Engine | Download Report | Detection | Info |
---|---|---|---|
|
malicious
Score: 92
|
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
|
|
|
malicious
Score: 80
|
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Run Condition: Run with higher sleep bypass
|
IP | Country | Detection |
---|---|---|
27.0.48.233 | India | |
50.68.186.195 | Canada | |
186.75.95.6 | Panama | |
Click to see the 96 hidden entries | ||
122.184.143.86 | India | |
90.78.147.141 | France | |
79.77.142.22 | United Kingdom | |
122.186.210.254 | India | |
89.129.109.27 | Spain | |
81.229.117.95 | Sweden | |
82.125.44.236 | France | |
47.149.134.231 | United States | |
98.145.23.67 | United States | |
70.28.50.223 | Canada | |
12.172.173.82 | United States | |
103.144.201.56 | unknown | |
80.6.50.34 | United Kingdom | |
78.18.105.11 | Ireland | |
103.42.86.42 | India | |
201.244.108.183 | Colombia | |
94.207.104.225 | United Arab Emirates | |
76.16.49.134 | United States | |
193.253.100.236 | France | |
69.242.31.249 | United States | |
89.36.206.69 | Italy | |
76.178.148.107 | United States | |
71.38.155.217 | United States | |
77.86.98.236 | United Kingdom | |
172.115.17.50 | United States | |
69.123.4.221 | United States | |
69.119.123.159 | United States | |
113.11.92.30 | Bangladesh | |
92.9.45.20 | United Kingdom | |
198.2.51.242 | United States | |
2.36.64.159 | Italy | |
24.198.114.130 | United States | |
103.123.223.133 | India | |
220.240.164.182 | Australia | |
104.35.24.154 | United States | |
151.65.167.77 | Italy | |
50.68.204.71 | Canada | |
65.95.141.84 | Canada | |
223.166.13.95 | China | |
58.186.75.42 | Viet Nam | |
78.160.146.127 | Turkey | |
174.58.146.57 | United States | |
92.154.17.149 | France | |
176.142.207.63 | France | |
86.97.55.89 | United Arab Emirates | |
79.168.224.165 | Portugal | |
213.64.33.61 | Sweden | |
173.88.135.179 | United States | |
96.56.197.26 | United States | |
178.175.187.254 | Moldova Republic of | |
64.121.161.102 | United States | |
82.131.141.209 | Hungary | |
68.203.69.96 | United States | |
73.29.92.128 | United States | |
84.35.26.14 | Netherlands | |
124.149.143.189 | Australia | |
184.181.75.148 | United States | |
183.87.163.165 | India | |
47.34.30.133 | United States | |
84.108.200.161 | Israel | |
186.64.67.30 | Argentina | |
14.192.241.76 | Malaysia | |
114.143.176.236 | India | |
161.142.103.187 | Malaysia | |
174.4.89.3 | Canada | |
92.186.69.229 | France | |
184.182.66.109 | United States | |
84.215.202.8 | Norway | |
86.195.14.72 | France | |
83.110.223.61 | United Arab Emirates | |
75.143.236.149 | United States | |
70.160.67.203 | United States | |
88.126.94.4 | France | |
102.159.188.125 | Tunisia | |
205.237.67.69 | Canada | |
70.112.206.5 | United States | |
151.62.238.176 | Italy | |
86.132.236.117 | United Kingdom | |
69.133.162.35 | United States | |
80.12.88.148 | France | |
95.45.50.93 | Ireland | |
47.205.25.170 | United States | |
85.57.212.13 | Spain | |
51.14.29.227 | United Kingdom | |
2.82.8.80 | Portugal | |
124.122.47.148 | Thailand | |
78.92.133.215 | Hungary | |
75.109.111.89 | United States | |
96.87.28.170 | United States | |
147.147.30.126 | United Kingdom | |
76.86.31.59 | United States | |
105.186.128.181 | South Africa | |
59.28.84.65 | Korea Republic of | |
81.101.185.146 | United Kingdom | |
125.99.76.102 | India | |
188.28.19.84 | United Kingdom |
Name | Detection |
---|---|
https://twitter.com/microsoft_ch | |
https://start.microsoftapp.net/start?pc_campaign=UHF_Banner_15mkts&adjust=y9xgnyl_5sblqid" | |
https://d.impactradius-event.com | |
Click to see the 23 hidden entries | |
http://schema.org/Organization | |
https://publisher.liveperson.net | |
https://cdnssl.clicktale.net | |
https://www.xbox.com/ | |
https://cdnssl.clicktale.net/www32/ptc/05d32363-d534-4d93-9b65-cde674775e71.js | |
https://www.linkedin.com/company/1035 | |
https://accdn.lpsnmedia.net | |
https://www.clarity.ms | |
https://www.instagram.com/microsoftch/ | |
https://streams.videolan.org/upload/ | |
https://outlook.live.com/owa/ | |
https://analytics.tiktok.com | |
https://lptag.liveperson.net | |
https://aka.ms/yourcaliforniaprivacychoices | |
https://mem.gfx.ms | |
https://schema.org | |
http://upx.sf.net | |
https://www.youtube.com/user/MicrosoftCH | |
https://www.skype.com/de/ | |
https://lpcdn.lpsnmedia.net | |
https://onedrive.live.com/about/de-ch/ | |
https://js.monitor.azure.com | |
https://www.onenote.com/?omkt=de-CH |
Name | File Type | Hashes | Detection |
---|---|---|---|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER91C0.tmp.WERInternalMetadata.xml |
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators | # | |
C:\Windows\appcompat\Programs\Amcache.hve.tmp.LOG1 |
MS Windows registry file, NT/2000 or above | # | |
C:\Windows\appcompat\Programs\Amcache.hve.tmp |
MS Windows registry file, NT/2000 or above | # | |
Click to see the 22 hidden entries | |||
C:\Windows\appcompat\Programs\Amcache.hve.LOG1 |
MS Windows registry file, NT/2000 or above | # | |
C:\Windows\appcompat\Programs\Amcache.hve |
MS Windows registry file, NT/2000 or above | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\de-ch[1].htm |
HTML document, Unicode text, UTF-8 text, with very long lines (3929), with CRLF, LF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WERA26A.tmp.xml |
XML 1.0 document, ASCII text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WERA1CD.tmp.WERInternalMetadata.xml |
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WERA19F.tmp.xml |
XML 1.0 document, ASCII text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WERA131.tmp.WERInternalMetadata.xml |
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WER9FD8.tmp.dmp |
Mini DuMP crash report, 14 streams, Wed May 31 04:42:18 2023, 0x1205a4 type | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WER9F3C.tmp.dmp |
Mini DuMP crash report, 14 streams, Wed May 31 04:42:18 2023, 0x1205a4 type | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WER91EF.tmp.xml |
XML 1.0 document, ASCII text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_3b59b89922c4cddf77f72f6dd2d986ddcfc674cb_82810a17_13bb9ae6\Report.wer |
Unicode text, UTF-16, little-endian text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WER9086.tmp.dmp |
Mini DuMP crash report, 14 streams, Wed May 31 04:42:14 2023, 0x1205a4 type | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WER7D8D.tmp.xml |
XML 1.0 document, ASCII text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WER7D6D.tmp.xml |
XML 1.0 document, ASCII text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WER7D2E.tmp.WERInternalMetadata.xml |
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WER7D0F.tmp.WERInternalMetadata.xml |
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WER7BA6.tmp.dmp |
Mini DuMP crash report, 14 streams, Wed May 31 04:42:08 2023, 0x1205a4 type | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WER7A9D.tmp.dmp |
Mini DuMP crash report, 14 streams, Wed May 31 04:42:08 2023, 0x1205a4 type | # | |
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_8fe1ff6253b685daeb750e0d8c1ede8ec9d8783_82810a17_1cb3a815\Report.wer |
Unicode text, UTF-16, little-endian text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_8fe1ff6253b685daeb750e0d8c1ede8ec9d8783_82810a17_1bab9b83\Report.wer |
Unicode text, UTF-16, little-endian text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_3b59b89922c4cddf77f72f6dd2d986ddcfc674cb_82810a17_1cc7a70c\Report.wer |
Unicode text, UTF-16, little-endian text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_3b59b89922c4cddf77f72f6dd2d986ddcfc674cb_82810a17_14339b25\Report.wer |
Unicode text, UTF-16, little-endian text, with CRLF line terminators | # |