Engine | Download Report | Detection | Info |
---|---|---|---|
|
malicious
|
||
|
malicious
Score: 80
|
System: unknown
|
|
|
malicious
Score: 80
|
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Run Condition: Potential for more IOCs and behavior
|
|
|
malicious
Score: 80
|
System: unknown
Run Condition: Without Instrumentation
|
IP | Country | Detection |
---|---|---|
37.230.114.73 | Russian Federation |
Name | IP | Detection |
---|---|---|
toortoctel.com | 37.230.114.73 |
Name | Detection |
---|---|
http://toortoctel.com/effinz/cyaess.php?l=satury11.cabquot;a | |
http://toortoctel.com/effinz/cyaess.php?l=satury11.cab | |
http://toortoctel.com/effinz/cyaess.php?l=satu | |
Click to see the 1 hidden entries | |
http://toortoctel.com/effinz/cyaess.php?l=satury11.cab; |
Name | File Type | Hashes | Detection |
---|---|---|---|
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\42ADB476.png |
PNG image data, 1230 x 390, 8-bit/color RGB, non-interlaced | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{01CAAE30-D7A8-4D17-A4E2-5DEC5895E0DE}.tmp |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{1B122321-A94F-4C49-B392-832599B83BA6}.tmp |
data | # | |
Click to see the 7 hidden entries | |||
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{1E612B9F-EB45-4B49-9EC1-09605186F7D4}.tmp |
data | # | |
C:\Users\user\AppData\Local\Temp\VBE\MSForms.exd |
data | # | |
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\Request_12_11.LNK |
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Sun Sep 24 13:01:37 2017, mtime=Sun Sep 24 13:01:37 2017, atime=Wed Dec 11 20:32:56 2019, length=61747, window=hide | # | |
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\index.dat |
ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Roaming\Microsoft\Templates\~$Normal.dotm |
data | # | |
C:\Users\user\Desktop\~$quest_12_11.doc |
data | # | |
C:\Windows\Temp\aVAJ9Y.xsl |
XML 1.0 document text (XSL stylesheet) | # |