Engine | Download Report | Detection | Info |
---|---|---|---|
|
malicious
|
||
|
malicious
Score: 100
|
System: Windows 7 x64 SP1 with Office 2010 SP1 (IE 11, FF52, Chrome 57, Adobe Reader DC 15, Flash 25.0.0.127, Java 8 Update 121, .NET 4.6.2)
|
IP | Country | Detection |
---|---|---|
136.243.86.20 | Germany | |
162.159.129.233 | United States | |
109.206.241.81 | Germany |
Name | IP | Detection |
---|---|---|
pkusukoharjo.com | 136.243.86.20 | |
cdn.discordapp.com | 162.159.129.233 |
Name | Detection |
---|---|
http://109.206.241.81/htdocs/zTALg.exe | |
https://pkusukoharjo.com/giving/qGTGx.exe | |
https://pkusukoharjo.com/ | |
Click to see the 16 hidden entries | |
http://crl.entrust.net/2048ca.crl0 | |
http://109.206.241.81P | |
https://secure.comodo.com/CPS0 | |
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name | |
http://ocsp.entrust.net0D | |
https://cdn.discordapp.com | |
https://pkusukoharjo.com/giving/qGTGx.exejjC: | |
https://api.telegram.org/bot5520247480:AAEoBq-eVV-KfON2FKSf_2riekCozVDdnus/ | |
http://www.diginotar.nl/cps/pkioverheid0 | |
http://crl.pkioverheid.nl/DomOvLatestCRL.crl0 | |
http://crl.pkioverheid.nl/DomOrganisatieLatestCRL-G2.crl0 | |
https://cdn.discordapp.com/attachments/1001850193580392480/1002961152617222144/seven.dll | |
https://pkusukoharjo.com/giving/qGTGx.exej | |
http://ocsp.entrust.net03 | |
http://crl.entrust.net/server1.crl0 | |
https://pkusukoharjo.com/y |
Name | File Type | Hashes | Detection |
---|---|---|---|
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\qGTGx[1].exe |
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows | # | |
C:\Users\user\AppData\Roaming\jhghyftvgyjhjhgjhjhggfresewdxrcnvfhgfhggfrtreaebvcnbnc.exe |
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows | # | |
C:\Users\user\Desktop\~$Contract - Wipak Oy.xlsx |
data | # | |
Click to see the 3 hidden entries | |||
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\84E7CB3E.png |
PNG image data, 410 x 243, 8-bit/color RGB, non-interlaced | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_powershell_ise.e_21ed43beb8f55ccf28a91ce407abfb7d5b6e611_02d11d32\Report.wer |
data | # | |
C:\Users\user\AppData\Local\Temp\WER1334.tmp.WERInternalMetadata.xml |
XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators | # |