utente_2276.xls
| Engine | Download Report | Detection | Info |
|---|---|---|---|
|
malicious
Score: 72
|
System: unknown
|
|
|
|
malicious
Score: 68
|
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Run Condition: Potential for more IOCs and behavior
|
| IP | Country | Detection |
|---|---|---|
| 62.173.145.113 | Russian Federation |  |
| Name | IP | Detection |
|---|---|---|
| gstat.securityguardlisting.com | 62.173.145.113 | |
| Name | Detection |
|---|---|
| http://gstat.securityguardlisting.com/setup.exe |  |
| Name | File Type | Hashes | Detection |
|---|---|---|---|
C:\Users\user\AppData\Local\Temp\ACF20000 |
data | # | |
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\Desktop.LNK |
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Read-Only, Directory, ctime=Tue Jan 28 13:33:37 2020, mtime=Mon Jun 29 10:54:22 2020, atime=Mon Jun 29 10:54:22 2020, length=8192, window=hide | # | |
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\index.dat |
ASCII text, with CRLF line terminators | # | |
| Click to see the 2 hidden entries | |||
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\utente_2276.LNK |
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Tue Jan 28 13:45:43 2020, mtime=Mon Jun 29 10:54:22 2020, atime=Mon Jun 29 10:54:22 2020, length=215040, window=hide | # | |
C:\Users\user\Desktop\0EF20000 |
Applesoft BASIC program data, first line number 16 | # | |
