Engine | Download Report | Detection | Info |
---|---|---|---|
|
malicious
Score: 100
|
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
|
IP | Country | Detection |
---|---|---|
44.233.140.104 | United States |
Name | IP | Detection |
---|---|---|
fbs.prod.spn.a1q7.net | 44.233.140.104 | |
housecall8.icrc.trendmicro.com | 0.0.0.0 | |
housecall800-en.fbs20.trendmicro.com | 0.0.0.0 | |
Click to see the 2 hidden entries | ||
housecall-ctp-p.activeupdate.trendmicro.com | 0.0.0.0 | |
go.trendmicro.com | 0.0.0.0 |
Name | Detection |
---|---|
https://esupport.trendmicro.com/en-us/home/pages/technical-support/1119825.aspxAq | |
http://www.ceneo.pl/favicon.ico | |
http://it.search.yahoo.com/ | |
Click to see the 97 hidden entries | |
http://www.tiscali.it/favicon.ico | |
http://www.cdiscount.com/ | |
http://www.news.com.au/favicon.ico | |
http://service2.bfast.com/ | |
HTTP://QUN.QQ.COM/CGI/SVD | |
http://www.redirserver.com/update4.cfm?tid=&cn_id= | |
http://www.coolshow8.com/mscps.pdfE | |
http://www.target.com/ | |
http://auto.search.msn.com/response.asp?MT= | |
http://busca.orange.es/ | |
http://www.servicios.clarin.com/ | |
https://www.trendmicro.com/en_us/about/legal/privacy-policy-product.htmlYVD | |
http://www.soso.com/ | |
http://cl.chnsystemG | |
http://91.207.116.44/FZ | |
http://www.hardcoreporn.com/ | |
http://www.netgy.com/cpG | |
http://web.manazery.cz/modules/inflos.phpF | |
http://search.yahoo.co.jp/favicon.ico | |
http://www.rambler.ru/favicon.ico | |
http://crl.affirmtrust.com/crl/AffirmTrustCommercial.crlditoryath/ | |
http://www.pchome.com.tw/favicon.ico | |
http://www.cnet.com/favicon.ico | |
http://crl4.digicerF | |
http://www.orange.fr/ | |
http://www.auction.co.kr/auction.ico | |
http://www.univision.com/favicon.ico | |
http://yEr.jpg | |
http://taobao.ttver.netg | |
https://esupport.trendmicro.com/en-us/home/index.aspx | |
http://search.gismeteo.ru/ | |
http://saveimage.pw/ | |
http://www.amazon.co.uk/ | |
https://www.affirmtrust.com/repository0I | |
http://www.linternaute.com/favicon.ico | |
https://housecall8.icrc.trendmicro.com/ss/ | |
http://ie.search.yahoo.com/os?command= | |
http://www.etmall.com.tw/ | |
HTTP://IETAB.CO.KR/?ID=%S | |
HTTP://%S/.SYSTb | |
http://www.taobao.com/favicon.ico | |
http://list.taobao.com/ | |
http://%u.%u.%u.%u:81/s.txtF | |
https://housecall800-en.fbs20.trendmicro.com:443/2.5/fb_blobSID=HouseCall_001 | |
http://www.kkbox.com.tw/ | |
https://housecall8.icrc.trendmicro.com/ss/u/?OldBF=1100000000&NewBF=204100190019003 | |
http://search.daum.net/favicon.ico | |
http://infecteds.zapto.org/ | |
http://msk.afisha.ru/ | |
http://treestompertime.net/mirinda/E | |
http://housecall-ctp-p.activeupdate.trendmicro.com/activeupdate/engine/engv_x64dll_v12000-1008.zipC: | |
http://www.55l.com/debug | |
http://img-save.xyz/ | |
https://github.com/supreF | |
http://serverbenc.dominiotemporario.com/tomada20.exeT | |
http://housecall-ctp-p.activeupdate.trendmicro.com/activeupdate/pattern/tscptn.zip | |
HTTP://WWW.FS43.COM:777/MYUNBOUNDMB.UIB | |
http://patch.dn.sdo.com/sndalist/sndalist_new.xmlE | |
http://in.search.yahoo.com/ | |
http://66.90.73.4/?gv=666165658560678160846655146D383C3CFC3E5F55 | |
http://busca.igbusca.com.br//app/static/images/favicon.ico | |
HTTP://WWW.FLOODAD.COM/WEB/DOWNLOAD/ | |
http://hi.baidu.com/13240912/blog/item/6fb8f23f06b529d0d46225f1.html | |
http://housecall-ctp-p.activeupdate.trendmicro.com:80/activeupdate/pattern/tmwlchk_177300.zipipN | |
http://housecall-ctp-p.activeupdate.trendmicro.com:80/activeupdate/pattern/tscptn.zip | |
http://crl.affirmtrust.com/crl/aftov1ca.crlz | |
HTTP://AA.INTO4.INFO/022 | |
http://housecall-ctp-p.activeupdate.trendmicro.com/activeupdate/pattern/icrc/ioth1611900.sig | |
http://%s/check/checkin.php?cid=%d&aid=%d&time=E | |
https://wwwss.bradesco.com.br/scripts/ib2k1.dll/ | |
http://www.dailymail.co.uk/ | |
http://www.merlin.com.pl/favicon.ico | |
http://housecall-ctp-p.activeupdate.trendmicro.com/activeupdate/pattern/tmwlchk_177300.zipzip | |
http://www.symauth.com/rpa00 | |
http://www.opensource.org/licenses/mit-license.php) | |
http://search.auction.co.kr/ | |
http://ocsp.affirmtrust.com | |
http://changeman.net.cn/ | |
http://www.google.it/ | |
http://merlin.xlphp.net/login.php?use=G | |
http://www.ask.com/ | |
http://www.google.ch/ | |
HTTP://WWW.D | |
http://%s/%d/checkin.php?cid=%d&ai | |
http://buscar.ozu.es/ | |
http://search.chol.com/favicon.ico | |
http://crl.affirmtrust.com/crl/aftov1ca.crl0 | |
http://www.%s/w.php?id=E | |
http://cgi.search.biglobe.ne.jp/favicon.ico | |
http://cloudfront.fullpcF | |
http://it.search.dada.net/favicon.ico | |
HTTP://WWW.1 | |
http://www.etmall.com.tw/favicon.ico | |
http://www.ya.com/favicon.ico | |
HTTP://WWW.61RR.COM/DOWN/G | |
http://www.niudoudou.com/web/download/http://w | |
http://www.114116.infoG |
Name | File Type | Hashes | Detection |
---|---|---|---|
C:\Users\user\AppData\Local\Temp\7zS035D8221\AU\AU_Data\AU_Temp\5504_5628\AU_Down\engine\engv_x64dll_v12000-1008.zip |
Zip archive data, at least v2.0 to extract | # | |
C:\Users\user\AppData\Local\Temp\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\engv_x64dll_v12000-1008.zip |
Zip archive data, at least v2.0 to extract | # | |
C:\Users\user\AppData\Local\Temp\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\ioth1611900.zip |
Zip archive data, at least v2.0 to extract | # | |
Click to see the 97 hidden entries | |||
C:\Users\user\AppData\Local\Temp\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\dce-dll-mssign-x64-v75-1035.zip |
Zip archive data, at least v2.0 to extract | # | |
C:\Users\user\AppData\Local\Temp\HouseCall\HouseCallX_x64\README.txt |
ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Temp\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\tscptn.zip |
Zip archive data, at least v2.0 to extract | # | |
C:\Users\user\AppData\Local\Temp\7zS035D8221\AU\AU_Data\AU_Temp\5504_5628\AU_Down\pattern\tscptn.zip |
Zip archive data, at least v2.0 to extract | # | |
C:\Users\user\AppData\Local\Temp\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\HCClean_113701.zip |
Zip archive data, at least v2.0 to extract | # | |
C:\Users\user\AppData\Local\Temp\7zS035D8221\AU\AU_Data\AU_Temp\5504_5628\AU_Down\pattern\icrc\ioth1611900.zip |
Zip archive data, at least v2.0 to extract | # | |
C:\Users\user\AppData\Local\Temp\7zS035D8221\AU\AU_Data\AU_Temp\5504_5628\AU_Down\pattern\HCClean_113701.zip |
Zip archive data, at least v2.0 to extract | # | |
C:\Users\user\AppData\Local\Temp\7zS035D8221\AU\AU_Data\AU_Temp\5504_5628\AU_Down\engine\dce-dll-mssign-x64-v75-1035.zip |
Zip archive data, at least v2.0 to extract | # | |
C:\Users\user\AppData\Local\Temp\7zS035D8221\AU\AU_Data\AU_Temp\5504_5628\3\2048\tsc.ptn |
data | # | |
C:\Users\user\AppData\Local\Temp\7zS035D8221\AU\AU_Data\AU_Temp\5504_5628\3\1208221744\HCClean.ptn |
data | # | |
C:\Users\user\AppData\Local\Temp\7zS035D8221\AU\AU_Data\AU_Temp\5504_5628\3\1082130432\tmwlchk.ptn |
data | # | |
C:\Users\user\AppData\Local\Temp\7zS035D8221\Setup.exe |
PE32+ executable (GUI) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\HCBackup\temp_bf_1100000000_2041001900_1595565301 |
data | # | |
C:\Users\user\AppData\Local\Temp\HouseCall\HouseCallX_x64\MustFBExts.conf |
ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Temp\HouseCall\HouseCallX_x64\tmblack.233 |
data | # | |
C:\Users\user\AppData\Local\Temp\HouseCall\HouseCallX_x64\tmfbeng.dll |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\HouseCall\HouseCallX_x64\patterns\tmwlchk.ptn |
data | # | |
C:\Users\user\AppData\Local\Temp\HouseCall\HouseCallX_x64\tmwlutil.dll |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\HouseCall\HouseCallX_x64\patterns\tml00001.ptn |
data | # | |
C:\Users\user\AppData\Local\Temp\HouseCall\HouseCallX_x64\trendx.112 |
data | # | |
C:\Users\user\AppData\Local\Temp\HouseCall\HouseCallX_x64\housecall810_SHA2.cert |
data | # | |
C:\Users\user\AppData\Local\Temp\HouseCall\HouseCallX_x64\curl-ca-bundle.crt |
UTF-8 Unicode text, with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Temp\HouseCall\HouseCallX_x64\atse64.dll |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\HouseCall\HouseCallX_x64\ScanPaths.conf |
ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Temp\HouseCall\HouseCallX_x64\trxhandler_log.ini |
ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Temp\HouseCall\HouseCallX_x64\HouseCallX.exe |
PE32+ executable (console) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\HouseCall\HomeDeviceGuard_Downloader.exe |
PE32 executable (GUI) Intel 80386, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\HouseCall\Config.xml |
Non-ISO extended-ASCII text, with very long lines, with NEL line terminators | # | |
C:\Users\user\AppData\Local\Temp\HouseCall\BPMNT.dll |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\HouseCall\AU_Backup\AuBackup.ini |
ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Temp\HCLauncher.log |
ASCII text | # | |
C:\Users\user\AppData\Local\Temp\HouseCall\Tmcomm.inf |
Windows setup INFormation, ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Temp\7zS035D8221\AU\AU_Data\AU_Log\TmuDump.txt |
ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Temp\HouseCall\interface\css\container.css |
ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Temp\HouseCall\interface\css\buttons.css |
ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Temp\HouseCall\housecall800.cert |
data | # | |
C:\Users\user\AppData\Local\Temp\HouseCall\housecall.xml |
XML 1.0 document, ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Temp\HouseCall\housecall.bin |
PE32+ executable (GUI) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\HouseCall\hcversion64.xml |
ASCII text | # | |
C:\Users\user\AppData\Local\Temp\HouseCall\hc_core.dll |
PE32+ executable (DLL) (console) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\HouseCall\dbghelp.dll |
PE32+ executable (DLL) (console) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\HouseCall\curl-ca-bundle.crt |
UTF-8 Unicode text, with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Temp\HouseCall\Tmcomm.sys |
PE32+ executable (native) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\HouseCall\HouseCallX_x64\trendxl.102 |
data | # | |
C:\Users\user\AppData\Local\Temp\HouseCall\TmEngDrv.dll |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\HouseCall\TSC.INI |
ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Temp\HouseCall\TMEBC64.sys |
PE32+ executable (native) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\HouseCall\TMEBC.inf |
Windows setup INFormation, ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Temp\HouseCall\LinkRule.xml |
XML 1.0 document, ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Temp\HouseCall\License.txt |
ISO-8859 text, with very long lines, with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Temp\HouseCall\LanguageMap.xml |
exported SGML document, ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Temp\HouseCall\ICRCHdler.dll |
PE32+ executable (DLL) (console) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\HouseCall\interface\css\datatable.css |
ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Temp\HouseCall\HouseCallX_x64\trxhandler.dll |
PE32+ executable (DLL) (console) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\HouseCall\HouseCallX_x64\trendxv.103 |
data | # | |
C:\Users\user\AppData\Local\Temp\7zS035D8221\AU\AU_Data\AU_Temp\5504_5628\ini_xml.zip |
Zip archive data, at least v2.0 to extract | # | |
C:\Users\user\AppData\Local\Temp\7zS035D8221\AU\x500.db |
data | # | |
C:\Users\user\AppData\Local\Temp\7zS035D8221\AU\patchw64.dll |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\7zS035D8221\AU\patch64.exe |
PE32+ executable (console) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\7zS035D8221\AU\ciussi64.dll |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\7zS035D8221\AU\ciuas64.dll |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\7zS035D8221\AU\cert5.db |
data | # | |
C:\Users\user\AppData\Local\Temp\7zS035D8221\AU\aucfg.ini |
ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Temp\7zS035D8221\AU\TmUpdate64.dll |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\7zS035D8221\AU\GetServer.ini |
ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Temp\7zS035D8221\AU\AU_Data\AU_Temp\5504_5628\server.ini |
ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Temp\7zS035D8221\DLConfig.xml |
Non-ISO extended-ASCII text, with very long lines, with no line terminators | # | |
C:\Users\user\AppData\Local\Temp\7zS035D8221\AU\AU_Data\AU_Temp\5504_5628\AuResult.ini |
ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Temp\7zS035D8221\AU\AU_Data\AU_Temp\5504_5628\AuPatch.ini |
ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Temp\7zS035D8221\AU\AU_Data\AU_Temp\5504_5628\AU_Down\pattern\tmwlchk_177300.zip |
Zip archive data, at least v2.0 to extract | # | |
C:\Users\user\AppData\Local\Temp\7zS035D8221\AU\AU_Data\AU_Temp\5504_5628\3\1208221744\ptn$agg.999 |
data | # | |
C:\Users\user\AppData\Local\Temp\7zS035D8221\AU\AU_Data\AU_Temp\5504_5628\3\1208090624\icrc$oth.119 |
data | # | |
C:\Users\user\AppData\Local\Temp\7zS035D8221\AU\AU_Data\AU_Temp\5504_5628\3\1082130432\tmwlchk.cat |
data | # | |
C:\Users\user\AppData\Local\Temp\7zS035D8221\AU\AU_Data\AU_Temp\5504_5628\2\536871168\vsapi64.dll |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\7zS035D8221\AU\AU_Data\AU_Temp\5504_5628\2\536871168\BPMNT.dll |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\7zS035D8221\AU\AU_Data\AU_Temp\5504_5628\2\1073872896\tscdll64.dll |
PE32+ executable (DLL) (console) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\engv_x64dll_v12000-1008.zip.etag |
ASCII text | # | |
C:\Users\user\AppData\Local\Temp\HCBackup\temp_bf_1100000000_2041001900_1595565301.len |
ASCII text, with no line terminators | # | |
C:\Users\user\AppData\Local\Temp\HCBackup\patchretry.dat |
ASCII text, with no line terminators | # | |
C:\Users\user\AppData\Local\Temp\HCBackup\hcversion64.xml.tmp |
ASCII text | # | |
C:\Users\user\AppData\Local\Temp\HCBackup\hcpackage64.exe.tmp |
PE32 executable (console) Intel 80386, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\tscptn.zip.etag |
ASCII text | # | |
C:\Users\user\AppData\Local\Temp\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\tmwlchk_177300.zip.etag |
ASCII text | # | |
C:\Users\user\AppData\Local\Temp\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\tmwlchk_177300.zip |
Zip archive data, at least v2.0 to extract | # | |
C:\Users\user\AppData\Local\Temp\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\ioth1611900.zip.etag |
ASCII text | # | |
C:\Users\user\AppData\Local\Temp\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\ini_xml.zip.etag |
ASCII text | # | |
C:\Users\user\AppData\Local\Temp\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\ini_xml.zip |
Zip archive data, at least v2.0 to extract | # | |
C:\Users\user\AppData\Local\Temp\HCBackup\temp_bf_1100000000_2041001900_1595565301.retry |
very short file (no magic) | # | |
C:\Users\user\AppData\Local\Temp\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\dce-dll-mssign-x64-v75-1035.zip.etag |
ASCII text | # | |
C:\Users\user\AppData\Local\Temp\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\HCClean_113701.zip.etag |
ASCII text | # | |
C:\Users\user\AppData\Local\Temp\7zS035D8221\ssleay32.dll |
PE32+ executable (DLL) (console) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\7zS035D8221\libeay32.dll |
PE32+ executable (DLL) (console) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\7zS035D8221\libcurl.dll |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\7zS035D8221\icrc_fulldwn.dat |
very short file (no magic) | # | |
C:\Users\user\AppData\Local\Temp\7zS035D8221\icrc.dat |
data | # | |
C:\Users\user\AppData\Local\Temp\7zS035D8221\dlstr.xml |
XML 1.0 document, ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Temp\7zS035D8221\HouseCall_downloader.bmp |
PC bitmap, Windows 3.x format, 500 x 171 x 24 | # |