Engine | Download Report | Detection | Info |
---|---|---|---|
|
malicious
Score: 80
|
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
|
|
|
malicious
Score: 80
|
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Run Condition: Without Tracing
|
IP | Country | Detection |
---|---|---|
23.239.31.129 | United States | |
107.175.144.243 | United States | |
199.232.192.209 | United States | |
Click to see the 3 hidden entries | ||
140.82.121.3 | United States | |
104.23.98.190 | United States | |
185.199.110.154 | Netherlands |
Name | IP | Detection |
---|---|---|
pluginserver.duckdns.org | 23.239.31.129 | |
strizzz100.duckdns.org | 107.175.144.243 | |
str-master.pw | 0.0.0.0 | |
Click to see the 6 hidden entries | ||
jbfrost.live | 0.0.0.0 | |
sonatype.map.fastly.net | 199.232.192.209 | |
github.com | 140.82.121.3 | |
github-releases.githubusercontent.com | 185.199.110.154 | |
pastebin.com | 104.23.98.190 | |
repo1.maven.org | 0.0.0.0 |
Name | Detection |
---|---|
http://www.quovadis.bm | |
http://www.quovadisglobal.com/cps | |
http://cps.chambersign.org/cps/chambersroot.html | |
Click to see the 45 hidden entries | |
http://www.certplus.com/CRL/class3P.crl | |
http://www.certplus.com/CRL/class3P.crl0 | |
http://crl.chambersign.org/chambersroot.crlK% | |
http://crl.securetrust.com/STCA.crl | |
http://str-master.pw/strigoi/server/ping.php? | |
http://www.certplus.com/CRL/class2.crl0 | |
http://www.quovadisglobal.com/cps0 | |
http://crl.xrampsecurity.com/XGCA.crl0 | |
http://trustcenter-crl.certificat2.com/Keynectis/KEYNECTIS_ROOT_CA.crl | |
http://str-master.pw/strigoi/server/ping.php?lid= | |
http://www.quovadis.bm0 | |
https://ocsp.quovadisoffshore.com0 | |
http://www.allatori.com | |
http://str-master.pw | |
http://crl.chambersign.org/chambersroot.crl | |
http://repository.swisssign.com/ | |
http://www.chambersign.org | |
https://api.github.com/_private/browser/errors | |
https://github.com/kristian/system-hook/releases/download/3.5/system-hook-3.5.jar | |
http://policy.camerfirma.com0 | |
http://str-master.pw/strigoi/server/ping.php?lid=RUGR-ATSN-D14P-VBXX-49LW | |
http://www.chambersign.org1 | |
https://repo1.maven.org/maven2/net/java/dev/jna/jna-platform/5.5.0/jna-platform-5.5.0.jar | |
http://crl.chambersign.org/chambersroot.crl0 | |
http://trustcenter-crl.certificat2.com/Keynectis/KEYNECTIS_ROOT_CA.crl0 | |
http://www.apache.org/licenses/LICENSE-2.0.txt | |
http://www.apache.org/licenses/ | |
http://www.apache.org/licenses/LICEN | |
http://www.certplus.com/CRL/class2.crl | |
http://bugreport.sun.com/bugreport/ | |
http://cps.chambersign.org/cps/chambersroot.html0 | |
http://java.oracle.com/ | |
http://null.oracle.com/ | |
http://crl.xrampsecurity.com/XGCA.crl | |
https://github-releases.githubusercontent.com/51361554/623ef000-9da4-11e9-9ea2-d90155318994?X-Amz-Al | |
http://str-master.pw/strigoi/server/ping.php | |
http://repository.swisssign.com/0 | |
https://repo1.maven.org/maven2/net/java/dev/jna/jna/5.5.0/jna-5.5.0.jar | |
http://jbfrost.live/strigoi/server/?hwid=1&lid=m&ht=5 | |
http://policy.camerfirma.com | |
http://ops.com.pa/jre7.zip | |
http://ops.com.pa/jre7.zipnf | |
https://ocsp.quovadisoffshore.com | |
https://repo1.maven.org/maven2/org/xerial/sqlite-jdbc/3.14.2.1/sqlite-jdbc-3.14.2.1.jar | |
http://crl.securetrust.com/STCA.crl0 |
Name | File Type | Hashes | Detection |
---|---|---|---|
C:\Users\user\AppData\Roaming\pruoglcim.txt |
Zip archive data, at least v2.0 to extract | # | |
C:\Users\user\AppData\Roaming\plugins.jar |
Zip archive data, at least v2.0 to extract | # | |
C:\Users\user\AppData\Roaming\lib\sqlite-jdbc-3.14.2.1.jar |
Zip archive data, at least v1.0 to extract | # | |
Click to see the 16 hidden entries | |||
C:\Users\user\pruoglcim.txt |
Zip archive data, at least v2.0 to extract | # | |
C:\Users\user\lib\system-hook-3.5.jard |
Zip archive data, at least v1.0 to extract | # | |
C:\Users\user\lib\sqlite-jdbc-3.14.2.1.jard |
Zip archive data, at least v1.0 to extract | # | |
C:\Users\user\lib\jna-platform-5.5.0.jard |
Java archive data (JAR) | # | |
C:\Users\user\lib\jna-5.5.0.jard |
Java archive data (JAR) | # | |
C:\Users\user\fukvowbkrs.js |
ASCII text, with very long lines | # | |
C:\Users\user\AppData\Roaming\lib\system-hook-3.5.jar |
Zip archive data, at least v1.0 to extract | # | |
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\pruoglcim.txt |
Zip archive data, at least v2.0 to extract | # | |
C:\Users\user\AppData\Roaming\lib\jna-platform-5.5.0.jar |
Java archive data (JAR) | # | |
C:\Users\user\AppData\Roaming\lib\jna-5.5.0.jar |
Java archive data (JAR) | # | |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\pruoglcim.txt |
Zip archive data, at least v2.0 to extract | # | |
C:\Users\user\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-3853321935-2125563209-4053062332-1002\83aa4cc77f591dfc2374580bbd95f6ba_d06ed635-68f6-4e9a-955c-4899f5f57b9a |
data | # | |
C:\Users\user\AppData\Local\Temp\jna-99048687\jna822539700341149381.dll |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\jna-99048687\jna552460949331173543.dll |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\jna-99048687\jna3285767908382047760.dll |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # | |
C:\ProgramData\Oracle\Java\.oracle_jre_usage\cce3fe3b0d8d83e2.timestamp |
ASCII text, with CRLF line terminators | # |