KDd1WiIcm0vG.exe
| Engine | Download Report | Detection | Info |
|---|---|---|---|
|
malicious
|
||
|
malicious
Score: 100
|
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
|
| IP | Country | Detection |
|---|---|---|
| 73.116.193.136 | United States |  |
| 185.94.252.13 | Germany | |
| 88.217.172.65 | Germany |  |
| Name | IP | Detection |
|---|---|---|
| asf-ris-prod-neurope.northeurope.cloudapp.azure.com | 168.63.67.155 | |
| g.msn.com | 0.0.0.0 | |
| Name | Detection |
|---|---|
| https://185.94.252.13:443/XTzK/rsO2FRKvm/9aLrIeBnV7Chm1dq/ | |
| https://185.94.252.13:443/hrujLPNz6/kUoQuG2xJ/XDSOTW9LmbLJG5FQv1/uJnvPxZa2ibOpCU/m11GLs/nuaxLfLf8rqjKs/ | |
| https://185.94.252.13:443/3VVHlIIbWoldvTl/vVGD7yJ4/ | |
| Click to see the 61 hidden entries | |
| https://185.94.252.13:443/Ycf2JT88NvQdYbk/ny1qw/CA8hFv/8eO6dVRd5Yem/Nsb1aVAonHDXefb/6w51z9CdBc4i/ | |
| https://185.94.252.13:443/Ykty2Lhcx10/Nsv4IVrD/ | |
| https://185.94.252.13:443/Y4MPkhZh6a0q2ODj/ | |
| https://185.94.252.13:443/yS4s1iVaEVbn/hHdLRxA8/bTCeCtLsDp/ | |
| https://ecn.dev.virtualearth.net/mapcontrol/mapconfiguration.ashx?name=native&v= | |
| http://185.94.252.13:443/yS4s1iVaEVbn/hHdLRxA8/bTCeCtLsDp/g | |
| http://www.laplink.com/llgold/ | |
| http://185.94.252.13:443/Ycf2JT88NvQdYbk/ny1qw/CA8hFv/8eO6dVRd5Yem/Nsb1aVAonHDXefb/6w51z9CdBc4i/q | |
| http://ctldl.windowsup43/0N1giJrtZ4/hKsaZ61rlevHQKv/C3yvi4EP/Zu6a/GWsg8LcEOaW0SP/ | |
| https://dev.virtualearth.net/mapcontrol/logging.ashx | |
| http://185.94.252.13:443/Ycf2JT88NvQ | |
| https://dev.virtualearth.net/REST/v1/Locations | |
| https://dev.ditu.live.com/mapcontrol/mapconfiguration.ashx?name=native&v= | |
| https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gd?pv=1&r= | |
| https://dev.virtualearth.net/webservices/v1/LoggingService/LoggingService.svc/Log? | |
| https://dev.virtualearth.net/REST/v1/Routes/ | |
| https://dynamic.api.tiles.ditu.live.com/odvs/gdi?pv=1&r= | |
| http://185.94.252.13:443/Ycf2JT88NvQdYbk/ny1qw/CA8hFv/8eO6dV- | |
| https://dynamic.t | |
| http://73.116.193.136/X9BAhrvuFRFyF/gSfcje0hNOhwF/b | |
| http://88.217.172.65:443/0N1giJrtZ4/hKsaZ61rlevHQKv/C3yvi4EP | |
| http://73.116.193.136/X9BAhrvuFRFyF/gSfcje0hNOhwF/ | |
| https://dev.virtualearth.net/REST/v1/Routes/Transit | |
| https://t0.ssl.ak.tiles.virtualearth.net/tiles/gen | |
| http://185.94.252.13:443/Ycf2JT88NvQdYbk/ny1qw/CA8hFv/8eO6dVRd5Yem/Nsb1aVAonHDXefb/6w51z9CdBc4i/ | |
| http://185.94.252.13:443/yS4s1iVaEVbn/hHdLRxA8/bTCeCtLsDp/ndows | |
| https://dynamic.api.tiles.ditu.live.com/odvs/gdv?pv=1&r= | |
| https://88.217.172.65:443/0N1giJrtZ4/hKsaZ61rlevHQKv/C3yvi4EP/Zu6a/GWsg8LcEOaW0SP/ | |
| https://dev.ditu.live.com/REST/v1/Locations | |
| http://www.laplink.com/products/filemover/ | |
| https://dynamic.api.tiles.ditu.live.com/odvs/gd?pv=1&r= | |
| https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gri?pv=1&r= | |
| http://185.94.252.13:443/yS4s1iVaEVbn/hHdLRxA8/bTCeCtLsDp/ | |
| http://88.217.172.65:443/0N1giJrtZ4/hKsaZ61rlevHQKv/C3yvi4EP/Zu6a/GWsg8LcEOaW0SP/ | |
| https://dev.ditu.live.com/REST/v1/Routes/ | |
| http://88.217.172.65:443/0N1giJrtZ4/hKsaZ61rlevHQKv/C3yvi4EP/Zu6a/GWsg8LcEOaW0SP/plication/octet-str | |
| https://dev.virtualearth.net/REST/v1/Routes/Driving | |
| https://t0.ssl.ak.dynamic.tiles.virtualearth.net/comp/gen.ashx | |
| https://t0.tiles.ditu.live.com/tiles/gen | |
| https://dev.virtualearth.net/REST/v1/Routes/Walking | |
| http://www.laplink.com/pcmover/ | |
| http://www.nirsoft.net | |
| http://185.94.252.13:443/Ycf2JT88NvQdYbk/ny1qw/CA8hFv/8eO6dVRd5Yem/Nsb1aVAonHDXefb/6 | |
| https://dev.virtualearth.net/mapcontrol/HumanScaleServices/GetBubbles.ashx?n= | |
| https://dev.ditu.live.com/mapcontrol/logging.ashx | |
| https://dev.ditu.live.com/REST/v1/Imagery/Copyright/ | |
| https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gdi?pv=1&r= | |
| https://dev.virtualearth.net/REST/v1/Transit/Schedules/ | |
| http://185.94.252.13:443/3VVHlIIbWoldvTl/vVGD7yJ4/ | |
| http://www.laplink.com | |
| https://login.yahoo.com/config/login | |
| https://appexmapsappupdate.blob.core.windows.net | |
| http://www.bingmapsportal.comsv | |
| http://www.nirsoft.net/ | |
| http://88.217.172.65:443/0N1giJrtZ4/hKsaZ61rlevHQKv/C3yvi4EP/Zu6a/GWsg8LcEOaW0SP/13 | |
| https://ecn.dev.virtualearth.net/REST/v1/Imagery/Copyright/ | |
| https://dynamic.t0.tiles.ditu.live.com/comp/gen.ashx | |
| http://185.94.252.13/yS4s1iVaEVbn/hHdLRxA8/bTCeCtLsDp/ | |
| https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gdv?pv=1&r= | |
| http://www.laplink.com/pcsync | |
| http://185.94.252.13/Ykty2Lhcx10/Nsv4IVrD/ | |
| Name | File Type | Hashes | Detection |
|---|---|---|---|
C:\Users\user\AppData\Local\Temp\BB79.tmp |
ASCII text, with CRLF line terminators | # | |
C:\Windows\SysWOW64\dsauth\ErrorDetailsa75.exe |
PE32 executable (GUI) Intel 80386, for MS Windows | # | |
C:\Windows\SysWOW64\dsauth\winskuoe.exe |
PE32+ executable (console) x86-64, for MS Windows | # | |
| Click to see the 8 hidden entries | |||
C:\Windows\SysWOW64\dsauth\winskuom.exe |
PE32+ executable (console) x86-64, for MS Windows | # | |
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_winsku.exe_b6db92a869c0a311a2ae3979f928e24a311ee0e0_b4db5e45_019feebc\Report.wer |
Little-endian UTF-16 Unicode text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WERCCFC.tmp.dmp |
Mini DuMP crash report, 14 streams, Sat Aug 1 07:08:20 2020, 0x1205a4 type | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WERD624.tmp.WERInternalMetadata.xml |
XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WERD8E5.tmp.xml |
XML 1.0 document, ASCII text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WERD8F2.tmp.csv |
data | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WERDC10.tmp.txt |
data | # | |
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\MpCmdRun.log |
data | # | |
