Engine | Download Report | Detection | Info |
---|---|---|---|
|
malicious
|
||
|
malicious
Score: 100
|
System: Windows 7 x64 SP1 with Office 2010 SP1 (IE 11, FF52, Chrome 57, Adobe Reader DC 15, Flash 25.0.0.127, Java 8 Update 121, .NET 4.6.2)
|
IP | Country | Detection |
---|---|---|
212.162.149.27 | Netherlands | |
162.88.193.70 | United States | |
199.101.134.84 | United States | |
Click to see the 1 hidden entries | ||
172.67.188.154 | United States |
Name | IP | Detection |
---|---|---|
wsdybsskillemmulatorsdevelovercommwsity.ydns.eu | 212.162.149.27 | |
mail.salujaford.in | 199.101.134.84 | |
freegeoip.app | 172.67.188.154 | |
Click to see the 2 hidden entries | ||
checkip.dyndns.com | 162.88.193.70 | |
checkip.dyndns.org | 0.0.0.0 |
Name | Detection |
---|---|
http://wsdybsskillemmulatorsdevelovercommwsity.ydns.eu/bssdoc/win32.exe | |
http://checkip.dyndns.org/ |
Name | File Type | Hashes | Detection |
---|---|---|---|
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\win32[1].exe |
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\tmp3B1E.tmp |
XML 1.0 document, ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Roaming\CAyutDceUUAN.exe |
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows | # | |
Click to see the 13 hidden entries | |||
C:\Users\Public\vbc.exe |
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows | # | |
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506 |
Microsoft Cabinet archive data, 58936 bytes, 1 file | # | |
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E0F5C59F9FA661F6F4C50B87FEF3A15A |
data | # | |
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506 |
data | # | |
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E0F5C59F9FA661F6F4C50B87FEF3A15A |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{08186652-BACB-4000-A5A0-0BCBA7498F21}.tmp |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{7847433B-DE8E-4300-98F0-AE5841A8170E}.tmp |
data | # | |
C:\Users\user\AppData\Local\Temp\Cab868F.tmp |
Microsoft Cabinet archive data, 58936 bytes, 1 file | # | |
C:\Users\user\AppData\Local\Temp\Tar8690.tmp |
data | # | |
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\LDoSTuNuHc.LNK |
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Wed Aug 26 14:08:12 2020, mtime=Wed Aug 26 14:08:12 2020, atime=Fri Oct 30 16:11:33 2020, length=28761, window=hide | # | |
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\index.dat |
ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Roaming\Microsoft\Templates\~$Normal.dotm |
data | # | |
C:\Users\user\Desktop\~$oSTuNuHc.rtf |
data | # |