Engine | Download Report | Detection | Info |
---|---|---|---|
|
malicious
Score: 100
|
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
|
IP | Country | Detection |
---|---|---|
184.73.222.237 | United States | |
23.21.203.116 | United States | |
54.235.182.194 | United States | |
Click to see the 1 hidden entries | ||
198.54.122.60 | United States |
Name | IP | Detection |
---|---|---|
elb097307-934924932.us-east-1.elb.amazonaws.com | 23.21.203.116 | |
mail.privateemail.com | 198.54.122.60 | |
g.msn.com | 0.0.0.0 | |
Click to see the 1 hidden entries | ||
api.ipify.org | 0.0.0.0 |
Name | Detection |
---|---|
https://www.youtube.com/watch?v=Qxk6cu21JSg | |
http://api.ipify.org | |
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name | |
Click to see the 14 hidden entries | |
http://mail.privateemail.com | |
http://crt.sectigo.com/Secti | |
http://api.ipify.orgH | |
http://api.ipify8 | |
http://elb097307-934924932.us-east-1.elb.amazonaws.com | |
http://api.ipify.org4 | |
http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt0# | |
http://api.ipify.org/p | |
http://api.ipify.org/ | |
http://ocsp.sectigo.com0 | |
https://sectigo.com/CPS0 | |
http://api.ipify.orgD | |
http://www.codeplex.com/DotNetZip. | |
http://api.ipify.org/P8 |
Name | File Type | Hashes | Detection |
---|---|---|---|
C:\Users\user\AppData\Local\Temp\EF6DEE558C\Log.txt |
ASCII text, with CRLF, LF line terminators | # | |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\web.vbs |
ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Roaming\appdata\hfsjrifske.exe |
PE32 executable (GUI) Intel 80386, for MS Windows | # | |
Click to see the 11 hidden entries | |||
C:\Users\user\AppData\Roaming\appdata\hfsjrifske.exe:Zone.Identifier |
ASCII text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_hfsjrifske.exe_24fa8d93116921525e11f2eaeef683e94e880a9_90f4a7d5_0c52a857\Report.wer |
Little-endian UTF-16 Unicode text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WER7021.tmp.dmp |
Mini DuMP crash report, 15 streams, Sat Aug 1 03:27:42 2020, 0x1205a4 type | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WER888C.tmp.WERInternalMetadata.xml |
XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WER8C36.tmp.xml |
XML 1.0 document, ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\hfsjrifske.exe.log |
ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Temp\EF6DEE558C\DotNetZip-3rvexftl.tmp |
Zip archive data, at least v2.0 to extract | # | |
C:\Users\user\AppData\Local\Temp\EF6DEE558C\DotNetZip-wxyhh00t.tmp |
Zip archive data, at least v2.0 to extract | # | |
C:\Users\user\AppData\Local\Temp\EF6DEE558C\DotNetZip-y3khqfwg.tmp |
Zip archive data, at least v2.0 to extract | # | |
C:\Users\user\AppData\Local\Temp\EF6DEE558C\Screenshot.jpeg |
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1280x1024, frames 3 | # | |
C:\Users\user\AppData\Roaming\appdata\hfsjrifske.exe:ZoneIdentifier |
empty | # |