUX4F59FyVl/nyi9FUYW3yezVDe5dTkrN:zONIFyzqkUHieJDup6 Copy to Clipboard
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proofing.msi.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 848.75 KB
MD5 b8ea64d79c3ae41422173b97fe38db3f Copy to Clipboard
SHA1 7eb71e708cef87a52c6f4206583575f96d4acff5 Copy to Clipboard
SHA256 6717c12a795029ea0413f905404b2ae9bef78c3602e2bc8462b952c021a53d07 Copy to Clipboard
SSDeep 24576:JKynfy+y84iCTgX2kq+dCJZ82mJnrOImDptoO:Jffy8CTTgdUmIImDpl Copy to Clipboard
C:\MSOCache\All Users\{90140000-001A-0409-1000-0000000FF1CE}-C\Setup.xml.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 4.33 KB
MD5 842f4c3ffaf4391d0890b48bd0acb9fb Copy to Clipboard
SHA1 a505ba8da2b8a4ad8bf18f081bdec649350ce47a Copy to Clipboard
SHA256 1426c8ef623f90718cbcfa2ed86b313f85d8ac2357413e1c9479d340fa95d6d2 Copy to Clipboard
SSDeep 96:qOCX0WclYbGlePs2IRkGFqnUzcruYcmXH1Psfrz15y/iKm/ZOGhdZ:ReORkGF3zONtlPe/58GhdZ Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Excel.en-us\ExcelMUI.XML.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 1.76 KB
MD5 0b647497944446d70e4ae40a2bdc818c Copy to Clipboard
SHA1 7074631d53da8766d7e0e2cddcdac4ffa781da1c Copy to Clipboard
SHA256 f0ceedba9b780094265d867d97e510c7ca65d25a4c7c7fa1de9318b818aba32b Copy to Clipboard
SSDeep 24:lkZcyoJMhkRsOC9iUPvDBtfzRZ5OTSpVeqSytLbruv7I+PFWkfpy45zGdCAXxpOk:ll+CRvUPv9tvITSpH5eDFWkXFGDhcquc Copy to Clipboard
C:\MSOCache\All Users\{90140000-00B4-0409-1000-0000000FF1CE}-C\ProjectMUI.xml.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 1.66 KB
MD5 92b151c898476da232dc45a4d49ecac1 Copy to Clipboard
SHA1 87ac119e67359a1d78cad856d9cdbbe9f15ae12e Copy to Clipboard
SHA256 86d89a4b2e0017670d4a91d9c1752ce19c6ee35c19dd57bbc643adb83551e689 Copy to Clipboard
SSDeep 24:EQs+5xUZgLROl4d8bIMBPjz9HSQrk/egMHcFYVRDh/PTvqVeCspO+VURwn:Xs+3PLBd8bjz9HJzHcFYzhjqe5cquw Copy to Clipboard
C:\MSOCache\All Users\{90140000-00B4-0409-1000-0000000FF1CE}-C\Setup.xml.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 2.07 KB
MD5 ce4bc0d29af8f73412bd050ffb8411b6 Copy to Clipboard
SHA1 317e6b4461b223088c620363ee0544e7e56cc5ad Copy to Clipboard
SHA256 8eaae8cfcf8c876b648467fc7fedb824f6ba485c661db542a4d3a84b11ac6c26 Copy to Clipboard
SSDeep 48:QinkmSiAKJp5Ig8sPYbCtMIsdgXBvQ9Tjj94sOfKAlMbE1qeDQeWT5cque:M0AUp5Ig8sg6MIsdcB+Tt4sOfKjbE1qT Copy to Clipboard
C:\MSOCache\All Users\{90140000-0019-0409-1000-0000000FF1CE}-C\PubLR.cab.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 10.00 MB
MD5 b061b7f342b46b54d2714e3a00e91251 Copy to Clipboard
SHA1 facc357fc5d0ddd18171b7df3e17ef08267e40e7 Copy to Clipboard
SHA256 c5880de46b487b5725f5fea148b1f20578f8be1e1f63d9abdcb0dca31d1e3ada Copy to Clipboard
SSDeep 196608:aPUvTYpH9RBl/tus7o4L7tZiTnp/jE4U/bxlLRx+BdZK:MUvTiNhU4L7tZiTnprP0txRsBPK Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLENDS\THMBNAIL.PNG.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 20.39 KB
MD5 827ff81c7498b79fab9f435a32b30c8f Copy to Clipboard
SHA1 1790f053019eeb87388ebff907a5f34b3e842b93 Copy to Clipboard
SHA256 787ebd6bf41b64830ff09313d74bcc281b3fda14a9383a51a06d10dd49e852cf Copy to Clipboard
SSDeep 384:hv9eYU8RLwASAqc4SZWNWR6WkA0o3PC2MTJ0zLnMfN+xb880Tf4L7dX:xvtwASAqcYPFAv3iTJ8nuagHuZ Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\InfoPath.en-us\SETUP.XML.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 2.04 KB
MD5 08e482e5f21061d1d91b050ff21853e4 Copy to Clipboard
SHA1 6471e47ea1a02c9f60b41d75fb6211a30ff41204 Copy to Clipboard
SHA256 7ad80276d202e3402778231625dea08c13ae6c352b8c27c11a375f8b49adc5ee Copy to Clipboard
SSDeep 48:j1ipLCfGk03F4APZCl5Cx9lzLTLRXF+ozldmGkAxdJcque:jCL5k014APZw5Cx9JL3R3ld0AJdZ Copy to Clipboard
C:\MSOCache\All Users\{90140000-0018-0409-1000-0000000FF1CE}-C\PptLR.cab.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 10.00 MB
MD5 6b078cbccbab0d5edeaa1d85f11ba58a Copy to Clipboard
SHA1 66820f091ea72f244d2d2019748cbda0b7b9702d Copy to Clipboard
SHA256 7597007b7fd82fa6fc079ad255cc80561c20be4bc515df7968b4b0e377292774 Copy to Clipboard
SSDeep 196608:H4KKCX5FvaeoDcBdxmOJR7nxOKOmE7dzaNQwr:H4KKCX5FvaVczxmUJnYSE7dzAT Copy to Clipboard
C:\MSOCache\All Users\{91140000-0057-0000-1000-0000000FF1CE}-C\VisiorWW.xml.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 8.76 KB
MD5 3d0e9755d407b4cdf9b434190d7532c1 Copy to Clipboard
SHA1 0772d33ee3e44ff9e305c31c4a1921575cae3d0c Copy to Clipboard
SHA256 780ce59eb4b0bf7c3c670abb96839ded24c77e5e1a8d38db994d2a1fff244a44 Copy to Clipboard
SSDeep 192:lGI/8jOHE983sGIXcsxpg898aK8zAwDB22rPdX:MlevIsfy33JrPdX Copy to Clipboard
C:\MSOCache\All Users\{90140000-00BA-0409-1000-0000000FF1CE}-C\GrooveMUI.xml.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 1.14 KB
MD5 ae2e44521ec1d41632f274cdf9197a56 Copy to Clipboard
SHA1 bb1b635dd6fbdf3677badf694a4099f2a0af06b6 Copy to Clipboard
SHA256 8f57fa23973cd8b6f27ac09bb70d643572ffabc6625fdecffd4663c1e5ed0923 Copy to Clipboard
SSDeep 24:nzw8l51Xbx0PuiGNCc2OSFDU+amv0idGXeUGAoceC0L3pO+VURG:nkoLWWiYWFQ+amv5dxcerjcquG Copy to Clipboard
C:\MSOCache\All Users\{90140000-001B-0409-1000-0000000FF1CE}-C\WordMUI.msi.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 3.16 MB
MD5 ad7e19a89dd09b06a3809e4357c32ec4 Copy to Clipboard
SHA1 03f0a5074b060593b5ff4b5b7be9ed3fb1c11ad4 Copy to Clipboard
SHA256 05ab5076fca24e4f079b937012ecbf49347cb3c1977b5c63c17645ca9bd064b1 Copy to Clipboard
SSDeep 49152:zDxL8QBoSTex4S120ytJylPOekwwFeKmVAfFq:zR89r1BOe39VAfFq Copy to Clipboard
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proof.fr\Proof.xml.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 1.66 KB
MD5 61eb209eb1ca9d896a5792528901ef64 Copy to Clipboard
SHA1 677dbfad8467408384f0d2aee7c8d74adb9d45b1 Copy to Clipboard
SHA256 11ccb0a9f64fd76a8f165f5350111ace923fc3ed22d748a175ac2995beb4e85b Copy to Clipboard
SSDeep 48:FfUayaMr2X3sG05IYaICm+m/kcmsFdnmMwTsHGRcque:FfUaur2X3sLnaIC3QasaKGRdZ Copy to Clipboard
C:\MSOCache\All Users\{90140000-0115-0409-1000-0000000FF1CE}-C\OfficeMUISet.xml.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 1.05 KB
MD5 4b768f90274621e1be50df3a2ca83669 Copy to Clipboard
SHA1 672ee5444ac2515a462fb214ffb45283a5cfaa2a Copy to Clipboard
SHA256 23ff5b317007317062e7c1e52d16cace6dc922b890585c7b5dd650aa247787b2 Copy to Clipboard
SSDeep 24:rcGZ90FAXl9O/N5KFZHgjjV/W3mqwpmMQVKQS2s4YHpO+VURk:4GZ9MAQ/N5Ked/W2qKE3S2uHcquk Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLUECALM\PREVIEW.GIF.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 1.76 KB
MD5 a9552f1e10d78b772f74d4695fb34b0c Copy to Clipboard
SHA1 2b11dd1798df147cde67e68df30fba3831683d49 Copy to Clipboard
SHA256 fec2c16b92761037200911b6a55a5ca6ccd7938b9a2ce72426d5de4c7015c7fa Copy to Clipboard
SSDeep 48:1fl6vzlaTOBkU/5zEVZ1ws69A8HsUImcquy:L0BNwJ6K8Hrdt Copy to Clipboard
C:\MSOCache\All Users\{90140000-0044-0409-1000-0000000FF1CE}-C\Setup.xml.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 2.04 KB
MD5 78e2c24df393ad5da5d4d8ab332590b7 Copy to Clipboard
SHA1 e64cde1430d7d1eb5c39f3e1ac8a6c533770801c Copy to Clipboard
SHA256 de66486e2c11d0c18e39156bb89b7c82b25f58135f8625b145470ffabd3ad4ac Copy to Clipboard
SSDeep 48:0naq7kxZEiY3XxuzAa6ZarFN06YZW0xIcoy9VGVF1o4InMI0m+cque:6aqonErEnFN0hMyOVFK4EMI5+dZ Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Project.en-us\SETUP.XML.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 2.07 KB
MD5 34f410c3b3f68aa5088586bc624e6c00 Copy to Clipboard
SHA1 02f0aae311721734dc2d74394089a1f88179123a Copy to Clipboard
SHA256 9bc22b75d5ef7de0d3d3e1edc451c872062732277d9325cd1199ef2915f70ff3 Copy to Clipboard
SSDeep 48:8TWZ5A0XcjoD+G4SXph4yFa/9X4+iv9Cecque:YEjRSGfX0jJ4xCedZ Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Access.en-us\AccessMUISet.XML.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 1.05 KB
MD5 d62e46cac6447441beeca198cecf8b5f Copy to Clipboard
SHA1 71569d99f54fcffa4973a812404e8340a769e0ef Copy to Clipboard
SHA256 bd330866dd2157c8110b3ce9ceb520ffecb6579584292bf48c1818eeeb99495f Copy to Clipboard
SSDeep 24:Zz2WwAX3MIWt7TN+qLDg6R4EzAJnWS2MIpO+VURk:Zz2dIWtoqLDLwf2zcquk Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\OneNote.en-us\SETUP.XML.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 2.18 KB
MD5 eb09c38e63ed1c0f6b5933c556ed3a71 Copy to Clipboard
SHA1 249df73bfc9d150173b65f3a89ac1288819dcd3b Copy to Clipboard
SHA256 7af659d8b6967f43508182bfaedec13cf8acc008b43962aaf90eda6885a66acc Copy to Clipboard
SSDeep 48:8xEkVD96ykyOUyQnO3c6IhAcCc9e+Lck7CCudvUKdzyccque:Wh5LOh/rig2Edv5ycdZ Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\README.HTM.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 2.13 KB
MD5 6dfe81d0a1bd4125b80dea520c5bb06b Copy to Clipboard
SHA1 68fd871466b20f51daf6b7093188afa9299d3078 Copy to Clipboard
SHA256 2f0c975655f190cee05d176aff150b586a00c1fe9ae179f66e829ad210b10126 Copy to Clipboard
SSDeep 48:F/8dv727i4OH/erQz3X0LoI3F/K+bxsqakp6cquI:F/Mvqi4OH0Qz0kYKs/akYdD Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\PSS10O.CHM.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 26.54 KB
MD5 ffb15959e8b91a778d532d28647f3259 Copy to Clipboard
SHA1 45117a244d158e074e09f98988115b0644559c6c Copy to Clipboard
SHA256 d8f9b2a1fae676e94a2eb9d7f5fdf1e6cdc508888625e35ca6ff1ca4c51aedcc Copy to Clipboard
SSDeep 768:mfRMO+S87tDYk3XrDoI5/F1PqDXlnmqHxnXt:mZX+SKRPrP5t1PqDXQqHx9 Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Project.en-us\ProjectMUI.XML.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 1.66 KB
MD5 5ccd8638b77ad6d48aecfd3980ef5c6d Copy to Clipboard
SHA1 00f042687d354ec672306a166d5d7f24d9650a7d Copy to Clipboard
SHA256 f6cc81b275ed42a2142d3dceae0824cf12452325102a3dd17c91845a5ca1b525 Copy to Clipboard
SSDeep 48:25Q7aZ2yL0ffg2xbVEIA/TYtuOtuVA3A5SAcquw:2C77m0fg2RpsTY0Oq3dr Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Groove.en-us\SETUP.XML.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 1.65 KB
MD5 d32f3b1b1e482f073413f5a3803ae109 Copy to Clipboard
SHA1 f3d1f6e37984dfdb90c242dfed8eac2f1ad7c981 Copy to Clipboard
SHA256 b149a95be490bd80233ce9dc05d2789a345817f026960b259187e36d208e8aba Copy to Clipboard
SSDeep 48:FG9qSPHzJgL3t8sgfNvhPlpzdlU1G3A6c+Rcque:o9qUHaL2sqhPnTU1z5EdZ Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\PROPLUSR\SETUP.XML.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 30.60 KB
MD5 4a29bb48de07290f6cab155eb4b1e5f9 Copy to Clipboard
SHA1 2989d1b4b268bce556b12cc4519a14e90bcfd4c3 Copy to Clipboard
SHA256 55cb59c46c88629ba2f114785ef7c69b2e1ef05fbf9fa17a02b3d4c22aa31752 Copy to Clipboard
SSDeep 768:CgNk43KKAU5lMhYcazS4d6V9fbWICCWMX:BVfAUfM9aPIV9DW5Cz Copy to Clipboard
C:\MSOCache\All Users\{90140000-00BA-0409-1000-0000000FF1CE}-C\Setup.xml.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 1.65 KB
MD5 e607a2d10d754dbb541f153898d98211 Copy to Clipboard
SHA1 412a9575446fd701c4df0d690d6eca432ef1a68f Copy to Clipboard
SHA256 918095c44b16af046903a0acbed4677ffab174acefcc07cdd2976118ef883f54 Copy to Clipboard
SSDeep 48:/cPE0K8ixhS+IFlQfp2h/0EyKhHpvUbEjecque:EP0IFCy/hyKhHpcbEjedZ Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\Smart Tag\LISTS\1033\STOCKS.XML.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 2.85 KB
MD5 538614f550b980c284c6669bf3858aba Copy to Clipboard
SHA1 23ab97799f2b36336290968f3f04a2504cf927b5 Copy to Clipboard
SHA256 a274240aeca93ae8ff2566383d0168ec06556c9c9645195bbb580579ebe19029 Copy to Clipboard
SSDeep 48:tYJJrTvC7CTRgZQ8NV+IUudAhwMjhH+AVfLC4ZfsJ3Vk8Jb20/saEqwcquI:AnvTTSbNuudA2MTVZqO89j/qqwdD Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\Smart Tag\LISTS\1033\TIME.XML.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 8.60 KB
MD5 aa318c381fa72266e85ef282b3826bd2 Copy to Clipboard
SHA1 6c6d3c447d507bf4042eccb9571e3851e6fec770 Copy to Clipboard
SHA256 fc5e5d5b2b59556c9ce07ea76eb7edbcf4f20e7bb365e123cb82361480cc6ef6 Copy to Clipboard
SSDeep 192:AjKVfQCsEjAQklmG55BZ9mfHCmr1yMUantloXYfKi6sVudv:AjKV4C5Km0vmJLnuvi6sYdv Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\Smart Tag\LISTS\BASMLA.XSL.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 222.21 KB
MD5 b8831c518f8c20254fd788959cb8fc1e Copy to Clipboard
SHA1 ab12818fb1bdb5e56136cd1931283f58dcb7f821 Copy to Clipboard
SHA256 beba736d047fa83c5be6835f4a75f8cc0a575f78eb5bc269a86781117e21a149 Copy to Clipboard
SSDeep 6144:wcPiXL/5zUdvdJOrsEw9qOwSS9r1QDNt+65oeLF3ZTRwE:wDL/5UJdJzBq7SkiDLaqzVwE Copy to Clipboard
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proof.es\Proof.cab.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 10.00 MB
MD5 42ac6eff5aa1dad153cb32ec3d616e43 Copy to Clipboard
SHA1 8d8693b1d4aa27f2f48345e6f2e760c5f205d163 Copy to Clipboard
SHA256 b8984acb419b90aab0f7fd9addaa90b10847e75aeaabfde74fc133085adf3455 Copy to Clipboard
SSDeep 196608:Yu6eDsIwHBL4B9lCzT2bOgcDuihGYrLpVUBJ/7HAFGtNy6aMhnRTU+:WqsIwHNB26gVE7e/7JNMM5RTU+ Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\THEMES14\CONCRETE\PREVIEW.GIF.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 1.49 KB
MD5 394652636720bdb84361d57020596c91 Copy to Clipboard
SHA1 18c2a4342268444fc57465472c3593a40bc7a8d3 Copy to Clipboard
SHA256 9d8576b53aeeb31bedbd7c037772da1fe8b7d4919478a281c090a58f77141ef6 Copy to Clipboard
SSDeep 24:GjQpLxIxWvFjoslSAVdGB63uFIHHAmTpcEc+6bs8qwd2nka9Mkf+pO+VURy:PtkPAVddqsHAmTpcEc+6AVwcnXWcquy Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\THEMES14\ARCTIC\THMBNAIL.PNG.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 19.56 KB
MD5 524db953ef17048e9408e98a959687dd Copy to Clipboard
SHA1 a12c5dfec86176525662523a6bbf3e5787757ba0 Copy to Clipboard
SHA256 fe5e452c60d71c518a247c2d82bb7b50d508bde09b8826c8b37b2a42a58e3cfd Copy to Clipboard
SSDeep 384:mRBa6DK5e8bfwyP782MJRSAF5j+ZBlpdd6keABywow2Kdi2rNRk0dX:mRBax5e0oL4U6pD/eYE2hRk0Z Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\PRJPROR\PrjProrWW.XML.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 6.51 KB
MD5 850ddc2b40828d963687b5fde20d766b Copy to Clipboard
SHA1 a0ba4855e6b91a0c7514d13b7f2c7dc50dbe70eb Copy to Clipboard
SHA256 34a5708954179841dd679f72b48ecb24dfeaf7ee2e545d73614f45203e01319e Copy to Clipboard
SSDeep 96:sJZthqYpT09mgMY6GDaBfdPUFrXemgD+71hSfJ7ZSPZpcVtqjro0Fue5bxg36c9I:chHumgcYU+pYxABqtqjro8ueM6frdB Copy to Clipboard
C:\MSOCache\All Users\{90140000-0054-0409-1000-0000000FF1CE}-C\Setup.xml.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 6.33 KB
MD5 3fc7d0b68452a4b37782f3b6ab9557cd Copy to Clipboard
SHA1 bf89bf16181b18e1107f7d9c867d40a39e6c532e Copy to Clipboard
SHA256 88ef946defbb25cef440973f7c2e8803f350fb06ecad549486b2b50c3a4bfd4c Copy to Clipboard
SSDeep 96:CKa3F36fEOWMOS+/OCTVzqkwMMNuLoT0Io/odtgdziEsBL4vIwi0dDOxnSFszZGM:YQxCTVmItEAl/oPMzVvRdD0ETgrXRdZ Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\PowerPoint.en-us\SETUP.XML.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 2.07 KB
MD5 4f8590e2e1c4064f2fefe9a7ba32c163 Copy to Clipboard
SHA1 6af5506eb96c3f88c71a837236b2214d16390dfb Copy to Clipboard
SHA256 943cf13e488e6c162fb1778cced1eeae790be0f60a7607611ab87981f0addb83 Copy to Clipboard
SSDeep 48:xTBM6lbPlMgDjgZY4aRMAjvxr5FHTUaXIPcque:xS6lbOJZSaA9rjUaXIPdZ Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Groove.en-us\GrooveMUI.XML.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 1.14 KB
MD5 828c9571f0389f5b9426476e1d1aeaa3 Copy to Clipboard
SHA1 f35a0ecd18568c69680720580514d16153d956df Copy to Clipboard
SHA256 43b23bcb8dc028158d59a1b4b197eb108cc311fb3b7c7797adf2d96e5b953e35 Copy to Clipboard
SSDeep 24:wz3c5hi5Nh24xXCh4ljDz3erARIoCNIq344t57bQof0yFhXppO+VURG:wbcm5Nhjx5ljurAOxo4LbQ2hZcquG Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\OneNote.en-us\OneNoteMUI.XML.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 1.81 KB
MD5 402a3fca6731e2017fc0f3a1600a38aa Copy to Clipboard
SHA1 da8cdc7d66e483b762e0a21ea1b0008bec32241f Copy to Clipboard
SHA256 c9f446e723b4767c5abca00bed9b2e1bab45f2fa7cdaeabd0d5ef3efbff48113 Copy to Clipboard
SSDeep 48:JWVVQmwJxJK9zVxiRdljK2EMR7v6i4zcquw:8VnpgZj73Ru9zdr Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\OfficeMUI.XML.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 5.67 KB
MD5 6f4ad769646ae10ffe8f3c4dc204a94f Copy to Clipboard
SHA1 b4776d380ef3e3a5df58a9e3ef5bc98e71745338 Copy to Clipboard
SHA256 2ca1a305353cd8d48dd4f0e8d066547f3e52c8af19f5869128cced941756fe92 Copy to Clipboard
SSDeep 96:oLO1IGDA9Omb3uJqZg0+D0AKMNHly5mmZAUqyGBZD3/eVlV1Fbvmf/hz25htydB:7RD0Omb3uJqZ3+c5rGBx3g1JO0MdB Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office32.en-us\SETUP.XML.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 2.54 KB
MD5 7cbdb5f3c040a177ac97ebc2ad2a5028 Copy to Clipboard
SHA1 b18c22df3714c225ee57b17905b2dc8d2355dd99 Copy to Clipboard
SHA256 efb4ee9e9e1ea1080b7dfb2051a7c5f52b5f31f94a6b312c4cb1c408f39907f1 Copy to Clipboard
SSDeep 48:fnKQrUK8JDxvhgi9Zy9KBTeKMQy5/S7vKZqt3SdIpQxRSjb2CclXfZ5cque:fntUKkDxvhMYBTeKMQbKZqti0qXlXfZV Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\InfoPath.en-us\InfoPathMUI.XML.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 1.44 KB
MD5 c6562faea915b0ca18fa5ccb1df8dc30 Copy to Clipboard
SHA1 fa3f46c87e3229249ba82940ece0ec82925cbf2b Copy to Clipboard
SHA256 1bea1acd02c6c1c0d7ab6fe93b1b364a686e99b46213ceff51540dd9f6881e24 Copy to Clipboard
SSDeep 24:VUaQhUmfs49G82OEHCgKkplewPUyAcAUYFh7mhX4UpO+VUR6:VUaQhUmfV2OEiLocDcAUAeIUcqu6 Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\PRJPROR\SETUP.XML.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 16.52 KB
MD5 c52bbcc8d099c0069a0f1b9bec87b5e4 Copy to Clipboard
SHA1 e68d7ffbe50787a6ad893e2a36683bd43a4d71ab Copy to Clipboard
SHA256 edf84735c42d4b852eec35202d3735d403c5e990e4fd856a362e21f0a5af936f Copy to Clipboard
SSDeep 384:8sb644zolo9VUcw6cx5HAtyvTsF90JVNRyWa7y++v395p8cEdZ:8sB7lo8ciHAMT+90DNFa5+vF8NX Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\THEMES14\CANYON\PREVIEW.GIF.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 1.17 KB
MD5 545e981e71ddf629d7af3cd39b767000 Copy to Clipboard
SHA1 fad60f4f02b5d3c42bafaef6bd77df86e046eb76 Copy to Clipboard
SHA256 3efbcaa669dcf1bfaec81596841f94bf91f244ccd36fa0c5aef352beecaaafa0 Copy to Clipboard
SSDeep 24:HptmOJQzbK9u80PnzffMWJPTxh+WR3nlIuSUswhmY+1unlpO+VURy:sz1TnLfMWJbx5RlIZUsxY+1ulcquy Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\THEMES14\ARCTIC\PREVIEW.GIF.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 3.15 KB
MD5 ff490be8e26833379d182bda7e447ce7 Copy to Clipboard
SHA1 15aca0361f39aebeb719db0efa657fbbbc480e49 Copy to Clipboard
SHA256 bff99c858febd2d0d2140c4f2d849855e18a54d6c0386db365a2f29f3d05dc17 Copy to Clipboard
SSDeep 96:SR8i9VQy1ub7p/H5ix/GfoFG2+JJJe2kSdt:mHR83p/HS+osldt Copy to Clipboard
C:\MSOCache\All Users\{91140000-0011-0000-1000-0000000FF1CE}-C\Setup.xml.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 30.60 KB
MD5 eee054a5d427e2ca16e3a92f2f7eca13 Copy to Clipboard
SHA1 d6adb301690d2db9732ab480904e25e0b6665fb2 Copy to Clipboard
SHA256 79a7d6475554b87363d489a85c5cc50319980ee65f56f298382b48ea50b364dc Copy to Clipboard
SSDeep 768:Ypy5d6jlnkkM1bYxjecEXnL5NhGXaBAtoTnKlaX:F6lnLEcxjextDGXaBAto+ls Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Word.en-us\WordMUI.XML.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 1.99 KB
MD5 75e365f002c25d62c1f50d0a12ca4703 Copy to Clipboard
SHA1 debeb83ff545b27209d9c989f540ae2eb04ad27d Copy to Clipboard
SHA256 11260f718eb431d66f798f87814ca3ad8206e6562e5233f31e841ca8d948f5da Copy to Clipboard
SSDeep 48:SmdeHnz35BXDYRpRrUWk1C9fqcM9UGRcquy:SmdeT35BXD6pxsIQPdt Copy to Clipboard
C:\MSOCache\All Users\{90140000-00A1-0409-1000-0000000FF1CE}-C\OneNoteMUI.xml.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 1.81 KB
MD5 d990e6d7ca6553e67ce45a782f344ed5 Copy to Clipboard
SHA1 2fa14a5c96c0bad38ce0a13de10a208653a2170e Copy to Clipboard
SHA256 57f26587844905c7f8515cfaaa5ef09ecfde2995feb763c6cf56ecbff613fce6 Copy to Clipboard
SSDeep 48:mLVIdCxWbD3xofWl0jioD6GkOtKYOmLI0hirOLSeseqcquw:mLVED3xofm0mm62OEhikSJdr Copy to Clipboard
C:\MSOCache\All Users\{90140000-001B-0409-1000-0000000FF1CE}-C\WordMUI.xml.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 1.99 KB
MD5 bc43e934850e727d61a4b0a87cd8895d Copy to Clipboard
SHA1 ed4908e15bbca98cd6f92320b2e3485681ab7b28 Copy to Clipboard
SHA256 4e4ed9db96cbc87eaa7279a0acabb374a545f0041b50c46f0649786599aa2075 Copy to Clipboard
SSDeep 48:Nn1O9NvCwtyBwN6CLQlnzR9/JrZvhj7J4shuehcquy:3kNawtCwkTB/dPp9dt Copy to Clipboard
C:\MSOCache\All Users\{90140000-0016-0409-1000-0000000FF1CE}-C\Setup.xml.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 2.47 KB
MD5 f0be608a7a07e1d5edc2e9cc22e3d574 Copy to Clipboard
SHA1 abde0c3c743732be97cd024edbf5c03422944392 Copy to Clipboard
SHA256 2ea32cca1cc16105a35ccc8f619738a1f6efc2952fc29ecb1ce52404a9d9a631 Copy to Clipboard
SSDeep 48:7xghNwzG6qopFhTh/MxVhVh0CLpT2MH+bnRHu+iDiZfOb3Br+cque:emXWxVHhVFKM8U+imZiRr+dZ Copy to Clipboard
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proof.en\Proof.xml.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 1.55 KB
MD5 6ddaef1bc60677fb18a1edc036ba4cab Copy to Clipboard
SHA1 1ff060748cb95c2c3a1f9b4e656603294953a951 Copy to Clipboard
SHA256 77a355d5ad7eebe60df195e2079e3d5883898f4be4e077d85661a96f63e58df2 Copy to Clipboard
SSDeep 48:EDTiRKVn5X15mPS6V3SbbigC7fH9Bcque:unLF6V3IQBdZ Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Proofing.en-us\SETUP.XML.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 5.97 KB
MD5 28343a78ce194e04bd28309e9850bcb7 Copy to Clipboard
SHA1 48fd39c5eec1835d25cd1913a3cd5df7761a0a15 Copy to Clipboard
SHA256 30b57afbca044c1512c3acc125f5fa3d325d22905eb80665cf9a6bf11e901cb9 Copy to Clipboard
SSDeep 96:f+kbuECwIxTt31cfDoT7jcEvS/PEVTMrK5wCxi5cjiBy5fg/cGKke4Y5gVR8B2wy:f+kCEvIxTHAo34AsPENMKwuOYgWk5Ysf Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\Smart Tag\1033\MCABOUT.HTM.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 11.43 KB
MD5 bf706aaf9a18fcf93971a7e6c2bd9f9e Copy to Clipboard
SHA1 335ccc805c2face8728904750d00884ceac11385 Copy to Clipboard
SHA256 294e5cd4cda04f5d076b399ed28e9ffca7d47d01864c57d24fbd41e52c75dc76 Copy to Clipboard
SSDeep 192:16KrcbkRUgwej4ycJamFxvI6OcPA2MeAmc+RWSjIAPprugCu8+Gy3mx6Kpdt:16KK5Ry6POcPU5mc+0S8MprFt3mx6KpD Copy to Clipboard
C:\MSOCache\All Users\{90140000-0016-0409-1000-0000000FF1CE}-C\ExcelMUI.xml.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 1.76 KB
MD5 a0bb777d2e54069770dbab7fd7ed6239 Copy to Clipboard
SHA1 f43b4b80eff36a16362f294f688215647695c787 Copy to Clipboard
SHA256 949f57f165d6176a3529b000155cc899f9f38fc9926224c7dfaeb54f44550ea7 Copy to Clipboard
SSDeep 48:oJgRNsiu5G5/miOL9E/wGswid8hNeXrg/tlg+e1cquc:oJgHu5G5uiORUwwimTecllgPdX Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Proof.en\Proof.XML.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 1.55 KB
MD5 6ca6da9bd4a3ab7762051e643a34bc56 Copy to Clipboard
SHA1 d6426b66ef3a7d687b6b6010f13fa11a9141d1b9 Copy to Clipboard
SHA256 20e6c526323095a6b7b59696ec68f735f1570a1c56399fcc4b13800111cff988 Copy to Clipboard
SSDeep 24:xLuSjtJd3w0NT3723xBcq1QBRe9/Iyigo3X/bp4m4nb1PUw907zlpO+VURe:USjTd3LpqjcOQB82Con/V4bqw0flcque Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\VISIOR\VisiorWW.XML.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 8.76 KB
MD5 f2b055af7f1286878a295052f2af8e81 Copy to Clipboard
SHA1 a4bab7c26a3e6177cbadd7bc834c862c3bb0fbd6 Copy to Clipboard
SHA256 668a7a92560afc48e2343dadb35523d46fdf5c0f676ae48d96bf286ae07d03e4 Copy to Clipboard
SSDeep 192:iPw3lb1dF7u9g1G23cindFMvmp39fu7uYkYEbEdSo2CzIrudX:2OFuiZ9N9dIuYBaEdSo2kIrudX Copy to Clipboard
C:\MSOCache\All Users\{90140000-0018-0409-1000-0000000FF1CE}-C\Setup.xml.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 2.07 KB
MD5 c875e7b25fc5267b59519177e3754274 Copy to Clipboard
SHA1 31d34cd9ac5f9daa974f2ee3bbc93a6094acebd9 Copy to Clipboard
SHA256 90cdaee1970b84c82eafe77c2910363dd87e954be28cd1dd70c89665357c3abd Copy to Clipboard
SSDeep 48:jModBucGXBpFK3VLHHVCYLC9DvV/zqRlaHcque:wagTBpi7/Cpt/uRlaHdZ Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\Smart Tag\LISTS\1033\DATES.XML.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 8.94 KB
MD5 3f2bc12b5d5140b3a761dc2d7d1ef061 Copy to Clipboard
SHA1 b7703160be70b432ad6f21aa6dfb056c7e3bf6b8 Copy to Clipboard
SHA256 67492885ae314ba5cb3fbf1be5c53185691ac5a36ea19fc1ab193a5a991a596b Copy to Clipboard
SSDeep 192:eZr1YTI+I1A2P7L4cda3pXcwkLq4ndlpeU0fDjgP93YDRGBnssh/DHfdZ:kZc2DL44yXch9dlpeUYjgP93YNGxsstf Copy to Clipboard
C:\MSOCache\All Users\{90140000-0044-0409-1000-0000000FF1CE}-C\InfLR.cab.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 10.00 MB
MD5 06e69471c0bb81eb102e539f0a04490d Copy to Clipboard
SHA1 e0e8dbed58bcba38c03ab546d7753d1f973df44f Copy to Clipboard
SHA256 b53484f0eccebe76bbdf0262097d8f747d5a05d0e569a544452eb328aada91bc Copy to Clipboard
SSDeep 196608:iaDH9F7/iHXDI2CPKBUq6qMuGm9vqExoi93nnedBwzSlmKwDhANZbPhn:DDdFDX2J5uuGyCfi9uIQmlANRh Copy to Clipboard
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proof.en\Proof.msi.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 855.24 KB
MD5 61e460ecf564ceb636ef7c375f3f3378 Copy to Clipboard
SHA1 6dced34b90421c3e90d4456a16de7bfb6b8859e8 Copy to Clipboard
SHA256 da4896fa286ae6a6cc36281b047177bfcc68a34fe5a2d4ab76e486514eb2a70e Copy to Clipboard
SSDeep 24576:FULuOzYcNWaUHLqKByK0lZo5M0woxlj5y:qSIYUWaUHLqKBFIZGjwobFy Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Publisher.en-us\SETUP.XML.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 1.80 KB
MD5 afe952b6747c3f2ecc7aa3a7033c88cd Copy to Clipboard
SHA1 bc7d0b8a8e2737d318f200e9dc9592fefb0d9c8d Copy to Clipboard
SHA256 33bc7b86d42ab7a884fd31e7154a13896e35c644ea042c3b3bc959b1babd3807 Copy to Clipboard
SSDeep 48:8NUfQX7rdMjxdz0gaPOylwvLAAmzBIwxcque:BfQXGdQzOylwvsAwBVxdZ Copy to Clipboard
C:\MSOCache\All Users\{90140000-0043-0409-1000-0000000FF1CE}-C\Office32MUI.msi.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 853.75 KB
MD5 6676f9cf66e9f01f03dc183ca9086533 Copy to Clipboard
SHA1 ad6099eb925e4f8631a89cbe45b6b25df492ea0e Copy to Clipboard
SHA256 dd59657f4297f3854de3aa7fc31701b589a4275e759df900e704ab2470d1599c Copy to Clipboard
SSDeep 24576:rVo8HXq5/RWiNoGLXGQqrhMBj8tIPEPJO:rb65VoWj8tmwO Copy to Clipboard
C:\MSOCache\All Users\{91140000-0057-0000-1000-0000000FF1CE}-C\Office32WW.xml.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 4.42 KB
MD5 967b5471edbcc8d0933a3f5bf16abeb1 Copy to Clipboard
SHA1 fc80bb1055659ec6e3b3cc632afd9f31d27d12a7 Copy to Clipboard
SHA256 5b643ab0e6816188b07e25c459d07ed2240aa177075d8b2c1fad5271c35d6dc0 Copy to Clipboard
SSDeep 96:SmmAF0y47fGsgIZdG1kC3H6x51gJ71FLG3Ip0QfV0XkkLZrGSnfj9dr:DmAT4TGWZKH3H6xUhF/PfVfLSfpdr Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\THEMES14\CAPSULES\THMBNAIL.PNG.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 29.46 KB
MD5 0fbccf38b1e190ecc682e11430d0a3ee Copy to Clipboard
SHA1 9ca1e8186a35495a1a56683f3423260f1a29672c Copy to Clipboard
SHA256 12ed9c76f16fea9b27e0ce78cd6a747358a07b64e1f7e271cfd76e687b7d81bd Copy to Clipboard
SSDeep 768:+2k4GZlvp0QUDecwQ4VyRHY5J/szdyuoCFifY4e2dSeZ:+V4Kl4ecwxoqURyuo2INSK Copy to Clipboard
C:\MSOCache\All Users\{90140000-0117-0409-1000-0000000FF1CE}-C\Access.en-us\AccessMUI.xml.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 1.56 KB
MD5 17ee56db0dd8b800f97029df9b42694a Copy to Clipboard
SHA1 3f6b820153273a59298c72cb5ecaea108d689626 Copy to Clipboard
SHA256 4f35f75ebdb7ef444ff91373b6d840a403685d050cfe244071dbd3a4ac459148 Copy to Clipboard
SSDeep 24:kbtwwqIBk1ta2PrynYwhLwW/ndDjbZd1zP2Kbvi9rV2RMUuH1F7+WSeCIpO+VURG:kzqIByenYowwdD5s9h7H1FMehcquG Copy to Clipboard
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Setup.xml.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 5.97 KB
MD5 a9588595aff6dac1155fe15eb24269b7 Copy to Clipboard
SHA1 dc70ac6ea223df491d9b557671dd7768dbd75d76 Copy to Clipboard
SHA256 2cd101439e5c657a6315a755957da75d9b5cad5778e8e5276568db0fb60c1ade Copy to Clipboard
SSDeep 96:MkoxvYID+S2FZhFlKof/ED8S7uPGnIPySycd/6w00dmxrALMjvE7DbOYPPazQ3kV:Mxvn+SshFIo3EDv7u+n2yS9cGmxrq6E0 Copy to Clipboard
C:\MSOCache\All Users\{90140000-001A-0409-1000-0000000FF1CE}-C\OutlkLR.cab.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 10.00 MB
MD5 0132354deb06c352353675fce278a129 Copy to Clipboard
SHA1 82f447263c0d4d83d398af15034413083edcbc35 Copy to Clipboard
SHA256 8e5451128ff68d309300dd54c2a3bb83f196e6fefb39f1e8d6b7c24b8a6f7307 Copy to Clipboard
SSDeep 196608:TIwm3nNVAl+ig71eZ8FclBElWHEbyLbyo9crpLlR8ioLO0ZF9CrpbQ:OL71eiFge/GHyo2rpLkcoCrpbQ Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\THEMES14\AXIS\PREVIEW.GIF.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 3.03 KB
MD5 57cac533146769cbaf39c9600de78716 Copy to Clipboard
SHA1 092fc6b4074289c235e3062d733de95f8ad7285d Copy to Clipboard
SHA256 ac90e56104bd51cde1146cff9e6f2483f067448fa8300fb03d977ebb20c436e7 Copy to Clipboard
SSDeep 96:JMq0PJQuDVqJ8gyAxB/US5kHG64pavvUvTOektTdt:c5DEOgyAH/n5km6YaHGadt Copy to Clipboard
C:\Boot\BOOTSTAT.DAT.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 64.25 KB
MD5 95b45ee54f808b8c4f252dbb6096e966 Copy to Clipboard
SHA1 9003ef375eb85ed7ec7541c126d98f93d6db39fe Copy to Clipboard
SHA256 7107eb968f9c1917994eb0e4c214341c41e75ce50dbc8aa79b8a3c3a09d72fa3 Copy to Clipboard
SSDeep 1536:87Cjsdqu2wGOFCAhBzHSKKo9Uv1u5GMaon1z5nbddvFw/UbtRjlG:8GsntVCszyKWNubV1zZdd3E Copy to Clipboard
C:\MSOCache\All Users\{90140000-0117-0409-1000-0000000FF1CE}-C\AccessMUISet.xml.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 1.05 KB
MD5 5b54cee3cf2c9f66189ce542d8fef41d Copy to Clipboard
SHA1 6abe3b3fe8cf193bfd08fff91907e0e8c793d347 Copy to Clipboard
SHA256 1eedbb0cc7214909b939a7a4b32b073e3dfc2d2070cdb02cd39d238cabb668e5 Copy to Clipboard
SSDeep 24:n/quzPWI3PTjdjRcGnss8AKOZlgRZ8ITeYgp3WS2s/kHpO+VURk:/3jrjhSP8Wk28kHcquk Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\Smart Tag\METCONV.TXT.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 1.13 MB
MD5 1b790958b7182a52f42c1b89617d30a8 Copy to Clipboard
SHA1 049608317f58ff670740f1a9281814f47ee208d7 Copy to Clipboard
SHA256 3eebf15148a1565b5cf6c9825e8accafe7bbdb897cc30bbd162b90471ed66ee8 Copy to Clipboard
SSDeep 24576:U2taBoPIBIDUhsHwyfzTSAaUiDYRpuPp6umflq5RSh83BUWj6clXArkeS:UiCT5mwyfShjYsPp6umflq5CUBxjRteS Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\ADO210.CHM.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 2.35 MB
MD5 222d33bd1feca6c28de9034624f47ba1 Copy to Clipboard
SHA1 7d9018a7af2193db69d26304f3f1f7bb3706ccc4 Copy to Clipboard
SHA256 5a0d316314bd3648d47bb6b9621a866c2c5614a1dba668bed6beb46d67d3a615 Copy to Clipboard
SSDeep 49152:R0opH/cgHa3HRxz+4gAUOK1J6R1KYJEVhaZ:R0op1Har+kSjWZ Copy to Clipboard
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proof.es\Proof.msi.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 860.74 KB
MD5 27f39552fac73116ca9328c34a59c1cd Copy to Clipboard
SHA1 6eeb0aec34b5d9a9407684f8e5307b5e976d777f Copy to Clipboard
SHA256 1c002e4664c8a37486363ab08ef4c8893071ca4d1d6cd3c4e7b75c60c7e84491 Copy to Clipboard
SSDeep 24576:GWgmiPlc+woN/wDD/kn359ax7akJhsAqFtgEBF/D:GLmyc8/u/6p9U7XHWthBd Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLUEPRNT\PREVIEW.GIF.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 2.12 KB
MD5 0e7e02bfc26834bf92bebc3b73c4de30 Copy to Clipboard
SHA1 70c7e956635a0ba9339ed9b5e142f48221bbd7b8 Copy to Clipboard
SHA256 1ad7a66ddc221d0d289f0aff3f85ee2fe2548137afc588b1146ca8abf8e6a3c5 Copy to Clipboard
SSDeep 48:F5VYokuh+i4UV/UzuaDbYpUHxVM8OqLi9Jcquy:escyWYEIp3Xdt Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\MS.PNG.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 1.88 KB
MD5 53170f14c73eef14a2e488e0a5dd0301 Copy to Clipboard
SHA1 207c85784c5dfddb208e948c21ea136d40de2196 Copy to Clipboard
SHA256 24445f321d34eff900cd5bd670680a8f1a6c402b8fbecef773457a0ebdd1237f Copy to Clipboard
SSDeep 48:9QTskvuizJ6DxgMC5HOQhSX+09m3k/ycGh2oVuJ5L+OInkycquAl:isklzJ6lOOX+Em3eDLyOIRdb Copy to Clipboard
C:\Program Files\Common Files\Microsoft Shared\THEMES14\CONCRETE\THMBNAIL.PNG.id-9C354B42.[GetDataBack@fros.cc].gdb Created File Stream
Not Queried
»
Mime Type application/octet-stream
File Size 28.17 KB
MD5 79f6bcf67d8a87aca91a20accb501215 Copy to Clipboard
SHA1 2380b4cd92aeb6e48d7e215ab21038db7d6dad20 Copy to Clipboard
SHA256 8275366e25f01e2d5c77cdcddb7ee4e9c43b6b2b23d03968dbf96d29a7bdafd9 Copy to Clipboard
SSDeep 768:UrGM1yJ47jKJmtKMHHOEgkharZg82YT9Cg0Z:UK2vduz9XTQgA Copy to Clipboard
Function Logfile
Exit-Icon

This feature requires an online-connection to the VMRay backend.

An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".


    
Before

This feature requires an online-connection to the VMRay backend.

An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".


    
After

This feature requires an online-connection to the VMRay backend.

An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".


    
Screenshot
Expand-Icon
Exit-Icon
icon_left
icon_left
image