Engine | Download Report | Detection | Info |
---|---|---|---|
|
malicious
|
||
|
malicious
Score: 100
|
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
|
IP | Country | Detection |
---|---|---|
79.134.225.7 | Switzerland |
Name | IP | Detection |
---|---|---|
james12.ddns.net | 79.134.225.7 |
Name | Detection |
---|---|
127.0.0.1 | |
james12.ddns.net | |
https://contoso.com/ | |
Click to see the 16 hidden entries | |
https://stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/bootstrap.min.css | |
https://github.com/Pester/Pester | |
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name | |
http://www.microsoft.cow: | |
https://contoso.com/Icon | |
https://contoso.com/License | |
https://nuget.org/nuget.exe | |
http://nuget.org/NuGet.exe | |
http://schemas.xmlsoap.org/wsdl/ | |
http://www.microsoft.uc | |
http://www.apache.org/licenses/LICENSE-2.0.html | |
http://schemas.xmlsoap.org/soap/encoding/ | |
http://crl.D | |
http://pesterbdd.com/images/Pester.png | |
http://logo.veris | |
http://crl.m |
Name | File Type | Hashes | Detection |
---|---|---|---|
C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe:Zone.Identifier |
ASCII text, with CRLF line terminators | # | |
C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe |
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows | # | |
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\hbvo9thTAX.exe.log |
ASCII text, with CRLF line terminators | # | |
Click to see the 24 hidden entries | |||
C:\Users\user\AppData\Roaming\QeANuFTFqbK.exe:Zone.Identifier |
ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Roaming\QeANuFTFqbK.exe |
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows | # | |
C:\Users\user\AppData\Roaming\D06ED635-68F6-4E9A-955C-4899F5F57B9A\run.dat |
data | # | |
C:\Users\user\AppData\Local\Temp\tmpABAD.tmp |
XML 1.0 document, ASCII text, with CRLF line terminators | # | |
C:\Users\user\Documents\20210403\PowerShell_transcript.134349.mbI4G_ed.20210403192711.txt |
UTF-8 Unicode (with BOM) text, with CRLF line terminators | # | |
C:\Users\user\Documents\20210403\PowerShell_transcript.134349.mGBKDpXQ.20210403192735.txt |
UTF-8 Unicode (with BOM) text, with CRLF line terminators | # | |
C:\Users\user\Documents\20210403\PowerShell_transcript.134349.lSfpxzZ7.20210403192730.txt |
UTF-8 Unicode (with BOM) text, with CRLF line terminators | # | |
C:\Users\user\Documents\20210403\PowerShell_transcript.134349._m_N6GZ+.20210403192708.txt |
UTF-8 Unicode (with BOM) text, with CRLF line terminators | # | |
C:\Users\user\Documents\20210403\PowerShell_transcript.134349.Jo7+hiPB.20210403192707.txt |
UTF-8 Unicode (with BOM) text, with CRLF line terminators | # | |
C:\Users\user\AppData\Roaming\D06ED635-68F6-4E9A-955C-4899F5F57B9A\storage.dat |
data | # | |
C:\Users\user\AppData\Roaming\D06ED635-68F6-4E9A-955C-4899F5F57B9A\catalog.dat |
data | # | |
C:\Users\user\AppData\Local\Temp\tmp3FE.tmp |
XML 1.0 document, ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_zawy1uep.upl.ps1 |
very short file (no magic) | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ujmi11ov.11q.ps1 |
very short file (no magic) | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_rj0cfrkv.v0m.ps1 |
very short file (no magic) | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_pzx2opuj.bcr.psm1 |
very short file (no magic) | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_pyrii040.scl.psm1 |
very short file (no magic) | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_nbbpxawf.xpy.psm1 |
very short file (no magic) | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_lyd25ghk.v0e.psm1 |
very short file (no magic) | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_lmafyeex.kax.psm1 |
very short file (no magic) | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_k4mlodfs.k4y.ps1 |
very short file (no magic) | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ajzbn5nt.ie4.ps1 |
very short file (no magic) | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache |
data | # | |
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\dhcpmon.exe.log |
ASCII text, with CRLF line terminators | # |