Engine | Download Report | Detection | Info |
---|---|---|---|
|
malicious
|
||
|
malicious
Score: 100
|
System: unknown
|
IP | Country | Detection |
---|---|---|
198.12.66.107 | United States |
Name | Detection |
---|---|
http://198.12.66.107/garang.exe | |
http://198.12.66.107/garang.exe) | |
http://198.12.66.107/garang.exeYW5nLmV4ZQ==).CreateElement( | |
Click to see the 2 hidden entries | |
http://mail.platinships.net | |
http://198.12.66.107/garang.exeDOMDocument |
Name | File Type | Hashes | Detection |
---|---|---|---|
C:\ProgramData\uaccc.exe |
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows | # | |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\nichebaba.exe |
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows | # | |
C:\Users\user\Desktop\~$Vessel Details.xlsm |
data | # | |
Click to see the 4 hidden entries | |||
C:\ProgramData\asc.txt:script1.vbs |
UTF-8 Unicode text, with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\7DBDEA7C.emf |
Windows Enhanced Metafile (EMF) image data version 0x10000 | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\B1DDC1EA.png |
GIF image data, version 89a, 1374 x 584 | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\F42E504D.emf |
Windows Enhanced Metafile (EMF) image data version 0x10000 | # |