sample1.doc
| Engine | Download Report | Detection | Info |
|---|---|---|---|
|
malicious
|
||
|
malicious
Score: 100
|
System: Windows 7 x64 SP1 with Office 2010 SP1 (IE 11, FF52, Chrome 57, Adobe Reader DC 15, Flash 25.0.0.127, Java 8 Update 121, .NET 4.6.2)
|
| IP | Country | Detection |
|---|---|---|
| 104.131.144.215 | United States |  |
| 177.130.51.198 | Brazil | |
| 91.121.87.90 | France | |
| Click to see the 1 hidden entries | ||
| 188.226.165.170 | European Union | |
| Name | Detection |
|---|---|
| http://188.226.165.170:8080/U7j2Ca9v8QUvcqf/fA93hWSHl2n7EAFUn8S/ | |
| http://91.121.87.90:8080/bLyKQv7N53vEg8HnqG/AS5OEx79Hso/vmXj5PDqWcWGmmH57b/xq6PHaeNWW7/NgA8M5zv6E4oe8nfV/ | |
| http://www.%s.comPA |  |
| Click to see the 3 hidden entries | |
| https://pornthash.mobi/videos/tayna_tung | |
| http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous. | |
| https://pornthash.mobi/videos/tayna_tung%temp%/tmp_e473b4.exex | |
| Name | File Type | Hashes | Detection |
|---|---|---|---|
C:\Users\Public\Ksh1.pdf |
PE32 executable (DLL) (console) Intel 80386, for MS Windows | # | |
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\Public.LNK |
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Read-Only, Directory, ctime=Tue Jul 14 02:20:08 2009, mtime=Thu Jan 14 10:26:51 2021, atime=Thu Jan 14 10:26:51 2021, length=4096, window=hide | # | |
C:\Users\Public\~WRD0004.tmp |
ASCII text, with very long lines, with CRLF line terminators | # | |
| Click to see the 16 hidden entries | |||
C:\Users\Public\~WRD0000.tmp |
ASCII text, with very long lines, with CRLF line terminators | # | |
C:\Users\Public\~$Ksh1.xls |
data | # | |
C:\Users\Public\~$Ksh1.doc |
data | # | |
C:\Users\user\Desktop\~$ample1.doc |
data | # | |
C:\Users\user\AppData\Roaming\Microsoft\Templates\~$Normal.dotm |
data | # | |
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\sample1.LNK |
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Thu Jan 14 10:25:30 2021, mtime=Thu Jan 14 10:25:30 2021, atime=Thu Jan 14 10:25:32 2021, length=856064, window=hide | # | |
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\index.dat |
ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRD0001.doc |
ASCII text, with very long lines, with no line terminators | # | |
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\Ksh1.LNK |
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Thu Jan 14 10:26:51 2021, mtime=Thu Jan 14 10:26:51 2021, atime=Thu Jan 14 10:26:52 2021, length=595972, window=hide | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{E53D9D93-E64E-47DE-ADA9-74F7E4555893}.tmp |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{B65D8493-1CF8-4E74-AA78-05F4F57053A0}.tmp |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRD3271.doc |
ASCII text, with very long lines, with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRD3150.doc |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRD0005.doc |
ASCII text, with very long lines, with no line terminators | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRD0003.doc |
ASCII text, with very long lines, with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRD0002.doc |
data | # | |
