Engine | Download Report | Detection | Info |
---|---|---|---|
|
malicious
|
||
|
malicious
Score: 92
|
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
|
IP | Country | Detection |
---|---|---|
5.61.27.159 | Iran (ISLAMIC Republic Of) | |
103.28.39.29 | Viet Nam |
Name | IP | Detection |
---|---|---|
alphaenergyeng.com | 5.61.27.159 | |
otochothue.com | 103.28.39.29 |
Name | Detection |
---|---|
http://alphaenergyeng.com/wp-content/uploads/2020/01/ahead/444444.png | |
http://www.ip-adress.com | |
http://www.hdtune.com | |
Click to see the 4 hidden entries | |
http://schemas.xmlsoap.org/soap/encoding/ | |
http://alphaenergyeng.com/ | |
http://alphaenergyeng.com/wp-content/uploads/2020/01/ahead/444444.png___User-Agent___Haskel | |
http://schemas.xmlsoap.org/soap/envelope/ |
Name | File Type | Hashes | Detection |
---|---|---|---|
C:\Users\user\AppData\Local\Temp\ColorPick.exe |
PE32 executable (GUI) Intel 80386, for MS Windows | # | |
C:\Users\user\AppData\Roaming\Microsoft\Uuwxyyczoguc\jicrly.exe |
PE32 executable (GUI) Intel 80386, for MS Windows | # | |
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\unarchiver.exe.log |
ASCII text, with CRLF line terminators | # | |
Click to see the 12 hidden entries | |||
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{804C10F8-3E32-11EA-AADB-C25F135D3C65}.dat |
Microsoft Word Document | # | |
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{804C10FA-3E32-11EA-AADB-C25F135D3C65}.dat |
Microsoft Word Document | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\20376640.zip.yhy7usp.partial |
Zip archive data, at least v2.0 to extract | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\20376640.zip.yhy7usp.partial:Zone.Identifier |
ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\20376640.zip:Zone.Identifier |
very short file (no magic) | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\20376640[1].zip |
Zip archive data, at least v2.0 to extract | # | |
C:\Users\user\AppData\Local\Temp\45c1t0uy.5xe\JVC_49457.vbs |
ASCII text, with very long lines | # | |
C:\Users\user\AppData\Local\Temp\JavaDeployReg.log |
ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Temp\qy1i3bpk.zjn\unarchiver.log |
ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Temp\~DF044399C1DC6E6B4E.TMP |
data | # | |
C:\Users\user\AppData\Local\Temp\~DF5E13C7E16B921547.TMP |
data | # | |
C:\Users\user\AppData\Roaming\Microsoft\Uuwxyyczoguc\jicrly.dat |
data | # |