Engine | Download Report | Detection | Info |
---|---|---|---|
|
malicious
Score: 100
|
System: unknown
|
IP | Country | Detection |
---|---|---|
107.173.219.40 | United States |
Name | IP | Detection |
---|---|---|
systemsecureserverprotocolgooglegood.duckdns.org | 107.173.219.40 |
Name | Detection |
---|---|
http://systemsecureserverprotocolgooglegood.duckdns.org/bg/ | |
http://systemsecureserverprotocolgooglegood.duckdns.org/bg/invoice.doc | |
http://systemsecureserverprotocolgooglegood.duckdns.org/bg/vbc.exe |
Name | File Type | Hashes | Detection |
---|---|---|---|
C:\Users\user\netsh\AcGenral.exe |
PE32 executable (GUI) Intel 80386, for MS Windows | # | |
C:\Users\user\Desktop\~$Futuroso New Order.xlsx |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A5U8YKW2\vbc[1].exe |
PE32 executable (GUI) Intel 80386, for MS Windows | # | |
Click to see the 31 hidden entries | |||
C:\Users\user\AppData\Roaming\vbc.exe |
PE32 executable (GUI) Intel 80386, for MS Windows | # | |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\netsh.url |
MS Windows 95 Internet shortcut text (URL=<file:///C:/Users/user/netsh/netsh.vbs>), ASCII text, with CR line terminators | # | |
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\bg on systemsecureserverprotocolgooglegood.duckdns.org.url |
MS Windows 95 Internet shortcut text (URL=<http://systemsecureserverprotocolgooglegood.duckdns.org/bg/>), ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Roaming\Microsoft\Templates\~$Normal.dotm |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{219D7262-8DE4-4C1D-916B-0E23C41B1A4B}.tmp |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{DBA2E285-776E-4F15-9F39-4803B8D00ABE}.tmp |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{FFB975B2-53BE-4685-A0BE-009036C1FF2C}.tmp |
data | # | |
C:\Users\user\AppData\Local\Temp\{6D8A0A5F-CEBD-4B95-A01F-EB82C01D458B} |
data | # | |
C:\Users\user\AppData\Local\Temp\{CD847F1E-3E15-4086-8D03-74B7ED7FCA1A} |
data | # | |
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\index.dat |
ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\invoice.doc.url |
MS Windows 95 Internet shortcut text (URL=<http://systemsecureserverprotocolgooglegood.duckdns.org/bg/invoice.doc>), ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRO0000.doc |
Microsoft Word 2007+ | # | |
C:\Users\user\Desktop\07630000 |
data | # | |
C:\Users\user\Desktop\07630000:Zone.Identifier |
ASCII text, with CRLF line terminators | # | |
C:\Users\user\netsh\netsh.vbs |
ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Microsoft\Office\14.0\OfficeFileCache\FSD-CNRY.FSD |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRD0004.tmp |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRD0001.tmp |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~$RO0000.doc |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~$RD0003.docm |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\F9290395.doc |
Rich Text Format data, version 1, unknown character set | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\D7BC10B3.emf |
Windows Enhanced Metafile (EMF) image data version 0x10000 | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\BD68C039.jpeg |
gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 700x990, frames 3 | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\84AF2B18.emf |
Windows Enhanced Metafile (EMF) image data version 0x10000 | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\580F8C92.jpeg |
[TIFF image data, big-endian, direntries=1], baseline, precision 8, 965x543, frames 3 | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X38UWNX5\invoice[1].doc |
Rich Text Format data, version 1, unknown character set | # | |
C:\Users\user\AppData\Local\Microsoft\Office\14.0\OfficeFileCache\LocalCacheFileEditManager\FSF-{0E1EEE64-E8C6-4E2A-9759-63CF07FD8988}.FSF |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Office\14.0\OfficeFileCache\LocalCacheFileEditManager\FSD-{F2C3B083-12E4-47F3-952B-19F35D0C5D78}.FSD |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Office\14.0\OfficeFileCache\LocalCacheFileEditManager\FSD-CNRY.FSD |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Office\14.0\OfficeFileCache\FSF-CTBL.FSF |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Office\14.0\OfficeFileCache\FSD-{159CDB2A-0609-4239-991A-0CD5DF851025}.FSD |
data | # |