Engine | Download Report | Detection | Info |
---|---|---|---|
|
malicious
Score: 96
|
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
|
|
|
malicious
Score: 100
|
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Run Condition: Run with higher sleep bypass
|
IP | Country | Detection |
---|---|---|
96.7.0.0 | United States | |
82.10.0.0 | United Kingdom | |
8.7.0.0 | United States | |
Click to see the 23 hidden entries | ||
116.7.0.0 | China | |
68.7.0.0 | United States | |
236.6.0.0 | Reserved | |
136.6.0.0 | United States | |
200.18.0.0 | Brazil | |
84.7.0.0 | France | |
180.6.0.0 | Japan | |
100.7.0.0 | United States | |
172.6.0.0 | United States | |
204.6.0.0 | United States | |
174.138.33.49 | United States | |
232.6.0.0 | Reserved | |
208.9.0.0 | United States | |
4.7.0.0 | United States | |
112.7.0.0 | China | |
24.7.0.0 | United States | |
64.7.0.0 | United States | |
80.7.0.0 | United Kingdom | |
144.1.49.1 | unknown | |
176.6.0.0 | Germany | |
101.69.85.108 | China | |
20.7.0.0 | United States | |
248.6.0.0 | Reserved |
Name | Detection |
---|---|
https://174.138.33.49:7080/tem | |
https://174.138.33.49/T | |
https://174.138.33.49:7080/944 | |
Click to see the 48 hidden entries | |
https://174.138.33.49:7080/x | |
https://dynamic.t | |
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gd?pv=1&r= | |
https://%s.xboxlive.com | |
https://dev.ditu.live.com/mapcontrol/mapconfiguration.ashx?name=native&v= | |
https://dev.virtualearth.net/REST/v1/Locations | |
https://ecn.dev.virtualearth.net/mapcontrol/mapconfiguration.ashx?name=native&v= | |
https://dev.virtualearth.net/mapcontrol/logging.ashx | |
https://support.hotspotshield.com/ | |
https://dynamic.api.tiles.ditu.live.com/odvs/gdi?pv=1&r= | |
https://www.disneyplus.com/legal/privacy-policy | |
https://dev.virtualearth.net/REST/v1/JsonFilter/VenueMaps/data/ | |
http://crl.ver) | |
https://dev.virtualearth.net/REST/v1/Routes/Transit | |
https://disneyplus.com/legal. | |
https://t0.ssl.ak.tiles.virtualearth.net/tiles/gen | |
https://%s.xboxlive.come | |
https://dynamic.api.tiles.ditu.live.com/odvs/gdv?pv=1&r= | |
https://activity.windows.com | |
https://dev.ditu.live.com/REST/v1/Locations | |
http://help.disneyplus.com. | |
https://%s.dnet.xboxlive.com | |
https://dev.ditu.live.com/REST/v1/JsonFilter/VenueMaps/data/ | |
https://dynamic.api.tiles.ditu.live.com/odvs/gd?pv=1&r= | |
https://174.138.33.49:7080/ | |
https://dev.virtualearth.net/REST/v1/Routes/Driving | |
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/comp/gen.ashx | |
https://dev.ditu.live.com/REST/v1/Traffic/Incidents/ | |
https://t0.tiles.ditu.live.com/tiles/gen | |
https://dev.virtualearth.net/REST/v1/Routes/Walking | |
https://dev.virtualearth.net/mapcontrol/HumanScaleServices/GetBubbles.ashx?n= | |
https://dev.ditu.live.com/mapcontrol/logging.ashx | |
https://174.138.33.49/ | |
https://dev.ditu.live.com/REST/v1/Imagery/Copyright/ | |
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gri?pv=1&r= | |
https://dev.virtualearth.net/REST/v1/Transit/Schedules/ | |
https://www.tiktok.com/legal/report/feedback | |
https://www.hotspotshield.com/terms/ | |
https://www.pango.co/privacy | |
http://www.bingmapsportal.com | |
https://ecn.dev.virtualearth.net/REST/v1/Imagery/Copyright/ | |
https://dynamic.t0.tiles.ditu.live.com/comp/gen.ashx | |
https://www.disneyplus.com/legal/your-california-privacy-rights | |
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gdv?pv=1&r= | |
https://dev.virtualearth.net/REST/v1/Routes/ | |
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gdi?pv=1&r= | |
https://dev.ditu.live.com/REST/v1/Routes/ | |
https://dev.virtualearth.net/webservices/v1/LoggingService/LoggingService.svc/Log? |
Name | File Type | Hashes | Detection |
---|---|---|---|
C:\ProgramData\Microsoft\Network\Downloader\edb.chk |
data | # | |
C:\ProgramData\Microsoft\Network\Downloader\edb.log |
MPEG-4 LOAS | # | |
C:\ProgramData\Microsoft\Network\Downloader\qmgr.db |
Extensible storage engine DataBase, version 0x620, checksum 0x9fe2e37f, page size 16384, Windows version 10.0 | # | |
Click to see the 13 hidden entries | |||
C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm |
data | # | |
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_MIp_773949b15a9dc27bfcd3f791ccbc8dda8da3511_ceeedb37_0e0d5ce9\Report.wer |
Little-endian UTF-16 Unicode text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_MIp_aa8bb9fdf8d32e2840ca8df43968d536d04b9a9_ceeedb37_07895910\Report.wer |
Little-endian UTF-16 Unicode text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WER31C2.tmp.dmp |
Mini DuMP crash report, 15 streams, Fri Jul 22 21:11:02 2022, 0x1205a4 type | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WER3A8C.tmp.dmp |
Mini DuMP crash report, 15 streams, Fri Jul 22 21:11:04 2022, 0x1205a4 type | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WER3DB9.tmp.WERInternalMetadata.xml |
XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WER3FAE.tmp.xml |
XML 1.0 document, ASCII text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WER43B4.tmp.WERInternalMetadata.xml |
XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WER4675.tmp.xml |
XML 1.0 document, ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506 |
Microsoft Cabinet archive data, 61712 bytes, 1 file | # | |
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506 |
data | # | |
C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp |
ASCII text, with no line terminators | # | |
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\MpCmdRun.log |
Little-endian UTF-16 Unicode text, with CRLF, CR line terminators | # |