Engine | Download Report | Detection | Info |
---|---|---|---|
|
malicious
|
||
|
malicious
Score: 100
|
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
|
IP | Country | Detection |
---|---|---|
185.252.178.63 | Germany | |
162.55.60.2 | United States |
Name | IP | Detection |
---|---|---|
showip.net | 162.55.60.2 |
Name | Detection |
---|---|
http://185.252.178.63/loader/uploads/inf_Hpgwbzkt.bmp | |
http://185.252.178.63/loader/uploads/Arwiw_Xnqfdlpv.png | |
https://search.yahoo.com/favicon.icohttps://search.yahoo.com/search | |
Click to see the 27 hidden entries | |
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q= | |
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name | |
https://www.nuget.org/packages/Newtonsoft.Json.Bson | |
https://www.newtonsoft.com/jsonschema | |
https://www.openstreetmap.org/copyright | |
http://schema.org | |
https://search.yahoo.com?fr=crmas_sfp | |
https://ac.ecosia.org/autocomplete?q= | |
https://api.telegram.org/bot4(SpawnProcess) | |
http://james.newtonking.com/projects/json | |
http://showip.net/ | |
https://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas_sfp&command= | |
https://showip.net/?checkip= | |
http://showip.netxhttp://www.mediacollege.com/internet/utilities/show-ip.shtml__vbaLsetFixstr__vbaFi | |
http://upx.sf.net | |
https://www.newtonsoft.com/json | |
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q= | |
https://search.yahoo.com?fr=crmas_sfpf | |
https://unpkg.com/leaflet | |
http://185.252.178.63 | |
https://showip.net/ | |
https://api.telegram.org/bot | |
https://www.google.com/images/branding/product/ico/googleg_lodp.ico | |
http://185.252.178.63/loader/uploads/inf_Hpgwbzkt.bmp)Acugwsmmzufefycomfxvihl | |
https://duckduckgo.com/ac/?q= | |
https://duckduckgo.com/chrome_newtab | |
http://185.252.178.63/loader/uploads/Arwiw_Xnqfdlpv.pngP/r/ |
Name | File Type | Hashes | Detection |
---|---|---|---|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\BPL_1000572_007.bat.exe.log |
ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Temp\Wthdlxoyqvnqsfcfiinf.exe |
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows | # | |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\fireless.exe |
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows | # | |
Click to see the 13 hidden entries | |||
C:\Users\user\AppData\Roaming\note\pdf.exe |
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows | # | |
C:\Users\user\AppData\Roaming\note\pdf.exe:Zone.Identifier |
ASCII text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_Wthdlxoyqvnqsfcf_ec9af89a7aba5095a1b9163a261854dde92db_1f43b382_1621c52a\Report.wer |
Little-endian UTF-16 Unicode text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WER8A92.tmp.dmp |
Mini DuMP crash report, 15 streams, Fri Sep 23 15:01:48 2022, 0x1205a4 type | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WERA781.tmp.WERInternalMetadata.xml |
XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WERA9A5.tmp.xml |
XML 1.0 document, ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive |
data | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_m4mju5by.ked.psm1 |
very short file (no magic) | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_w45iylbi.unn.ps1 |
very short file (no magic) | # | |
C:\Users\user\AppData\Roaming\A1EB3E3549D5FF0555D7\LoghemosideroticdJPxvxBPhxRvFDWcDVPhPZaUIGIDQLVJwWmvfjYBsLDUhypometropia |
SQLite 3.x database, last written using SQLite version 3038005 | # | |
C:\Windows\appcompat\Programs\Amcache.hve |
MS Windows registry file, NT/2000 or above | # | |
C:\Windows\appcompat\Programs\Amcache.hve.LOG1 |
MS Windows registry file, NT/2000 or above | # |