qbot1.dll
| Engine | Download Report | Detection | Info |
|---|---|---|---|
|
malicious
Score: 100
|
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
|
| IP | Country | Detection |
|---|---|---|
| 27.0.48.233 | India |  |
| 122.184.143.86 | India | |
| 79.77.142.22 | United Kingdom | |
| Click to see the 96 hidden entries | ||
| 89.129.109.27 | Spain | |
| 70.64.77.115 | Canada | |
| 45.243.142.31 | Egypt | |
| 46.246.254.242 | Greece | |
| 81.229.117.95 | Sweden | |
| 90.7.72.46 | France | |
| 82.125.44.236 | France | |
| 47.149.134.231 | United States | |
| 98.145.23.67 | United States | |
| 70.28.50.223 | Canada | |
| 50.68.186.195 | Canada | |
| 116.120.145.170 | Korea Republic of | |
| 116.74.163.130 | India | |
| 80.6.50.34 | United Kingdom | |
| 2.49.63.160 | United Arab Emirates | |
| 201.244.108.183 | Colombia | |
| 85.104.105.67 | Turkey | |
| 69.242.31.249 | United States | |
| 76.178.148.107 | United States | |
| 201.143.215.69 | Mexico | |
| 205.237.67.69 | Canada | |
| 2.82.8.80 | Portugal | |
| 223.166.13.95 | China | |
| 92.9.45.20 | United Kingdom | |
| 93.147.235.8 | Italy | |
| 198.2.51.242 | United States | |
| 2.36.64.159 | Italy | |
| 103.123.223.133 | India | |
| 220.240.164.182 | Australia | |
| 77.126.99.230 | Israel | |
| 71.38.155.217 | United States | |
| 50.68.204.71 | Canada | |
| 65.95.141.84 | Canada | |
| 58.186.75.42 | Viet Nam | |
| 69.133.162.35 | United States | |
| 90.29.86.138 | France | |
| 92.154.17.149 | France | |
| 86.176.83.44 | United Kingdom | |
| 176.142.207.63 | France | |
| 199.27.66.213 | United States | |
| 79.168.224.165 | Portugal | |
| 47.199.241.39 | United States | |
| 12.172.173.82 | United States | |
| 83.249.198.100 | Sweden | |
| 45.62.70.33 | Canada | |
| 213.55.33.103 | France | |
| 213.64.33.92 | Sweden | |
| 100.4.163.158 | United States | |
| 84.35.26.14 | Netherlands | |
| 184.181.75.148 | United States | |
| 70.49.205.198 | Canada | |
| 183.87.163.165 | India | |
| 47.34.30.133 | United States | |
| 69.160.121.6 | Jamaica | |
| 72.205.104.134 | United States | |
| 173.88.135.179 | United States | |
| 125.63.125.205 | India | |
| 14.192.241.76 | Malaysia | |
| 24.234.220.88 | United States | |
| 103.141.50.43 | India | |
| 161.142.103.187 | Malaysia | |
| 174.4.89.3 | Canada | |
| 89.32.156.5 | Italy | |
| 92.186.69.229 | France | |
| 80.167.196.79 | Denmark | |
| 184.182.66.109 | United States | |
| 27.253.11.10 | Australia | |
| 86.195.14.72 | France | |
| 83.110.223.61 | United Arab Emirates | |
| 75.143.236.149 | United States | |
| 70.160.67.203 | United States | |
| 96.87.28.170 | United States | |
| 5.107.153.132 | United Arab Emirates | |
| 98.37.25.99 | United States | |
| 80.12.88.148 | France | |
| 95.45.50.93 | Ireland | |
| 47.205.25.170 | United States | |
| 94.204.202.106 | United Arab Emirates | |
| 117.195.16.105 | India | |
| 103.101.203.177 | Singapore | |
| 88.126.94.4 | France | |
| 75.109.111.89 | United States | |
| 81.111.108.123 | United Kingdom | |
| 76.86.31.59 | United States | |
| 98.187.21.2 | United States | |
| 186.64.67.30 | Argentina | |
| 188.28.19.84 | United Kingdom | |
| 178.175.187.254 | Moldova Republic of | |
| 96.56.197.26 | United States | |
| 64.121.161.102 | United States | |
| 68.203.69.96 | United States | |
| 79.92.15.6 | France | |
| 165.120.169.171 | United States | |
| 70.50.83.216 | Canada | |
| 87.248.100.215 | United Kingdom |  |
| 54.161.105.65 | United States | |
| Name | IP | Detection |
|---|---|---|
| new-fp-shed.wg1.b.yahoo.com | 87.248.100.215 | |
| yahoo.com | 54.161.105.65 | |
| windowsupdatebg.s.llnwi.net | 178.79.225.128 | |
| Click to see the 1 hidden entries | ||
| www.yahoo.com | 0.0.0.0 | |
| Name | Detection |
|---|---|
| https://www.yahoo.com/ | |
| https://s.yimg.com/aaq/nel/js/spotIm.custom.SpotIMJAC.modal.9d3270fa67932556c75baaed2c09c955.js | |
| https://d.impactradius-event.com | |
| Click to see the 61 hidden entries | |
| https://s.yimg.com/aaq/hc/homepage-pwa-defer-1.1.6.js | |
| https://start.microsoftapp.net/start?pc_campaign=UHF_Banner_15mkts&adjust=y9xgnyl_5sblqid" | |
| https://s.yimg.com/uu/api/res/1.2/2kRwuXH6fvmgKfpoQCf56g--~B/Zmk9c3RyaW07aD0xNDA7cT05MDt3PTE0MDthcHB | |
| https://onedrive.live.com/about/de-ch/ | |
| https://s.yimg.com/aaq/vzm/cs_1.4.0.js | |
| https://s.yimg.com/uu/api/res/1.2/c3dObtZQiIqjZKMWzeYQcw--~B/Zmk9c3RyaW07aD0yNDY7cT04MDt3PTQ0MDthcHB | |
| https://lpcdn.lpsnmedia.net | |
| http://www.yahoo.com/ | |
| https://www.youtube.com/user/MicrosoftCH | |
| http://upx.sf.net | |
| https://schema.org | |
| https://s.yimg.com/uc/sf/0.1.322/js/safe.min.js | |
| https://mem.gfx.ms | |
| https://s.yimg.com/uu/api/res/1.2/mzPB3eeJrxJuAn9uOhK0cA--~B/Zmk9c3RyaW07aD0xNDA7cT05MDt3PTE0MDthcHB | |
| https://s.yimg.com/uu/api/res/1.2/5BZN9wyvjM8FfgniQrH0uw--~B/Zmk9c3RyaW07aD0yNDY7cT04MDt3PTQ0MDthcHB | |
| https://aka.ms/yourcaliforniaprivacychoices | |
| https://www.yahoo.com/px.gif | |
| https://s.yimg.com/uu/api/res/1.2/6DI2hkBaEy3aroPxqBStjQ--~B/Zmk9c3RyaW07aD0yNDY7cT04MDt3PTQ0MDthcHB | |
| https://twitter.com/microsoft_ch | |
| https://5.ras.yahoo.com/adcount%7C2.0%7C5113.1%7C4830441%7C0%7C225%7CAdId=11101911;BnId=2;ct=1864049 | |
| https://s.yimg.com/aaq/wf/wf-core-1.63.0.js | |
| https://sb.scorecardresearch.com/p?c1=2&c2=7241469&c5=2023538075&c7=https%3A%2F%2Fwww.yahoo.com%2F&c | |
| https://accdn.lpsnmedia.net | |
| https://www.linkedin.com/company/1035 | |
| https://www.xbox.com/ | |
| http://schema.org/Organization | |
| https://s.yimg.com/nn/lib/metro/g/myy/advertisement_0.0.19.js | |
| https://yep.video.yahoo.com/oath/js/1/oath-player.js?ypv=8.5.43&lang=en-US | |
| https://openweb.jac.yahoosandbox.com/1.5.0/jac.js | |
| https://www.ad.com/?utm_source=yahoo-home&utm_medium=referral&utm_campaign=ad-feedback" | |
| https://outlook.live.com/owa/ | |
| https://s.yimg.com/uu/api/res/1.2/6lV3qkp5vhD2J.O5ha31Nw--~B/Zmk9c3RyaW07aD0zODY7cT04MDt3PTQ0MDthcHB | |
| https://www.onenote.com/?omkt=de-CH | |
| https://js.monitor.azure.com | |
| https://s.yimg.com/uu/api/res/1.2/fiFKhsorJ_.XzJNVa7HgsQ--~B/Zmk9c3RyaW07aD0yNDY7cT04MDt3PTQ0MDthcHB | |
| https://s.yimg.com/uu/api/res/1.2/h64YbbKcO2GsKYAy1QMRMw--~B/Zmk9c3RyaW07aD0zODY7cT04MDt3PTQ0MDthcHB | |
| https://s.yimg.com/cx/pv/perf-vitals_3.1.0.js | |
| https://s.yimg.com/aaq/spotim/ | |
| https://s.yimg.com/uu/api/res/1.2/p68hnTLk2asTrmg6nFL37A--~B/Zmk9c3RyaW07aD0zODY7cT04MDt3PTQ0MDthcHB | |
| https://www.skype.com/de/ | |
| https://fp-graviton-home-gateway.media.yahoo.com/ | |
| https://s.yimg.com/uu/api/res/1.2/7mz1gUykvPcUcalzuGE1WQ--~B/Zmk9c3RyaW07aD0yNDY7cT04MDt3PTQ0MDthcHB | |
| https://openweb.jac.yahoosandbox.com | |
| https://s.yimg.com/uu/api/res/1.2/k8SbH9Gqa6W8a7JKyncC.A--~B/Zmk9c3RyaW07aD0xNDA7cT05MDt3PTE0MDthcHB | |
| https://yahoo.com/ | |
| https://s.yimg.com/ss/rapid-3.53.38.js | |
| https://lptag.liveperson.net | |
| https://search.yahoo.com/search?p= | |
| https://xboxdesignlab.xbox.com/xbox-design-lab?recipeId=G4E9FNSC&icid=mscom_marcom_CPH4a_PrideXDLcon | |
| http://schema.org | |
| http://www.opensource.org/licenses/mit-license.php | |
| https://analytics.tiktok.com | |
| https://legal.yahoo.com/us/en/yahoo/privacy/adinfo/index.html" | |
| https://5.ras.yahoo.com/adcount%7C2.0%7C5113.1%7C4830424%7C0%7C0%7CAdId=-41;BnId=0;ct=1864049394;st= | |
| https://s.yimg.com/uu/api/res/1.2/H3vVA32ymLk3HFF8J_ZI5w--~B/Zmk9c3RyaW07aD0xNDA7cT05MDt3PTE0MDthcHB | |
| https://www.instagram.com/microsoftch/ | |
| https://www.clarity.ms | |
| https://cdnssl.clicktale.net/www32/ptc/05d32363-d534-4d93-9b65-cde674775e71.js | |
| https://cdnssl.clicktale.net | |
| https://publisher.liveperson.net | |
| https://s.yimg.com/uu/api/res/1.2/4cg6h0vinH_o7ba.oxXthQ--~B/Zmk9c3RyaW07aD0zODg7cT05NTt3PTcyMDthcHB | |
| Name | File Type | Hashes | Detection |
|---|---|---|---|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506 |
Microsoft Cabinet archive data, Windows 2000/XP setup, 63843 bytes, 1 file, at 0x2c +A "authroot.stl", number 1, 6 datablocks, 0x1 compression | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WER7F07.tmp.dmp |
Mini DuMP crash report, 14 streams, Fri Jun 2 04:24:07 2023, 0x1205a4 type | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WER7F45.tmp.dmp |
Mini DuMP crash report, 14 streams, Fri Jun 2 04:24:07 2023, 0x1205a4 type | # | |
| Click to see the 34 hidden entries | |||
C:\ProgramData\Microsoft\Windows\WER\Temp\WER8011.tmp.dmp |
Mini DuMP crash report, 14 streams, Fri Jun 2 04:24:07 2023, 0x1205a4 type | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WER813A.tmp.WERInternalMetadata.xml |
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WER8199.tmp.xml |
XML 1.0 document, ASCII text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WER832E.tmp.WERInternalMetadata.xml |
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WER838C.tmp.WERInternalMetadata.xml |
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WER838D.tmp.xml |
XML 1.0 document, ASCII text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WER8449.tmp.xml |
XML 1.0 document, ASCII text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WER745B.tmp.xml |
XML 1.0 document, ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506 |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\J7NKSXWB.htm |
HTML document, ASCII text, with very long lines (64945) | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\de-ch[1].htm |
HTML document, Unicode text, UTF-8 text, with very long lines (3929), with CRLF, LF line terminators | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\t5[1] |
ASCII text, with very long lines (784), with no line terminators | # | |
C:\Windows\appcompat\Programs\Amcache.hve |
MS Windows registry file, NT/2000 or above | # | |
C:\Windows\appcompat\Programs\Amcache.hve.LOG1 |
MS Windows registry file, NT/2000 or above | # | |
C:\Windows\appcompat\Programs\Amcache.hve.tmp |
MS Windows registry file, NT/2000 or above | # | |
C:\Windows\appcompat\Programs\Amcache.hve.tmp.LOG1 |
MS Windows registry file, NT/2000 or above | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WER5E22.tmp.WERInternalMetadata.xml |
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_9fb6f77b13131586566dd65310d5dce5865fec4f_82810a17_19b56739\Report.wer |
Unicode text, UTF-16, little-endian text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_9fb6f77b13131586566dd65310d5dce5865fec4f_82810a17_19b96630\Report.wer |
Unicode text, UTF-16, little-endian text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_c6a0b02083f29b4f045509d58da68ab1c531655_82810a17_192989f4\Report.wer |
Unicode text, UTF-16, little-endian text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_c6a0b02083f29b4f045509d58da68ab1c531655_82810a17_1a9588cb\Report.wer |
Unicode text, UTF-16, little-endian text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_c6a0b02083f29b4f045509d58da68ab1c531655_82810a17_1bc56fb5\Report.wer |
Unicode text, UTF-16, little-endian text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_c6a0b02083f29b4f045509d58da68ab1c531655_82810a17_1be17998\Report.wer |
Unicode text, UTF-16, little-endian text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WER5B33.tmp.dmp |
Mini DuMP crash report, 14 streams, Fri Jun 2 04:23:58 2023, 0x1205a4 type | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WER5C4C.tmp.dmp |
Mini DuMP crash report, 14 streams, Fri Jun 2 04:23:58 2023, 0x1205a4 type | # | |
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_9fb6f77b13131586566dd65310d5dce5865fec4f_82810a17_1995889c\Report.wer |
Unicode text, UTF-16, little-endian text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WER5E90.tmp.xml |
XML 1.0 document, ASCII text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WER5F0C.tmp.WERInternalMetadata.xml |
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WER5F6B.tmp.xml |
XML 1.0 document, ASCII text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WER66BC.tmp.dmp |
Mini DuMP crash report, 14 streams, Fri Jun 2 04:24:01 2023, 0x1205a4 type | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WER69DA.tmp.WERInternalMetadata.xml |
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WER6A1A.tmp.xml |
XML 1.0 document, ASCII text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WER716B.tmp.dmp |
Mini DuMP crash report, 14 streams, Fri Jun 2 04:24:03 2023, 0x1205a4 type | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WER741B.tmp.WERInternalMetadata.xml |
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators | # | |
