| description | ioc | process |
|---|
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\WidevineCdm\manifest.json | 0f2c4685932a74e8a7bd4733ceea0fcc.exe |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\Infragistics2.Win.UltraWinTree.v8.1.dll.id-585F9D2C.[itteam122@aol.com].ROGER | 0f2c4685932a74e8a7bd4733ceea0fcc.exe |
| File opened for modification | C:\Program Files\Java\jre-1.8\bin\hprof.dll | 0f2c4685932a74e8a7bd4733ceea0fcc.exe |
| File created | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\themes\dark\s_sendforsignature_18.svg.id-585F9D2C.[itteam122@aol.com].ROGER | 0f2c4685932a74e8a7bd4733ceea0fcc.exe |
| File opened for modification | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\nls\sl-si\ui-strings.js | 0f2c4685932a74e8a7bd4733ceea0fcc.exe |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.XboxIdentityProvider_12.50.6001.0_x64__8wekyb3d8bbwe\AppxMetadata\CodeIntegrity.cat | 0f2c4685932a74e8a7bd4733ceea0fcc.exe |
| File opened for modification | C:\Program Files (x86)\Common Files\System\Ole DB\es-ES\sqlxmlx.rll.mui | 0f2c4685932a74e8a7bd4733ceea0fcc.exe |
| File created | C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe.id-585F9D2C.[itteam122@aol.com].ROGER | 0f2c4685932a74e8a7bd4733ceea0fcc.exe |
| File created | C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\6.0.25\cs\System.Windows.Forms.Primitives.resources.dll.id-585F9D2C.[itteam122@aol.com].ROGER | 0f2c4685932a74e8a7bd4733ceea0fcc.exe |
| File opened for modification | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\themes\dark\apple-touch-icon-114x114-precomposed.png | 0f2c4685932a74e8a7bd4733ceea0fcc.exe |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\OneNoteVL_MAK-ul-phn.xrm-ms | 0f2c4685932a74e8a7bd4733ceea0fcc.exe |
| File created | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_proxy\identity_helper.Sparse.Canary.msix.id-585F9D2C.[itteam122@aol.com].ROGER | 0f2c4685932a74e8a7bd4733ceea0fcc.exe |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-core-timezone-l1-1-0.dll.id-585F9D2C.[itteam122@aol.com].ROGER | 0f2c4685932a74e8a7bd4733ceea0fcc.exe |
| File opened for modification | C:\Program Files\Java\jre-1.8\bin\api-ms-win-core-handle-l1-1-0.dll | 0f2c4685932a74e8a7bd4733ceea0fcc.exe |
| File opened for modification | C:\Program Files\Microsoft Office\root\Licenses16\PowerPoint2019VL_KMS_Client_AE-ul.xrm-ms.id-585F9D2C.[itteam122@aol.com].ROGER | 0f2c4685932a74e8a7bd4733ceea0fcc.exe |
| File created | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\editpdf\js\plugins\editpdf-selector.js.id-585F9D2C.[itteam122@aol.com].ROGER | 0f2c4685932a74e8a7bd4733ceea0fcc.exe |
| File opened for modification | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\task-handler\js\selector.js.id-585F9D2C.[itteam122@aol.com].ROGER | 0f2c4685932a74e8a7bd4733ceea0fcc.exe |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\mip_core.dll | 0f2c4685932a74e8a7bd4733ceea0fcc.exe |
| File created | C:\Program Files\dotnet\shared\Microsoft.NETCore.App\8.0.0\System.IO.UnmanagedMemoryStream.dll.id-585F9D2C.[itteam122@aol.com].ROGER | 0f2c4685932a74e8a7bd4733ceea0fcc.exe |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\Unlock.White@2x.png.id-585F9D2C.[itteam122@aol.com].ROGER | 0f2c4685932a74e8a7bd4733ceea0fcc.exe |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.12548.0_x64__8wekyb3d8bbwe\Assets\ShareProvider_CopyLink24x24.scale-200.png | 0f2c4685932a74e8a7bd4733ceea0fcc.exe |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\System\msvcp100.dll.id-585F9D2C.[itteam122@aol.com].ROGER | 0f2c4685932a74e8a7bd4733ceea0fcc.exe |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\playlist\appletrailers.luac | 0f2c4685932a74e8a7bd4733ceea0fcc.exe |
| File opened for modification | C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\6.0.25\cs\System.Windows.Forms.resources.dll.id-585F9D2C.[itteam122@aol.com].ROGER | 0f2c4685932a74e8a7bd4733ceea0fcc.exe |
| File opened for modification | C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\contrast-black\HxCalendarAppList.targetsize-40.png | 0f2c4685932a74e8a7bd4733ceea0fcc.exe |
| File created | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\js\nls\fr-fr\ui-strings.js.id-585F9D2C.[itteam122@aol.com].ROGER | 0f2c4685932a74e8a7bd4733ceea0fcc.exe |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\SharedPerformance.man | 0f2c4685932a74e8a7bd4733ceea0fcc.exe |
| File opened for modification | C:\Program Files\dotnet\shared\Microsoft.NETCore.App\6.0.25\clrjit.dll.id-585F9D2C.[itteam122@aol.com].ROGER | 0f2c4685932a74e8a7bd4733ceea0fcc.exe |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\DCF\SyncFusion.Core.dll.id-585F9D2C.[itteam122@aol.com].ROGER | 0f2c4685932a74e8a7bd4733ceea0fcc.exe |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\api-ms-win-crt-math-l1-1-0.dll.id-585F9D2C.[itteam122@aol.com].ROGER | 0f2c4685932a74e8a7bd4733ceea0fcc.exe |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\TEXTCONV\WPFT632.CNV.id-585F9D2C.[itteam122@aol.com].ROGER | 0f2c4685932a74e8a7bd4733ceea0fcc.exe |
| File opened for modification | C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\8.0.0\ja\UIAutomationTypes.resources.dll | 0f2c4685932a74e8a7bd4733ceea0fcc.exe |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.19071.19011.0_x64__8wekyb3d8bbwe\Assets\AppList.targetsize-16_altform-lightunplated.png | 0f2c4685932a74e8a7bd4733ceea0fcc.exe |
| File created | C:\Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\mashupcompression.dll.id-585F9D2C.[itteam122@aol.com].ROGER | 0f2c4685932a74e8a7bd4733ceea0fcc.exe |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\or\LC_MESSAGES\vlc.mo.id-585F9D2C.[itteam122@aol.com].ROGER | 0f2c4685932a74e8a7bd4733ceea0fcc.exe |
| File created | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\AcroForm\PMP\QRCode.pmp.id-585F9D2C.[itteam122@aol.com].ROGER | 0f2c4685932a74e8a7bd4733ceea0fcc.exe |
| File opened for modification | C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\fr\System.Data.Services.resources.dll | 0f2c4685932a74e8a7bd4733ceea0fcc.exe |
| File opened for modification | C:\Program Files\Microsoft Office\root\vreg\proofing.msi.16.en-us.vreg.dat.id-585F9D2C.[itteam122@aol.com].ROGER | 0f2c4685932a74e8a7bd4733ceea0fcc.exe |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsMaps_5.1906.1972.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Work\RTL\contrast-white\SmallTile.scale-125.png | 0f2c4685932a74e8a7bd4733ceea0fcc.exe |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\api-ms-win-crt-string-l1-1-0.dll.id-585F9D2C.[itteam122@aol.com].ROGER | 0f2c4685932a74e8a7bd4733ceea0fcc.exe |
| File opened for modification | C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\ja\PresentationCore.resources.dll | 0f2c4685932a74e8a7bd4733ceea0fcc.exe |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\ODBC Drivers\salesforce.ini.id-585F9D2C.[itteam122@aol.com].ROGER | 0f2c4685932a74e8a7bd4733ceea0fcc.exe |
| File opened for modification | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\exportpdfupsell-app\js\nls\de-de\ui-strings.js.id-585F9D2C.[itteam122@aol.com].ROGER | 0f2c4685932a74e8a7bd4733ceea0fcc.exe |
| File opened for modification | C:\Program Files\Mozilla Firefox\api-ms-win-core-localization-l1-2-0.dll.id-585F9D2C.[itteam122@aol.com].ROGER | 0f2c4685932a74e8a7bd4733ceea0fcc.exe |
| File created | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer-select\css\main-selector.css.id-585F9D2C.[itteam122@aol.com].ROGER | 0f2c4685932a74e8a7bd4733ceea0fcc.exe |
| File created | C:\Program Files\Microsoft Office\root\Licenses16\ProjectStdR_Retail-ppd.xrm-ms.id-585F9D2C.[itteam122@aol.com].ROGER | 0f2c4685932a74e8a7bd4733ceea0fcc.exe |
| File opened for modification | C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\api-ms-win-core-processthreads-l1-1-1.dll.id-585F9D2C.[itteam122@aol.com].ROGER | 0f2c4685932a74e8a7bd4733ceea0fcc.exe |
| File opened for modification | C:\Program Files\Java\jdk-1.8\bin\javapackager.exe | 0f2c4685932a74e8a7bd4733ceea0fcc.exe |
| File opened for modification | C:\Program Files\Java\jdk-1.8\COPYRIGHT | 0f2c4685932a74e8a7bd4733ceea0fcc.exe |
| File opened for modification | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\s_filter-down_32.svg.id-585F9D2C.[itteam122@aol.com].ROGER | 0f2c4685932a74e8a7bd4733ceea0fcc.exe |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libspeex_resampler_plugin.dll.id-585F9D2C.[itteam122@aol.com].ROGER | 0f2c4685932a74e8a7bd4733ceea0fcc.exe |
| File created | C:\Program Files (x86)\Microsoft\EdgeUpdate_bk\1.3.147.37\msedgeupdateres_bs.dll.id-585F9D2C.[itteam122@aol.com].ROGER | 0f2c4685932a74e8a7bd4733ceea0fcc.exe |
| File opened for modification | C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000018\cardview\lib\native-common\assets\cardview-flag-dark.png | 0f2c4685932a74e8a7bd4733ceea0fcc.exe |
| File opened for modification | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\ob-preview\js\nls\ca-es\ui-strings.js.id-585F9D2C.[itteam122@aol.com].ROGER | 0f2c4685932a74e8a7bd4733ceea0fcc.exe |
| File created | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\search-summary\js\nls\root\ui-strings.js.id-585F9D2C.[itteam122@aol.com].ROGER | 0f2c4685932a74e8a7bd4733ceea0fcc.exe |
| File created | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Tracker\forms_super.gif.id-585F9D2C.[itteam122@aol.com].ROGER | 0f2c4685932a74e8a7bd4733ceea0fcc.exe |
| File opened for modification | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\progress_spinner.gif.id-585F9D2C.[itteam122@aol.com].ROGER | 0f2c4685932a74e8a7bd4733ceea0fcc.exe |
| File opened for modification | C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsFeedbackHub_1.1907.3152.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\InsiderHubAppList.scale-125_contrast-white.png | 0f2c4685932a74e8a7bd4733ceea0fcc.exe |
| File opened for modification | C:\Program Files\WindowsApps\Microsoft.Office.OneNote_16001.12026.20112.0_x64__8wekyb3d8bbwe\images\contrast-white\OneNoteSectionGroupWideTile.scale-200.png | 0f2c4685932a74e8a7bd4733ceea0fcc.exe |
| File opened for modification | C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\contrast-white\FetchingMail.scale-150.png | 0f2c4685932a74e8a7bd4733ceea0fcc.exe |
| File created | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\themes\dark\progress_spinner_dark.gif.id-585F9D2C.[itteam122@aol.com].ROGER | 0f2c4685932a74e8a7bd4733ceea0fcc.exe |
| File opened for modification | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\core\dev\nls\nl-nl\ui-strings.js | 0f2c4685932a74e8a7bd4733ceea0fcc.exe |
| File created | C:\Program Files\Microsoft Office\root\Licenses16\HomeBusiness2019R_OEM_Perp3-pl.xrm-ms.id-585F9D2C.[itteam122@aol.com].ROGER | 0f2c4685932a74e8a7bd4733ceea0fcc.exe |
| File opened for modification | C:\Program Files\VideoLAN\VLC\skins\fonts\FreeSansBold.ttf | 0f2c4685932a74e8a7bd4733ceea0fcc.exe |
