Engine | Download Report | Detection | Info |
---|---|---|---|
|
malicious
|
||
|
malicious
Score: 100
|
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
|
IP | Country | Detection |
---|---|---|
151.80.8.11 | Italy | |
104.18.49.20 | United States | |
104.18.48.20 | United States |
Name | IP | Detection |
---|---|---|
alice2019.myftp.biz | 151.80.8.11 | |
paste.ee | 104.18.48.20 |
Name | Detection |
---|---|
http://www.fonts.com | |
http://www.sajatypeworks.com | |
http://secureteam.net/webservices/TU | |
Click to see the 21 hidden entries | |
http://secureteam.net/ErrorReporting.asmxY | |
http://www.carterandcone.coml | |
http://secureteam.net/webservices/T | |
http://www.sakkal.com | |
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name | |
http://paste.ee/r/yaEzF | |
http://www.zhongyicts.com.cn | |
http://www.goodfont.co.kr | |
http://www.sandoll.co.kr | |
http://www.typography.netD | |
http://www.tiro.com | |
http://www.sajatypeworks.comhr | |
http://www.jiyu-kobo.co.jp/ | |
http://secureteam.net/webservices/$ | |
http://secureteam.net/webservices/CreateErrorReport | |
http://www.founder.com.cn/cn/bThe | |
http://www.founder.com.cn/cn | |
http://fontfabrik.com | |
http://www.apache.org/licenses/LICENSE-2.0 | |
http://www.founder.com.cn/cn/cThe | |
http://secureteam.net/ErrorReporting.asmx |
Name | File Type | Hashes | Detection |
---|---|---|---|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\MSBuild.exe.log |
ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\GgNhpv.exe.log |
ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Roaming\59407D34-C8C5-44DF-A766-BA8A11CB1CB0\run.dat |
data | # | |
Click to see the 32 hidden entries | |||
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_yy2dm54c.txy.ps1 |
ASCII text, with no line terminators | # | |
\Device\ConDrv |
ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_zznvryas.0wh.psm1 |
ASCII text, with no line terminators | # | |
C:\Users\user\AppData\Roaming\59407D34-C8C5-44DF-A766-BA8A11CB1CB0\WPA Service\wpasv.exe |
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows | # | |
C:\Users\user\AppData\Roaming\59407D34-C8C5-44DF-A766-BA8A11CB1CB0\catalog.dat |
data | # | |
C:\Users\user\AppData\Roaming\59407D34-C8C5-44DF-A766-BA8A11CB1CB0\settings.bin |
data | # | |
C:\Users\user\AppData\Roaming\59407D34-C8C5-44DF-A766-BA8A11CB1CB0\storage.dat |
data | # | |
C:\Users\user\Documents\20200421\PowerShell_transcript.818225.8e5DVsxy.20200421005130.txt |
UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators | # | |
C:\Users\user\Documents\20200421\PowerShell_transcript.818225.ACpugxHH.20200421005032.txt |
UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators | # | |
C:\Users\user\Documents\20200421\PowerShell_transcript.818225.AcYzDbUR.20200421005018.txt |
UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators | # | |
C:\Users\user\Documents\20200421\PowerShell_transcript.818225.JsCpoOAZ.20200421005131.txt |
UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators | # | |
C:\Users\user\Documents\20200421\PowerShell_transcript.818225.MyWoFULh.20200421005030.txt |
UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators | # | |
C:\Users\user\Documents\20200421\PowerShell_transcript.818225.YHQfqqxA.20200421005112.txt |
UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators | # | |
C:\Users\user\Documents\20200421\PowerShell_transcript.818225.pQoJ9U0B.20200421005016.txt |
UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators | # | |
C:\Users\user\Documents\20200421\PowerShell_transcript.818225.xgwDSDKc.20200421005111.txt |
UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_drs5twxd.myu.psm1 |
ASCII text, with no line terminators | # | |
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\wpasv.exe.log |
ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive |
data | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_1djyoqla.cgt.ps1 |
ASCII text, with no line terminators | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_1lhymjxj.kfz.psm1 |
ASCII text, with no line terminators | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_1u3t34eh.as0.psm1 |
ASCII text, with no line terminators | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_4gxgbq4p.tot.ps1 |
ASCII text, with no line terminators | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_5ircppmr.cnw.psm1 |
ASCII text, with no line terminators | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_yl2tt2od.syr.psm1 |
ASCII text, with no line terminators | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_fiieimg5.41q.psm1 |
ASCII text, with no line terminators | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ikzuz3ku.qxx.ps1 |
ASCII text, with no line terminators | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_lhc4fd1p.xbi.ps1 |
ASCII text, with no line terminators | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_od4nbngh.yez.ps1 |
ASCII text, with no line terminators | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_osulfv0a.f21.psm1 |
ASCII text, with no line terminators | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_prtsbvfc.nov.ps1 |
ASCII text, with no line terminators | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_szytjllq.c4w.ps1 |
ASCII text, with no line terminators | # |