Engine | Download Report | Detection | Info |
---|---|---|---|
|
malicious
|
||
|
malicious
Score: 100
|
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
|
IP | Country | Detection |
---|---|---|
194.109.206.212 | Netherlands | |
86.59.21.38 | Austria | |
148.251.11.21 | Germany | |
Click to see the 5 hidden entries | ||
45.129.183.239 | Germany | |
212.32.240.165 | Netherlands | |
1.0.1.0 | China | |
2.17.179.193 | European Union | |
84.53.167.113 | European Union |
Name | Detection |
---|---|
http://kdsk3afdiolpgejs.onion/sphinx/config.bin | |
https://www.heise.de/fonts/source-sans-pro-subset/sourcesanspro-semibold-webfont.eot? | |
https://static.chartbeat.com/js/chartbeat_mab.js | |
Click to see the 94 hidden entries | |
https://www.heise.de/fonts/source-sans-pro-subset/sourcesanspro-bold-italic-webfont.eot? | |
https://oneclient.sfx.ms/Win/Prod/18.212.1021.0008/update10.xml?OneDriveUpdate=b91e8627eb3cb64b1a907 | |
https://1.f.ix.de/heisejobs/icons/jobs_logo.png | |
https://ow1.res.office365.com/apc/trans.gif?44c9495a6a5b3b1a831fe38b8e6d9551 | |
https://contextual.media.net/nrrV36594.js | |
https://site-cdn.onenote.net/161111931555_Images/LiveTileImages/Wide/Image3.png | |
https://www.heise.de/fonts/source-sans-pro-subset/sourcesanspro-semibold-italic-webfont.eot? | |
https://www.torproject.org/documentation.html | |
https://wiki.torproject.org/TheOnionRouter/TorFAQ#SOCKSAndDNS.%sDANGEROUS_SOCKS | |
https://site-cdn.onenote.net/161111931555_Images/LiveTileImages/Wid | |
https://gzhls.at/i/52/81/1685281-s0.jpg | |
https://s.yimg.com/lo/api/res/1.2/VDiJ3sgxtBN_DlN7ef9aNw--~A/Zmk9ZmlsbDt3PTYyMjtoPTM2ODthcHBpZD1nZW1 | |
https://www.heise.de/icons/ho/heise_online_lupe.png | |
http://www.openssl.org/support/faq.html | |
http://freehaven.net/anonbib/#hs-attack06 | |
https://oneclient.sfx.ms/Win/Prod/18.192.0920.0015/OneDriveSetup.exe | |
https://ad.yieldlab.net/yp/66430 | |
http://GETHEADPOSTPUTCONNECTHTTP/1.Couldn | |
https://xsts.auth.xboxlive.com | |
https://www.heise.de/fonts/source-sans-pro-subset/sourcesanspro-bold-webfont.eot? | |
https://wiki.torproject.org/TheOnionRouter/TorFAQ#SOCKSAndDNS.%s | |
https://www.heise.de/fonts/source-sans-pro-subset/sourcesanspro-italic-webfont.eot? | |
https://aefd.nelreports.net/api/report?cat=bingaot | |
https://%s.dnet.xboxlive.com | |
https://gzhls.at/i/53/51/1745351-s0.jpg | |
https://activity.windows.com | |
https://dw8wjz3q0i4gj.cloudfront.net/apc/trans.gif?76c4263fb9baa97249f7c5aefc2f08e4 | |
https://www.heise.de/ | |
https://28f09a9a31a7b6e49a64ccf9175dcf92.clo.footprintdns.com/apc/trans.gif?edf0ba347b6529ea351c248f | |
https://de.ioam.de/tx.io?st=mobheise&cp=homepage&sv=ke&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.heise.de&x | |
https://gzhls.at/i/44/62/1804462-s0.jpg | |
https://1.f.ix.de/imgs/02/2/5/4/0/9/8/7/2018-11-21-16zu9-banner-klein-mit-logo-c4cdf6c87d9a90e8.jpg | |
https://contextual.media.net/medianet.php?cid=8CU157172&crid=722878611&size=306x271&https=1 | |
https://www.torproject.org/download/download#warningalphabetaThis | |
https://1.f.ix.de/imgs/02/2/5/3/0/4/5/8/Comarch-4fddbfcafe05fdde.jpg | |
https://www.heise.de/icons/svg/logos/svg/preisvergleich.svg | |
http://www.msn.com/de-ch/?ocid=iehp | |
https://cdn.onenote.net/livetile/?Language=en-US | |
https://www.heise.de/assets/heise/add-device-to-html/js/add-device-to-html.js?a5f6e986c8c5a5404904 | |
https://gzhls.at/i/44/56/1804456-s0.jpg | |
https://www.googletagservices.com/tag/js/gpt.js | |
https://www.heise.de/assets/akwa/v12/css/akwa.css?2e1b445264a4c552d85e | |
https://wiki.torprojec | |
https://www.torproject. | |
https://site-cdn.onenote.net/161111931555_Images/LiveTileImages/MediumAndLarge/Image3.png | |
https://xsts.auth.xboxlive.com/ | |
https://www.heise.de/fonts/source-sans-pro-subset/sourcesanspro-light-webfont.eot? | |
https://site-cdn.onenote.net/161111931555_Images/LiveTileImages/MediumAndLarge/Image2.png | |
https://ow1.res.office365.com/apc/trans.gif?0c9aa04cd4189be02a6814bd263c9761 | |
https://securepubads.g.doubleclick.net/gpt/pubads_impl_275.js | |
https://site-cdn.onenote.net/161311631557_Images/LiveTileImages/MediumAndLarge/Image2.png | |
http://www.msn.com/?ocid=iehp | |
https://maps.windows.com/windows-app-web-link | |
https://cdn.onenote.net/xy.dll | |
https://1.f.ix.de/imgs/02/1/8/1/5/2/2/3/TrendMicro_Webcast_HBSAd_300x600_pre-b38353e8c8c30790.jpg | |
https://www.heise.de/ivw-bin/ivw/CP/ | |
https://contextual.media.net/mediamain.html?&gdpr=0&cid=8CU157172&cpcd=pC3JHgSCqY8UHihgrvGr0A%3D%3D& | |
https://www.heise.de/assets/heise/hohomepage/css/hohomepage.css?01d3b8b15a86356e88d9 | |
https://site-cdn.onenote.net/161311631557_Images/LiveTileImages/Wide/Image2.png | |
https://www.heise.de/fonts/source-sans-pro-subset/sourcesanspro-regular-webfont.eot? | |
https://www.torproject.org/ | |
https://www.heise.de/assets/akwa/v12/js/akwa.js?cb93c9c59739ab662325 | |
https://login.windows.net/( | |
https://ow1.res.office365.com/apc/trans.gif?60b9babae36a1ead54874c2c5f7295ee | |
https://site-cdn.onenote.net/161311631557_Images/LiveTileImages/Small/Image2.png | |
https://www.heise.de/avw-bin/ivw/CP/barfoo/ho/4206427/0.gif?d=1865586839 | |
https://www.heise.de/icons/ho/heise_online_lupe.gif | |
https://tarifrechner.heise.de/widget.php?produkt=dsl | |
https://wiki.torproject.org/TheOnionRouter/TorFAQ#ServerOS | |
https://ow1.res.office365.com/apc/trans.gif?179bfc1bf014a80f707f49534d911219 | |
https://dw8wjz3q0i4gj.cloudfront.net/apc/trans.gif?e52d8af823fb691d6070a8d08c122966 | |
https://gzhls.at/i/69/04/1756904-s0.jpg | |
https://script.ioam.de/iam.js?m=1 | |
https://ow1.res.office365.com/apc/trans.gif?ab883dc0791716ffc6417fbff491e867 | |
https://policies.yahoo.com/w3c/p3p.xml | |
https://site-cdn.onenote.net/161111931555_Images/LiveTileImages/Small/Image3.png | |
http://crl.pki.goog/gsr2/gsr2.crl0? | |
https://www.torproject.org/download/download#warning | |
https://aefd.nelreports.net/api/report?cat=bingrms | |
https://script.ioam.de/p3p.xml | |
https://ow1.res.office365.com/apc/trans.gif?8f13507f566234aa18900ee01200968a | |
https://logincdn.msauth.net/16.000/js/MeControl_tfp5xc9B9RRsZ_q18BJrBA2.js | |
https://login.windows.net | |
https://www.heise.de | |
https://%s.xboxlive.com | |
https://www.heise.de/fonts/source-sans-pro-subset/sourcesanspro-light-italic-webfont.eot? | |
https://pki.goog/repository/0 | |
http://ocsp.pki.goog/gsr202 | |
https://contextual.media.net/medianet.php?cid=8CU157172&crid=858412214&size=306x271&https=1 | |
http://pki.goog/gsr2/GTS1O1.crt0 | |
https://www.heise.de/icons/ho/heise_online_lupe.pngs | |
http://ocsp.pki.goog/gts1o10 | |
https://gzhls.at/i/44 | |
http://crl.pki.goog/GTS1O1.crl0 |
Name | File Type | Hashes | Detection |
---|---|---|---|
C:\Users\user\AppData\Roaming\Yxvyca\dyho.exe |
MS-DOS executable | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\ActionCenterCache\windows-systemtoast-securityandmaintenance_13_0.png |
PNG image data, 306 x 306, 8-bit/color RGBA, non-interlaced | # | |
C:\Users\user\AppData\Roaming\tor\cached-certs.tmp |
ASCII text, with CRLF line terminators | # | |
Click to see the 5 hidden entries | |||
C:\Users\user\AppData\Roaming\tor\cached-microdesc-consensus.tmp |
ASCII text, with very long lines, with CRLF line terminators | # | |
C:\Users\user\AppData\Roaming\tor\cached-microdescs.new |
ASCII text, with very long lines | # | |
C:\Users\user\AppData\Roaming\tor\state.tmp |
ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Roaming\tor\unverified-microdesc-consensus.tmp |
ASCII text, with very long lines, with CRLF line terminators | # | |
\Device\ConDrv |
ASCII text, with CRLF line terminators | # |