Full Report | Management Report | IOC Report | Engine | Info | Verdict | Score | Reports |
---|---|---|---|---|---|---|---|
![]() |
|||||||
![]() |
System: Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211 |
![]() |
100/100
|
||||
![]() |
13/44
|
IP | Country | Detection |
---|---|---|
104.23.99.190 | United States | ![]() |
194.5.97.173 | Netherlands | ![]() |
104.23.98.190 | United States | ![]() |
Name | IP | Detection |
---|---|---|
1.ispnano.dns-cloud.net | 194.5.97.173 | ![]() |
pastebin.com | 104.23.98.190 | ![]() |
Name | Detection |
---|---|
https://go.micro | ![]() |
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/authorizationdecisionzhttp://schemas.xmlsoap.o | ![]() |
https://pastebin.com/raw/W63zsRav | ![]() |
Click to see the 16 hidden entries | |
http://logo.vGs | ![]() |
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/otherphone | ![]() |
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/mobilephone | ![]() |
https://go.microd | ![]() |
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/stateorprovince | ![]() |
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprintrhttp://schemas.xmlsoap.org/ws/2005/ | ![]() |
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name | ![]() |
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/streetaddresszhttp://schemas.xmlsoap.org/ws/20 | ![]() |
http://crl.globalsi7 | ![]() |
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/postalcoderhttp://schemas.xmlsoap.org/ws/2005/ | ![]() |
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/authentication | ![]() |
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/dateofbirthrhttp://schemas.xmlsoap.org/ws/2005 | ![]() |
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier | ![]() |
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/x500distinguishednamejhttp://schemas.xmlsoap.o | ![]() |
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid | ![]() |
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddressxhttp://schemas.xmlsoap.org/ws/200 | ![]() |
Name | File Type | Hashes | Detection |
---|---|---|---|
C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe |
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows | # | ![]() |
C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe:Zone.Identifier |
ASCII text, with CRLF line terminators | # | ![]() |
C:\Users\user\AppData\Roaming\D06ED635-68F6-4E9A-955C-4899F5F57B9A\run.dat |
ISO-8859 text, with no line terminators | # | ![]() |
Click to see the 18 hidden entries | |||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\shipping order#.exe |
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows | # | ![]() |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\shipping order#.exe:Zone.Identifier |
ASCII text, with CRLF line terminators | # | ![]() |
C:\ProgramData\Microsoft\Windows\WER\Temp\WER9DEE.tmp.WERInternalMetadata.xml |
XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators | # | ![]() |
C:\ProgramData\Microsoft\Windows\WER\Temp\WERB3D9.tmp.xml |
XML 1.0 document, ASCII text, with CRLF line terminators | # | ![]() |
C:\ProgramData\Microsoft\Windows\WER\Temp\WERBDF.tmp.dmp |
Mini DuMP crash report, 15 streams, Fri Jan 8 17:29:22 2021, 0x1205a4 type | # | ![]() |
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache |
data | # | ![]() |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_brge2zcm.hwd.ps1 |
very short file (no magic) | # | ![]() |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_czsau0n1.mqj.psm1 |
very short file (no magic) | # | ![]() |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_e04p2qly.o2t.ps1 |
very short file (no magic) | # | ![]() |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_fraa5aiu.gcp.psm1 |
very short file (no magic) | # | ![]() |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_harhvbow.ned.psm1 |
very short file (no magic) | # | ![]() |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_pilnwesf.xu0.ps1 |
very short file (no magic) | # | ![]() |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_x2khrpam.ug2.ps1 |
very short file (no magic) | # | ![]() |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_yf4s2bry.3jw.psm1 |
very short file (no magic) | # | ![]() |
C:\Users\user\Documents\20210108\PowerShell_transcript.701188.Laubqkk7.20210108182807.txt |
UTF-8 Unicode (with BOM) text, with CRLF line terminators | # | ![]() |
C:\Users\user\Documents\20210108\PowerShell_transcript.701188.ONgqdUkt.20210108182809.txt |
UTF-8 Unicode (with BOM) text, with CRLF line terminators | # | ![]() |
C:\Users\user\Documents\20210108\PowerShell_transcript.701188.nGv+RGBh.20210108182808.txt |
UTF-8 Unicode (with BOM) text, with CRLF line terminators | # | ![]() |
C:\Users\user\Documents\20210108\PowerShell_transcript.701188.tt6CRrQ7.20210108182806.txt |
UTF-8 Unicode (with BOM) text, with CRLF line terminators | # | ![]() |