Engine | Download Report | Detection | Info |
---|---|---|---|
|
malicious
|
||
|
malicious
Score: 100
|
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
|
|
|
malicious
Score: 100
|
System: Windows 10 64 bit 20H2 Native physical Machine for testing VM-aware malware (Office 2019, Chrome 93, Firefox 91, Adobe Reader DC 21, Java 8 Update 301
|
Name | Detection |
---|---|
http://vcr4vuv4sf5233btfy7xboezl7umjw7rljdmaeztmmf4s6k2ivinj3yd.onionS-1-5-21-3853321935-2125563209- | |
https://duniadekho.barhttp://vcr4vuv4sf5233btfy7xboezl7umjw7rljdmaeztmmf4s6k2ivinj3yd.onion | |
http://vcr4vuv4sf5233btfy7xboezl7umjw7rljdmaeztmmf4s6k2ivinj3yd.onion | |
Click to see the 50 hidden entries | |
https://duniadekho.barhttps://duniadekho.barRegQueryValueExWhttps://duniadekho.barUUIDUUIDPGDSEPGDSE | |
http://vcr4vuv4sf5233btfy7xboezl7umjw7rljdmaeztmmf4s6k2ivinj3yd.oniontls: | |
https://duniadekho.barhttp://vcr4vuv4sf5233btfy7xboezl7umjw7rljdmaeztmmf4s6k2ivinj3yd.onionhttps://d | |
http://vcr4vuv4sf5233btfy7xboezl7umjw7rljdmaeztmmf4s6k2ivinj3yd.onionhttp://vcr4vuv4sf5233btfy7xboez | |
http://vcr4vuv4sf5233btfy7xboezl7umjw7rljdmaeztmmf4s6k2ivinj3yd.onionC: | |
https://duniadekho.bar | |
http://localhost:3433/https://duniadekho.baridna: | |
https://duniadekho.barhttp://vcr4vuv4sf5233btfy7xboezl7umjw7rljdmaeztmmf4s6k2ivinj3yd.onionCommonPro | |
https://duniadekho.barMicrosoft | |
https://duniadekho.barhttps://duniadekho.barRegQueryValueExWUUIDPGDSE64-bitc: | |
http://yandex.com/bots)Opera/9.51 | |
http://www.baidu.com/search/spider.htm)MobileSafari/600.1.4 | |
http://www.google.com/bot.html)Mozilla/5.0 | |
https://github.com/Pester/Pester | |
http://https://_bad_pdb_file.pdb | |
http://archive.org/details/archive.org_bot)Mozilla/5.0 | |
https://github.com/Snawoot/opera-proxy/releases/download/v1.2.2/opera-p | |
http://misc.yahoo.com.cn/help.html)QueryPerformanceFrequency | |
http://help.yahoo.com/help/us/ysearch/slurp)SonyEricssonK550i/R1JD | |
http://www.avantbrowser.com | |
http://www.google.com/feedfetcher.html)HKLM | |
https://cdn.discordapp.com/attachments/1087398815188910163/1087399133926674453/LZ.zipreflect.Value.I | |
http://crl.g | |
https://blockchain.infoindex | |
http://www.avantbrowser.com)MOT-V9mm/00.62 | |
http://search.msn.com/msnbot.htm)pkcs7: | |
http://www.alexa.com/help/webmasters; | |
http://www.google.com/adsbot.html)Encountered | |
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name | |
http://yandex.com/ | |
http://search.msn.com/msnbot.htm)net/htt | |
http://invalidlog.txtlookup | |
http://gais.cs.ccu.edu.tw/robot.php)Gulper | |
http://devlog.gregarius.net/docs/ua)Links | |
http://www.google. | |
http://grub.org)Mozilla/5.0 | |
https://raw.githubusercontent.com/spesmilo/electrum/master/electrum/servers.jsonsize | |
https://turnitin.com/robot/crawlerinfo.html)cannot | |
http://www.exabot.com/go/robot)Opera/9.80 | |
http://www.archive.org/details/archive.org_bot)Opera/9.80 | |
http://www.bloglines.com)Frame | |
http://www.googlebot.com/bot.html)Links | |
http://search.msn.com/msnbot.htm)net/http: | |
http://www.alltheweb.com/help/webmaster/crawler)Mozilla/5.0 | |
https://go.microT | |
http://pesterbdd.com/images/Pester.png | |
http://www.apache.org/licenses/LICENSE-2.0.html | |
http://www.google.com/bot.html)crypto/ecdh: | |
http://www.spidersoft.com)Wg | |
http://search.msn.com/msnbot.htm)msnbot/1.1 |
Name | File Type | Hashes | Detection |
---|---|---|---|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-Interactive |
data | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_p030yzvi.tqg.psm1 |
very short file (no magic) | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_zon3rn2d.2u2.ps1 |
very short file (no magic) | # | |
Click to see the 6 hidden entries | |||
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache |
data | # | |
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-Interactive |
data | # | |
C:\Windows\Temp\__PSScriptPolicyTest_1depap5s.43l.psm1 |
very short file (no magic) | # | |
C:\Windows\Temp\__PSScriptPolicyTest_fil3vomk.kwi.ps1 |
very short file (no magic) | # | |
C:\Windows\Temp\__PSScriptPolicyTest_mfqj4tng.2eo.psm1 |
very short file (no magic) | # | |
C:\Windows\Temp\__PSScriptPolicyTest_uyxuby1g.134.ps1 |
very short file (no magic) | # |