Engine | Download Report | Detection | Info |
---|---|---|---|
|
malicious
Score: 64
|
System: Windows 7 x64 SP1 with Office 2010 SP1 (IE 11, FF52, Chrome 57, Adobe Reader DC 15, Flash 25.0.0.127, Java 8 Update 121, .NET 4.6.2)
|
|
|
malicious
Score: 48
|
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Run Condition: Potential for more IOCs and behavior
|
IP | Country | Detection |
---|---|---|
54.84.56.113 | United States | |
52.217.43.14 | United States | |
74.125.140.154 | United States | |
Click to see the 2 hidden entries | ||
45.79.137.127 | United States | |
104.16.19.94 | United States |
Name | IP | Detection |
---|---|---|
workflowy.com | 54.84.56.113 | |
us-east-1.linodeobjects.com | 45.79.137.127 | |
s3.amazonaws.com | 52.217.43.14 | |
Click to see the 10 hidden entries | ||
stats.l.doubleclick.net | 74.125.140.154 | |
cdnjs.cloudflare.com | 104.16.19.94 | |
ka-f.fontawesome.com | 0.0.0.0 | |
code.jquery.com | 0.0.0.0 | |
kit.fontawesome.com | 0.0.0.0 | |
js-agent.newrelic.com | 0.0.0.0 | |
maxcdn.bootstrapcdn.com | 0.0.0.0 | |
jamif-cdn3d.us-east-1.linodeobjects.com | 0.0.0.0 | |
bam-cell.nr-data.net | 0.0.0.0 | |
stats.g.doubleclick.net | 0.0.0.0 |
Name | Detection |
---|---|
https://jamif-cdn3d.us-east-1.linodeobjects.com/dfce06801e1a85d6d06f1fdd4475dacd.html | |
https://jamif-cdn3d.us-east-1.linodeobjects.com/dfce06801e1a85d6d06f1fdd4475dacd.html | |
https://html.spec.whatwg.org/multipage/syntax.html#attributes-2 | |
Click to see the 79 hidden entries | |
https://workflowy.com/s/this-doRoot | |
https://workflowy-east-1.linodeobjects.com/dfce06801e1a85d6d06f1fdd4475dacd.htmlRoot | |
https://promisesaplus.com/#point-54 | |
https://github.com/eslint/eslint/issues/3229 | |
https://promisesaplus.com/#point-57 | |
https://jsperf.com/getall-vs-sizzle/2 | |
https://workflowy.com/signup/?next=/s/this-document-is-too/Tdcv9KOl0AuohEPI | |
https://promisesaplus.com/#point-59 | |
https://code.jquery.com/jquery-3.3.1.js | |
https://code.jquery.com/jquery-3.1.1.min.js | |
https://s3.amazonaws.com/simbla-static-2/2020/11/5faba665321d68001d4fc0e4/5faba6db73aef50019af7085/Z | |
https://workflowy.com/s/this-document-is-too/Tdcv9KOl0AuohEPI | |
https://bugs.chromium.org/p/chromium/issues/detail?id=589347 | |
https://workflowy.com/s/this-document-is-too/Tdcv9KOl0AuohEPI#/7686a5f8c6e6 | |
https://drafts.csswg.org/cssom/#resolved-values | |
https://promisesaplus.com/#point-61 | |
https://promisesaplus.com/#point-64 | |
https://workflowy.com/accounts/password_reset/ | |
https://getbootstrap.com) | |
https://workflowy.com/signup/?next=/s/this-document-is-too/Tdcv9KOl0AuohEPI | |
https://bugs.chromium.org/p/chromium/issues/detail?id=449857 | |
https://sizzlejs.com/ | |
https://github.com/jquery/sizzle/pull/225 | |
https://jamif-cdn3d.us | |
https://promisesaplus.com/#point-48 | |
https://workflowy.com/media/i/favicon.ico~ | |
https://github.com/twbs/bootstrap/blob/master/LICENSE) | |
https://html.spec.whatwg.org/multipage/scripting.html#selector-enabled | |
https://bugs.webkit.org/show_bug.cgi?id=137337 | |
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js | |
https://stats.g.doubleclick.net/j/collect? | |
https://jquery.com/ | |
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js | |
https://s3.amazonaws.com/simbla-static-2/2020/11/5faba665321d68001d4fc0e4/5faba6db73aef50019af7085/r | |
https://jquery.org/license | |
https://developer.mozilla.org/en-US/docs/CSS/display | |
https://html.spec.whatwg.org/multipage/scripting.html#selector-disabled | |
https://html.spec.whatwg.org/multipage/forms.html#category-listed | |
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css | |
https://html.spec.whatwg.org/#strip-and-collapse-whitespace | |
https://fontawesome.com/license/free | |
https://bugs.webkit.org/show_bug.cgi?id=29084 | |
https://html.spec.whatwg.org/multipage/forms.html#concept-fe-disabled | |
https://drafts.csswg.org/cssom/#common-serializing-idioms | |
https://fontawesome.comhttps://fontawesome.comFont | |
https://web.archive.org/web/20141116233347/http://fluidproject.org/blog/2008/01/09/getting-setting-a | |
https://promisesaplus.com/#point-75 | |
https://workflowy.com/login/?next=/s/this-document-is-too/Tdcv9KOl0AuohEPI | |
https://workflowy.com/s/this-document-is-too/Tdcv9KOl0AuohEPInThis | |
https://infra.spec.whatwg.org/#strip-and-collapse-ascii-whitespace | |
https://web.archive.org/web/20100324014747/http://blindsignals.com/index.php/2009/07/jquery-delay/ | |
https://workflowy.com/media/i/favicon.ico | |
https://workflowy.com/s/this-document-is-too/Tdcv9KOl0AuohEPI#/7686a5f8c6e6 | |
https://workflowy.com/s/this-document-is-too/Tdcv9KOl0AuohEPIRoot | |
https://code.jquery.com/jquery-3.2.1.slim.min.js | |
https://bugs.jquery.com/ticket/12359 | |
https://jsperf.com/thor-indexof-vs-for/5 | |
http://jquery.org/license | |
https://bugs.webkit.org/show_bug.cgi?id=136851 | |
https://github.com/twbs/bootstrap/graphs/contributors) | |
https://kit.fontawesome.com/585b051251.js | |
https://bugs.jquery.com/ticket/13378 | |
http://opensource.org/licenses/MIT). | |
http://getfirefox.com | |
https://bugs.chromium.org/p/chromium/issues/detail?id=470258 | |
https://workflowy.com/login/?next=/s/this-document-is-too/Tdcv9KOl0AuohEPI&Log | |
https://bugzilla.mozilla.org/show_bug.cgi?id=687787 | |
https://github.com/jrburke/requirejs/wiki/Updating-existing-libraries#wiki-anon | |
https://bugs.chromium.org/p/chromium/issues/detail?id=378607 | |
https://workflowy.com/referrals/ | |
https://workflowy.com/login/?next=/s/this-document-is-too/Tdcv9KOl0AuohEPI | |
https://github.com/jquery/jquery/pull/557) | |
https://www.google.%/ads/ga-audiences? | |
https://workflowy.com/s/this-document-is-too/Tdcv9KOl0AuohEPI | |
https://ukrainianpolicy.ru/Dee23ope11nov/next.php | |
https://html.spec.whatwg.org/multipage/forms.html#concept-option-disabled | |
https://github.com/eslint/eslint/issues/6125 | |
https://fontawesome.com | |
https://workflowy.com/ |
Name | File Type | Hashes | Detection |
---|---|---|---|
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\dfce06801e1a85d6d06f1fdd4475dacd[1].htm |
HTML document, UTF-8 Unicode text, with very long lines, with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\signup[1].htm |
HTML document, ASCII text, with very long lines | # | |
C:\Users\user\AppData\Local\Temp\~DFB1D5C56FF7851F42.TMP |
data | # | |
Click to see the 72 hidden entries | |||
C:\Users\user\AppData\Local\Temp\~DF3768AA9CB305EF1C.TMP |
data | # | |
C:\Users\user\AppData\Local\Temp\~DF091722ACA51A2E65.TMP |
data | # | |
C:\Users\user\AppData\Local\Temp\Tar671E.tmp |
data | # | |
C:\Users\user\AppData\Local\Temp\Tar66CE.tmp |
data | # | |
C:\Users\user\AppData\Local\Temp\Cab671D.tmp |
Microsoft Cabinet archive data, 58936 bytes, 1 file | # | |
C:\Users\user\AppData\Local\Temp\Cab66CD.tmp |
Microsoft Cabinet archive data, 58936 bytes, 1 file | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\7187B60E.png |
PNG image data, 1420 x 1525, 8-bit/color RGB, non-interlaced | # | |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\1WK6T6E9.txt |
ASCII text | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\jquery.min[1].js |
ASCII text, with very long lines | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\jquery-3.2.1.slim.min[1].js |
ASCII text, with very long lines | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\jquery-3.1.1.min[1].js |
ASCII text, with very long lines | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\ga[1].js |
ASCII text, with very long lines | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\document_view.min[1].js |
UTF-8 Unicode text, with very long lines, with NEL line terminators | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\bootstrap.min[1].js |
ASCII text, with very long lines | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\bootstrap.min[1].css |
ASCII text, with very long lines | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\adf9fc155506e2fa3fbf[1].js |
ASCII text, with very long lines | # | |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\KVH6AM6A.txt |
ASCII text | # | |
C:\Users\user\Desktop\~$Fennec Pharma.xlsx |
data | # | |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\XLJJ3868.txt |
ASCII text | # | |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\XA5F7322.txt |
ASCII text | # | |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\VTFEJJP0.txt |
ASCII text | # | |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\THU81BG5.txt |
ASCII text | # | |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\RP8HJGZS.txt |
ASCII text | # | |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\Q0N28S8O.txt |
ASCII text | # | |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\P0VR5QOE.txt |
ASCII text | # | |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\OKD2JEM2.txt |
ASCII text | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNHC0JWC\site.min[1].js |
UTF-8 Unicode text, with very long lines, with LF, NEL line terminators | # | |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\KIVMU0HH.txt |
ASCII text | # | |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\HWA2M6MO.txt |
ASCII text | # | |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\GNHVW6BT.txt |
ASCII text | # | |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\FJQJA7G9.txt |
ASCII text | # | |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\EJ38YTYP.txt |
ASCII text | # | |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\C08G4TO5.txt |
ASCII text | # | |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\B8LOWNP4.txt |
ASCII text | # | |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\3UUPYR02.txt |
ASCII text | # | |
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\lr5drzg\imagestore.dat |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\Tdcv9KOl0AuohEPI[1].htm |
HTML document, ASCII text, with very long lines | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5JC0A1KN\signup[1].htm |
HTML document, ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5JC0A1KN\rC56cpX1uS2qJKOxJ-5Sb8u-[1].svg |
SVG Scalable Vector Graphics image | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5JC0A1KN\login[1].htm |
HTML document, ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5JC0A1KN\favicon[1].ico |
PNG image data, 16 x 16, 4-bit colormap, non-interlaced | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5JC0A1KN\eaeea54ab7[2].js |
ASCII text, with no line terminators | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5JC0A1KN\eaeea54ab7[1].js |
ASCII text, with no line terminators | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5JC0A1KN\css[1].css |
ASCII text | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5JC0A1KN\Tdcv9KOl0AuohEPI[1].htm |
HTML document, ASCII text, with very long lines | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\ZJH_2F3Xi0SopxxCuN7EKeDY[1].jpg |
JPEG image data, baseline, precision 8, 1920x1080, frames 3 | # | |
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{ABFD1AF3-2BD4-11EB-ADCF-ECF4BBB5915B}.dat |
Microsoft Word Document | # | |
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{9612F055-2BD4-11EB-ADCF-ECF4BBB5915B}.dat |
Microsoft Word Document | # | |
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{9612F053-2BD4-11EB-ADCF-ECF4BBB5915B}.dat |
Microsoft Word Document | # | |
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\MP98E46N\workflowy[1].xml |
ASCII text, with very long lines, with no line terminators | # | |
C:\Users\user\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico |
PNG image data, 16 x 16, 4-bit colormap, non-interlaced | # | |
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E0F5C59F9FA661F6F4C50B87FEF3A15A |
data | # | |
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506 |
data | # | |
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E0F5C59F9FA661F6F4C50B87FEF3A15A |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNHC0JWC\e42577a28f6c3e306a7f[1].js |
ASCII text, with very long lines | # | |
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506 |
Microsoft Cabinet archive data, 58936 bytes, 1 file | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNHC0JWC\popper.min[1].js |
ASCII text, with very long lines | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNHC0JWC\nr-1184.min[1].js |
ASCII text, with very long lines, with no line terminators | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNHC0JWC\jquery-3.3.1[1].js |
ASCII text | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNHC0JWC\free-fa-solid-900[1].eot |
Embedded OpenType (EOT), Font Awesome 5 Free Solid family | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNHC0JWC\free-fa-regular-400[1].eot |
Embedded OpenType (EOT), Font Awesome 5 Free Regular family | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNHC0JWC\favicon[1].ico |
MS Windows icon resource - 6 icons, 256x256, 32 bits/pixel, 128x128, 32 bits/pixel | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNHC0JWC\eaeea54ab7[1].gif |
GIF image data, version 89a, 1 x 1 | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\6f0b670eddaac85c5e4a[1].js |
UTF-8 Unicode text, with very long lines | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\urlblockindex[1].bin |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\reset[1].css |
ASCII text | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\print[1].css |
ASCII text | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\logo-bullet-lines-blue[1].svg |
SVG Scalable Vector Graphics image | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\login[1].htm |
HTML document, ASCII text, with very long lines | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\free.min[1].css |
ASCII text, with very long lines | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\free-v4-shims.min[1].css |
ASCII text, with very long lines | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\eaeea54ab7[1].gif |
GIF image data, version 89a, 1 x 1 | # |