Engine | Download Report | Detection | Info |
---|---|---|---|
|
malicious
|
||
|
malicious
Score: 100
|
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
|
IP | Country | Detection |
---|---|---|
204.11.56.48 | Virgin Islands (BRITISH) | |
91.192.100.3 | Switzerland |
Name | IP | Detection |
---|---|---|
dresson1.com | 204.11.56.48 | |
asf-ris-prod-neurope.northeurope.cloudapp.azure.com | 168.63.67.155 |
Name | Detection |
---|---|
http://dresson1.com/wip-admin/js/Panel/five/fre.php | |
http://www.ibsensoftware.com/ |
Name | File Type | Hashes | Detection |
---|---|---|---|
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\SecuriteInfo.com.Trojan.MulDrop.1161.895.exe.log |
ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Temp\StartUpHost.exe |
PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\build.exe |
PE32 executable (GUI) Intel 80386, for MS Windows | # | |
Click to see the 4 hidden entries | |||
C:\Users\user\AppData\Roaming\Install\Host.exe |
PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows | # | |
C:\Users\user\AppData\Roaming\C79A3B\B52B3F.lck |
very short file (no magic) | # | |
C:\Users\user\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-3853321935-2125563209-4053062332-1002\bc49718863ee53e026d805ec372039e9_d06ed635-68f6-4e9a-955c-4899f5f57b9a |
data | # | |
C:\Windows\assembly\Desktop.ini |
Windows desktop.ini, ASCII text, with CRLF line terminators | # |