wsv.exe
| Engine | Download Report | Detection | Info |
|---|---|---|---|
|
malicious
|
||
|
malicious
Score: 100
|
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
|
| IP | Country | Detection |
|---|---|---|
| 185.94.252.13 | Germany |  |
| 73.116.193.136 | United States |  |
| 88.217.172.65 | Germany | |
| Name | IP | Detection |
|---|---|---|
| asf-ris-prod-neurope.northeurope.cloudapp.azure.com | 168.63.67.155 | |
| g.msn.com | 0.0.0.0 | |
| Name | Detection |
|---|---|
| https://185.94.252.13:443/cbFAILj1fel9qD/GaWj/ZtIO7gdFlsEu/ | |
| https://185.94.252.13:443/dUd9VoE/KXCz/inSOG7lfzP/0YA1V3MRD2uRG/ | |
| https://185.94.252.13:443/HLeSUGHcob/ | |
| Click to see the 55 hidden entries | |
| https://185.94.252.13:443/6Sgqs/QyjA6nJJgROss9B/KRMsTzVFsGvSOg8E3fH/vsamtZPnrf15O/RNYwxDtl6nK/tsKZhfw48gQ06utQE4/ | |
| https://185.94.252.13:443/vPBNJklEkPhL78/WUQTwqG9/DPUApmhyxhnu1Q/RA6CBIRRRf/yjv6NA/ | |
| https://185.94.252.13:443/gl922dc5vE/k7Fuici5Fhp59sPv/7eGV9W5alWx8E/ | |
| https://185.94.252.13:443/a26I1n/cv4NSDfPWdQrQo/5q7HfiZVTVc5TPi/ | |
| https://185.94.252.13:443/Xhtq/6iUDcx/GrHhOO/ | |
| https://ecn.dev.virtualearth.net/mapcontrol/mapconfiguration.ashx?name=native&v= | |
| https://dynamic.api.tiles.ditu.live.com/odvs/gd?pv=1&r= | |
| https://dev.virtualearth.net/REST/v1/Routes/ | |
| https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gdi?pv=1&r= | |
| https://dev.virtualearth.net/webservices/v1/LoggingService/LoggingService.svc/Log? | |
| https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gd?pv=1&r= | |
| http://185.94.252.13:443/cbFAILj1fel9qD/GaWj/ZtIO7gdFlsEu/ | |
| https://88.217.172.65:443/tcJHCSk1CSGeqt/Mhd9DF4XnZl7bga/vr8M1sLHi2h/ | |
| http://www.laplink.com/products/filemover/ | |
| https://dev.ditu.live.com/mapcontrol/mapconfiguration.ashx?name=native&v= | |
| https://dev.virtualearth.net/REST/v1/Locations | |
| https://dev.ditu.live.com/REST/v1/Locations | |
| https://t0.ssl.ak.tiles.virtualearth.net/tiles/gen | |
| http://185.94.252.13:443/cbFAILj1fel9qD/GaWj/ZtIO7gdFlsEu/0uH | |
| https://dev.virtualearth.net/mapcontrol/logging.ashx | |
| https://dynamic.api.tiles.ditu.live.com/odvs/gdv?pv=1&r= | |
| https://dynamic.t0.tiles.ditu.live.com/comp/gen.ashx | |
| http://www.laplink.com/llgold/ | |
| https://dynamic.api.tiles.ditu.live.com/odvs/gdi?pv=1&r= | |
| http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous. | |
| http://185.94.252.13/HLeSUGHcob/ | |
| http://88.217.172.65/tcJHCSk1CSGeqt/Mhd9DF4XnZl7bga/vr8M1sLHi2h/ | |
| https://dynamic.t | |
| https://dev.virtualearth.net/REST/v1/Routes/Transit | |
| https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gri?pv=1&r= | |
| https://dev.virtualearth.net/REST/v1/Routes/Driving | |
| https://t0.ssl.ak.dynamic.tiles.virtualearth.net/comp/gen.ashx | |
| https://t0.tiles.ditu.live.com/tiles/gen | |
| https://dev.virtualearth.net/REST/v1/Routes/Walking | |
| http://88.217.172.65:443/tcJHCSk1CSGeqt/Mhd9DF4XnZl7bga/vr8M1sLHi2h/9 | |
| http://www.laplink.com/pcmover/ | |
| http://185.94.252.13/6Sgqs/QyjA6nJJgROss9B/KRMsTzVFsGvSOg8E3fH/vsamtZPnrf15O/RNYwxDtl6nK/tsKZhfw48gQ | |
| http://www.nirsoft.net | |
| https://dev.virtualearth.net/mapcontrol/HumanScaleServices/GetBubbles.ashx?n= | |
| http://185.94.252.13:443/gl922dc5vE/k7Fuici5Fhp59sPv/7eGV9W5alWx8E/ | |
| https://dev.ditu.live.com/mapcontrol/logging.ashx | |
| https://dev.ditu.live.com/REST/v1/Imagery/Copyright/ | |
| http://www.laplink.com/pcsync | |
| http://185.94.252.13:443/HLeSUGHcob/ | |
| https://dev.virtualearth.net/REST/v1/Transit/Schedules/ | |
| http://88.217.172.65:443/tcJHCSk1CSGeqt/Mhd9DF4XnZl7bga/vr8M1sLHi2h/ | |
| http://www.laplink.com | |
| https://login.yahoo.com/config/login | |
| https://appexmapsappupdate.blob.core.windows.net | |
| http://www.nirsoft.net/ | |
| http://www.bingmapsportal.com | |
| https://ecn.dev.virtualearth.net/REST/v1/Imagery/Copyright/ | |
| http://88.217.172.65:443/tcJHCSk1CSGeqt/Mhd9DF4XnZl7bga/vr8M1sLHi2h/e | |
| https://dev.ditu.live.com/REST/v1/Routes/ | |
| https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gdv?pv=1&r= | |
| Name | File Type | Hashes | Detection |
|---|---|---|---|
C:\Users\user\AppData\Local\Temp\1399.tmp |
ASCII text, with CRLF line terminators | # | |
C:\Windows\SysWOW64\MCRecvSrc\PackagedCWALauncheroe.exe |
PE32+ executable (console) x86-64, for MS Windows | # | |
C:\Windows\SysWOW64\MCRecvSrc\PackagedCWALauncherom.exe |
PE32+ executable (console) x86-64, for MS Windows | # | |
| Click to see the 12 hidden entries | |||
C:\Windows\SysWOW64\MCRecvSrc\ieapfltra75.exe |
PE32 executable (GUI) Intel 80386, for MS Windows | # | |
C:\ProgramData\Microsoft\Network\Downloader\edb.log |
data | # | |
C:\ProgramData\Microsoft\Network\Downloader\qmgr.db |
Extensible storage engine DataBase, version 0x620, checksum 0xdd98f9fc, page size 16384, DirtyShutdown, Windows version 10.0 | # | |
C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm |
data | # | |
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_PackagedCWALaunc_de7152f123f4355d28a9ffffcfe8879a1758e_4ccf034b_18564f39\Report.wer |
Little-endian UTF-16 Unicode text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WER2BB3.tmp.dmp |
Mini DuMP crash report, 14 streams, Sat Aug 1 07:09:44 2020, 0x1205a4 type | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WER3D77.tmp.WERInternalMetadata.xml |
XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WER4045.tmp.csv |
data | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WER4066.tmp.xml |
XML 1.0 document, ASCII text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WER449B.tmp.txt |
data | # | |
C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp |
ASCII text, with no line terminators | # | |
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\MpCmdRun.log |
data | # | |
