Engine | Download Report | Detection | Info |
---|---|---|---|
|
malicious
|
||
|
malicious
Score: 100
|
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
|
Name | IP | Detection |
---|---|---|
28a89d66-6769-4b6d-ad7a-64ea56a01c93.uuid.mastiakele.xyz | 0.0.0.0 |
Name | Detection |
---|---|
http://un6fsy7wsdbqb54aridsmu5mtdcctatumigg37ip476tsdy2jf6ascqd.onionS-1-5-21-3853321935-2125563209- | |
https://mastiakele.xyz | |
http://localhost:3433/https://duniadekho.baridna: | |
Click to see the 45 hidden entries | |
http://un6fsy7wsdbqb54aridsmu5mtdcctatumigg37ip476tsdy2jf6ascqd.onion | |
https://mastiakele.xyzhttp://un6fsy7wsdbqb54aridsmu5mtdcctatumigg37ip476tsdy2jf6ascqd.onionhttps://m | |
https://mastiakele.xyzhttp://un6fsy7wsdbqb54aridsmu5mtdcctatumigg37ip476tsdy2jf6ascqd.onionCommonPro | |
http://vcr4vuv4sf5233btfy7xboezl7umjw7rljdmaeztmmf4s6k2ivinj3yd.oniontls: | |
http://un6fsy7wsdbqb54aridsmu5mtdcctatumigg37ip476tsdy2jf6ascqd.onionC: | |
https://mastiakele.xyzhttp://un6fsy7wsdbqb54aridsmu5mtdcctatumigg37ip476tsdy2jf6ascqd.onion | |
http://un6fsy7wsdbqb54aridsmu5mtdcctatumigg37ip476tsdy2jf6ascqd.onionhttp://un6fsy7wsdbqb54aridsmu5m | |
http://www.google.com/feedfetcher.html)HKLM | |
http://grub.org)Mozilla/5.0 | |
https://cdn.discordapp.com/attachments/1087398815188910163/1087399133926674453/LZ.zipreflect.Value.I | |
https://raw.githubusercontent.com/spesmilo/electrum/master/electrum/servers.jsonsize | |
https://mastiakele.xyzMicrosoft | |
http://crl.g | |
https://blockchain.infoindex | |
http://www.exabot.com/go/robot)Opera/9.80 | |
http://www.avantbrowser.com)MOT-V9mm/00.62 | |
https://turnitin.com/robot/crawlerinfo.html)cannot | |
http://help.yahoo.com/help/us/ysearch/slurp)SonyEricssonK550i/R1JD | |
http://search.msn.com/msnbot.htm)pkcs7: | |
http://www.alexa.com/help/webmasters; | |
http://www.google.com/adsbot.html)Encountered | |
https://mastiakele.xyzhttps://mastiakele.xyzRegQueryValueExWUUIDPGDSE64-bitc: | |
http://www.bloglines.com)Frame | |
http://www.googlebot.com/bot.html)Links | |
http://www.baidu.com/search/spider.htm)MobileSafari/600.1.4 | |
http://search.msn.com/msnbot.htm)net/http: | |
http://www.alltheweb.com/help/webmaster/crawler)Mozilla/5.0 | |
http://yandex.com/ | |
http://search.msn.com/msnbot.htm)net/htt | |
http://www.google.com/bot.html)crypto/ecdh: | |
https://github.com/Snawoot/opera-proxy/releases/download/v1.2.2/opera-p | |
http://invalidlog.txtlookup | |
http://search.msn.com/msnbot.htm)msnbot/1.1 | |
http://gais.cs.ccu.edu.tw/robot.php)Gulper | |
http://www.archive.org/details/archive.org_bot)Opera/9.80 | |
http://www.avantbrowser.com | |
http://yandex.com/bots)Opera/9.51 | |
http://www.google.com/bot.html)Mozilla/5.0 | |
https://mastiakele.xyzhttps://mastiakele.xyzRegQueryValueExWhttps://mastiakele.xyzUUIDUUIDPGDSEPGDSE | |
http://https://_bad_pdb_file.pdb | |
http://archive.org/details/archive.org_bot)Mozilla/5.0 | |
http://devlog.gregarius.net/docs/ua)Links | |
http://www.google. | |
http://misc.yahoo.com.cn/help.html)QueryPerformanceFrequency | |
http://www.spidersoft.com)Wg |
Name | File Type | Hashes | Detection |
---|---|---|---|
C:\Windows\rss\csrss.exe |
PE32 executable (GUI) Intel 80386, for MS Windows | # | |
C:\Windows\Temp\__PSScriptPolicyTest_alrlhr1g.v5f.ps1 |
very short file (no magic) | # | |
\Device\Null |
ASCII text, with CRLF, LF line terminators | # | |
Click to see the 29 hidden entries | |||
C:\Windows\Temp\__PSScriptPolicyTest_z5j1xn30.oha.psm1 |
very short file (no magic) | # | |
C:\Windows\Temp\__PSScriptPolicyTest_yjogpmn2.2vt.ps1 |
very short file (no magic) | # | |
C:\Windows\Temp\__PSScriptPolicyTest_w0aevyid.a34.psm1 |
very short file (no magic) | # | |
C:\Windows\Temp\__PSScriptPolicyTest_vvhtfm1i.slt.psm1 |
very short file (no magic) | # | |
C:\Windows\Temp\__PSScriptPolicyTest_txvnygx2.3pj.ps1 |
very short file (no magic) | # | |
C:\Windows\Temp\__PSScriptPolicyTest_tegyafc1.bwe.ps1 |
very short file (no magic) | # | |
C:\Windows\Temp\__PSScriptPolicyTest_q5tugduk.fnu.psm1 |
very short file (no magic) | # | |
C:\Windows\Temp\__PSScriptPolicyTest_phccmwlw.m0k.ps1 |
very short file (no magic) | # | |
C:\Windows\Temp\__PSScriptPolicyTest_p2nuu3nn.1zm.ps1 |
very short file (no magic) | # | |
C:\Windows\Temp\__PSScriptPolicyTest_ninjjd0h.sdc.psm1 |
very short file (no magic) | # | |
C:\Windows\Temp\__PSScriptPolicyTest_mcrmpiy0.i5p.psm1 |
very short file (no magic) | # | |
C:\Windows\Temp\__PSScriptPolicyTest_m40tnpqs.odn.psm1 |
very short file (no magic) | # | |
C:\Windows\Temp\__PSScriptPolicyTest_llc3eusd.wzr.ps1 |
very short file (no magic) | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache |
data | # | |
C:\Windows\Temp\__PSScriptPolicyTest_5z2r5jwu.tvo.ps1 |
very short file (no magic) | # | |
C:\Windows\Temp\__PSScriptPolicyTest_5rosccoi.3tj.ps1 |
very short file (no magic) | # | |
C:\Windows\Temp\__PSScriptPolicyTest_4kbnorl3.12h.psm1 |
very short file (no magic) | # | |
C:\Windows\Temp\__PSScriptPolicyTest_1ufz0sgk.myo.psm1 |
very short file (no magic) | # | |
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-Interactive |
data | # | |
C:\Windows\Logs\CBS\CBS.log |
Unicode text, UTF-8 (with BOM) text, with very long lines (315), with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_yz2x05go.ann.psm1 |
very short file (no magic) | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_yfxhgdjq.5aw.ps1 |
very short file (no magic) | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_xxox1cid.pwx.ps1 |
very short file (no magic) | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_s4hshgl2.ban.ps1 |
very short file (no magic) | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_r24lykxa.jtx.ps1 |
very short file (no magic) | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_neh5uxb5.2du.psm1 |
very short file (no magic) | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_1kmi0cxx.czu.psm1 |
very short file (no magic) | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_0hiwndk4.bpq.psm1 |
very short file (no magic) | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-Interactive |
data | # |