utente_2263.xls
| Engine | Download Report | Detection | Info |
|---|---|---|---|
|
malicious
Score: 80
|
System: unknown
|
|
|
|
malicious
Score: 76
|
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Run Condition: Potential for more IOCs and behavior
|
| IP | Country | Detection |
|---|---|---|
| 95.181.178.221 | Russian Federation |  |
| Name | IP | Detection |
|---|---|---|
| gstat.securityguardlisting.com | 95.181.178.221 | |
| Name | Detection |
|---|---|
| http://gstat.securityguardlisting.com/setup.exe |  |
| Name | File Type | Hashes | Detection |
|---|---|---|---|
C:\Users\user\AppData\Local\Temp\6CF20000 |
data | # | |
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\Desktop.LNK |
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Read-Only, Directory, ctime=Tue Jan 28 13:33:37 2020, mtime=Mon Jun 29 09:54:22 2020, atime=Mon Jun 29 09:54:22 2020, length=16384, window=hide | # | |
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\index.dat |
ASCII text, with CRLF line terminators | # | |
| Click to see the 2 hidden entries | |||
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\utente_2263.LNK |
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Tue Jan 28 13:45:41 2020, mtime=Mon Jun 29 09:54:22 2020, atime=Mon Jun 29 09:54:22 2020, length=202240, window=hide | # | |
C:\Users\user\Desktop\CDF20000 |
Applesoft BASIC program data, first line number 16 | # | |
