Engine | Download Report | Detection | Info |
---|---|---|---|
|
malicious
Score: 100
|
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
|
Name | IP | Detection |
---|---|---|
api4.check-data.xyz | 0.0.0.0 | |
files.testupdate.info | 0.0.0.0 | |
www.testupdate.info | 0.0.0.0 | |
Click to see the 3 hidden entries | ||
env-3936544.jcloud.kz | 185.22.66.105 | |
d1u0l9f6kr1di3.cloudfront.net | 108.139.241.167 | |
checkdata-1114476139.us-west-2.elb.amazonaws.com | 54.191.228.37 |
Name | Detection |
---|---|
http://nuget.org/NuGet.exe | |
http://pesterbdd.com/images/Pester.png | |
http://crl.micr | |
Click to see the 7 hidden entries | |
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name | |
http://www.apache.org/licenses/LICENSE-2.0.html | |
https://github.com/Pester/Pester | |
https://contoso.com/ | |
https://nuget.org/nuget.exe | |
https://contoso.com/License | |
https://contoso.com/Icon |
Name | File Type | Hashes | Detection |
---|---|---|---|
C:\Users\user\AppData\Local\Temp\7zSD636.tmp\Install.exe |
PE32 executable (GUI) Intel 80386, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\7zSE3E2.tmp\Install.exe |
PE32 executable (GUI) Intel 80386, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\wNHweptAdYeuLCNuf\uZOaPqpyItvbGVj\jKHLerL.exe |
PE32 executable (GUI) Intel 80386, for MS Windows | # | |
Click to see the 12 hidden entries | |||
C:\Windows\System32\GroupPolicy\gpt.ini |
ASCII text | # | |
C:\Windows\Temp\HXDQertRGOTVyfYK\hElxpyKZHjbNPMc\rwZEaTv.exe |
PE32 executable (GUI) Intel 80386, for MS Windows | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive |
data | # | |
C:\Users\user\AppData\Local\Temp\7zSD636.tmp\__data__\config.txt |
data | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_35yenhmn.spf.psm1 |
very short file (no magic) | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ltx2gjbg.j3a.ps1 |
very short file (no magic) | # | |
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive |
data | # | |
C:\Windows\System32\GroupPolicy\Machine\Registry.pol |
RAGE Package Format (RPF), | # | |
C:\Windows\Tasks\bltLOfaNnqcomuNOFZ.job |
data | # | |
C:\Windows\Temp\__PSScriptPolicyTest_m40klbcy.5ve.ps1 |
very short file (no magic) | # | |
C:\Windows\Temp\__PSScriptPolicyTest_t5ujbnql.ve0.psm1 |
very short file (no magic) | # | |
\Device\ConDrv |
ASCII text, with CRLF, CR line terminators | # |