Engine | Download Report | Detection | Info |
---|---|---|---|
|
malicious
|
||
|
malicious
Score: 100
|
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
|
IP | Country | Detection |
---|---|---|
47.75.136.12 | United States | |
75.114.235.105 | United States | |
103.28.36.229 | Viet Nam |
Name | IP | Detection |
---|---|---|
vietnamgolfholiday.net | 103.28.36.229 | |
oksuc.com | 47.75.136.12 |
Name | Detection |
---|---|
http://75.114.235.105/XSMjOzNcfoWo | |
http://inscricao.jethrointernational.org/wp-admin/0um0/ | |
https://oksuc.com/wp-admin/ncexnq/ | |
Click to see the 6 hidden entries | |
https://vietnamgolfholiday.net/Database/DOC/m2ode5h/ | |
https://vietnamgolfholiday.net/Database/DOC/m2ode5h/Ho | |
https://socialmentors.net/cmsc_db/vGQuZXOoi/ | |
https://sectigo.com/CPS0 | |
http://feichters.net/tmp/tHyg6o/ | |
https://pdtech2.com/components/Wu4bvUf9KY/ |
Name | File Type | Hashes | Detection |
---|---|---|---|
C:\Users\user\Desktop\download\INV_61226693.doc |
Microsoft Word 2007+ | # | |
C:\Users\user\597.exe |
PE32 executable (GUI) Intel 80386, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_54qpdxig.ilw.psm1 |
ASCII text, with no line terminators | # | |
Click to see the 15 hidden entries | |||
C:\Users\user\Documents\20200122\PowerShell_transcript.468325.vISkuNy1.20200122232851.txt |
UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators | # | |
C:\Users\user\Desktop\download\~$V_61226693.doc.docm |
data | # | |
C:\Users\user\Desktop\cmdline.out |
ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Roaming\Microsoft\Templates\~$Normal.dotm |
data | # | |
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\index.dat |
ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\INV_61226693.doc.LNK |
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Thu Jan 23 06:28:42 2020, mtime=Thu Jan 23 06:28:46 2020, atime=Thu Jan 23 06:28:41 2020, length=137484, window=hide | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_docrlbi0.jyc.ps1 |
ASCII text, with no line terminators | # | |
C:\Users\user\AppData\Local\Temp\VBE\MSForms.exd |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.Word\~WRS{FBFD9A29-7BCD-495E-976F-79F7CACED2A8}.tmp |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.Word\~WRS{62E1B232-C32B-4F22-819A-987B514C7755}.tmp |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Office\OTele\winword.exe.db.session-journal |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Office\OTele\winword.exe.db.session |
SQLite 3.x database, last written using SQLite version 3019003 | # | |
C:\Users\user\AppData\Local\Microsoft\Office\OTele\winword.exe.db-wal |
SQLite Write-Ahead Log, version 3007000 | # | |
C:\Users\user\AppData\Local\Microsoft\Office\16.0\Floodgate\Word.CampaignStates.json |
ASCII text, with no line terminators | # |