ScanIMG0001-PDF.exe
| Engine | Download Report | Detection | Info |
|---|---|---|---|
|
malicious
Score: 100
|
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
|
| IP | Country | Detection |
|---|---|---|
| 79.134.225.12 | Switzerland |  |
| 162.159.129.233 | United States | |
| 162.159.133.233 | United States | |
| Name | IP | Detection |
|---|---|---|
| cdn.discordapp.com | 162.159.133.233 | |
| g.msn.com | 0.0.0.0 | |
| Name | Detection |
|---|---|
| https://cdn.discorda | |
| https://cdn.discordapp.com/attachments/737403946351460456/738608660070268948/Alllbwl | |
| https://cdn.discordapp.com/a | |
| Click to see the 2 hidden entries | |
| https://cdn.discordapp.cD | |
| https://cdn.discx | |
| Name | File Type | Hashes | Detection |
|---|---|---|---|
C:\Users\Public\Natso.bat |
ASCII text, with CRLF line terminators | # |  |
C:\Users\user\AppData\Local\Abwlsec.exe |
PE32 executable (GUI) Intel 80386, for MS Windows | # | |
C:\Users\Public\cde.bat |
ASCII text, with CRLF line terminators | # | |
| Click to see the 6 hidden entries | |||
C:\Users\Public\x.bat |
ASCII text, with CRLF line terminators | # | |
C:\Users\Public\x.vbs |
ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Abwl.url |
MS Windows 95 Internet shortcut text (URL=<file:\\\C:\\Users\\user\\AppData\\Local\\Abwlsec.exe>), ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\Alllbwl[1] |
ASCII text, with very long lines, with no line terminators | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\Alllbwl[1] |
ASCII text, with very long lines, with no line terminators | # | |
C:\Users\user\AppData\Roaming\gate\logs.dat |
data | # | |
