Engine | Download Report | Detection | Info |
---|---|---|---|
|
malicious
|
||
|
malicious
Score: 100
|
System: Windows 7 x64 SP1 with Office 2010 SP1 (IE 11, FF52, Chrome 57, Adobe Reader DC 15, Flash 25.0.0.127, Java 8 Update 121, .NET 4.6.2)
|
IP | Country | Detection |
---|---|---|
198.23.207.54 | United States |
Name | Detection |
---|---|
http://198.23.207.54/shp/doc_200.doc | |
http://198.23.207.54/200/vbc.exe | |
http://198.23.207.54/shp/ | |
Click to see the 4 hidden entries | |
https://www.theonionrouter.com/dist.torproject.org/torbrowser/9.5.3/tor-win32-0.4.3.6.zip | |
http://198.23.207.54/200/vbc.exehhC: | |
http://198.23.207.54/200/vbc.exej | |
https://api.telegram.org/bot1900392974:AAEB_yGGlWksNcNC4Dg08OgUSlmDON2w098/ |
Name | File Type | Hashes | Detection |
---|---|---|---|
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRF{61C0FE69-632E-42B0-9EAB-CB8720AB2605}.tmp |
Composite Document File V2 Document, Cannot read section info | # | |
C:\Users\Public\vbc.exe |
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\694BA9C1.doc |
data | # | |
Click to see the 22 hidden entries | |||
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\doc_200[1].doc |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNHC0JWC\vbc[1].exe |
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{ADD09414-4C0B-48D8-B1C9-FBE697880796}.tmp |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Office\14.0\OfficeFileCache\FSD-{32AF6775-ED8D-404B-A66E-CD25BD6BBD8D}.FSD |
data | # | |
C:\Users\user\Desktop\~$HL_AWB.docx |
data | # | |
C:\Users\user\AppData\Roaming\Microsoft\Templates\~$Normal.dotm |
data | # | |
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\shp on 198.23.207.54.url |
MS Windows 95 Internet shortcut text (URL=<http://198.23.207.54/shp/>), ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\index.dat |
ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\doc_200.doc.url |
MS Windows 95 Internet shortcut text (URL=<http://198.23.207.54/shp/doc_200.doc>), ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\DHL_AWB.LNK |
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Tue Mar 8 15:45:53 2022, mtime=Tue Mar 8 15:45:53 2022, atime=Fri Aug 5 22:36:11 2022, length=73762, window=hide | # | |
C:\Users\user\AppData\Local\Temp\{4820A152-87F7-4CDD-BC04-BD9F9E14497A} |
data | # | |
C:\Users\user\AppData\Local\Temp\{3AB18AF9-D831-436F-81B4-5DCFDD3A591A} |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Office\14.0\OfficeFileCache\LocalCacheFileEditManager\FSF-{0E1EEE64-E8C6-4E2A-9759-63CF07FD8988}.FSF |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{8E9606C5-2F7B-41CF-A346-056DD4AB9308}.tmp |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{88266991-B66B-4B67-A090-087BD104DE9E}.tmp |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Office\14.0\OfficeFileCache\FSD-CNRY.FSD |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Office\14.0\OfficeFileCache\FSF-CTBL.FSF |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\67C004A6.png |
PNG image data, 731 x 704, 8-bit colormap, non-interlaced | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\4C4AC313.png |
PNG image data, 731 x 704, 8-bit colormap, non-interlaced | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\125384CE.emf |
Windows Enhanced Metafile (EMF) image data version 0x10000 | # | |
C:\Users\user\AppData\Local\Microsoft\Office\14.0\OfficeFileCache\LocalCacheFileEditManager\FSD-CNRY.FSD |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Office\14.0\OfficeFileCache\LocalCacheFileEditManager\FSD-{F4637C4C-84C5-48D5-B5F6-DBF781800F91}.FSD |
data | # |