Form - Oct 29, 2020.doc
| Engine | Download Report | Detection | Info |
|---|---|---|---|
|
malicious
|
||
|
malicious
Score: 100
|
System: Windows 7 x64 SP1 with Office 2010 SP1 (IE 11, FF52, Chrome 57, Adobe Reader DC 15, Flash 25.0.0.127, Java 8 Update 121, .NET 4.6.2)
|
| IP | Country | Detection |
|---|---|---|
| 102.182.145.130 | South Africa |  |
| 14.225.7.217 | Viet Nam | |
| Name | IP | Detection |
|---|---|---|
| tuankhoi.com | 14.225.7.217 | |
| Name | Detection |
|---|---|
| http://102.182.145.130/VVhjKmU/bBqBvFQP6besZN/swV3I7shnPl/FtETbO3hJ/XqAjL1H0yTbuRm/fQTWPcj0YCx0Z8cYcdB/ | |
| http://tuankhoi.com/wp-content/CI2oG/ | |
| Name | File Type | Hashes | Detection |
|---|---|---|---|
C:\Users\user\Gzcs8b5\Eempwrr\J3pw9s.exe |
PE32 executable (GUI) Intel 80386, for MS Windows | # |  |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{0E9A9637-30AB-4901-9D2A-3CE504568F55}.tmp |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{BE6F6891-AA40-4E61-A6A8-E94B36BC975F}.tmp |
data | # | |
| Click to see the 6 hidden entries | |||
C:\Users\user\AppData\Local\Temp\VBE\MSForms.exd |
data | # | |
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\Form - Oct 29, 2020.LNK |
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Wed Aug 26 14:08:12 2020, mtime=Wed Aug 26 14:08:12 2020, atime=Fri Oct 30 10:14:32 2020, length=246272, window=hide | # | |
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\index.dat |
ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Roaming\Microsoft\Templates\~$Normal.dotm |
data | # | |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\2D989A727A4DCF6RS4EK.temp |
data | # | |
C:\Users\user\Desktop\~$rm - Oct 29, 2020.doc |
data | # | |
