Engine | Download Report | Detection | Info |
---|---|---|---|
|
malicious
Score: 100
|
System: Windows 7 x64 SP1 with Office 2010 SP1 (IE 11, FF52, Chrome 57, Adobe Reader DC 15, Flash 25.0.0.127, Java 8 Update 121, .NET 4.6.2)
|
IP | Country | Detection |
---|---|---|
172.67.8.238 | United States | |
79.134.225.26 | Switzerland | |
172.245.45.28 | United States | |
Click to see the 1 hidden entries | ||
104.22.1.232 | United States |
Name | IP | Detection |
---|---|---|
cutt.ly | 172.67.8.238 | |
nta.hopto.org | 172.245.45.28 | |
nassiru1166main.ddns.net | 0.0.0.0 |
Name | Detection |
---|---|
79.134.225.26 | |
nassiru1166main.ddns.net | |
http://nta.hopto.org/reg/vbc.exe | |
Click to see the 8 hidden entries | |
https://cutt.ly/dbzEXdF | |
http://nta.hopto.org/reg/v.dot | |
http://www.%s.comPA | |
http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous. | |
http://nta.hopto.org/reg/ | |
https://github.com/unguest | |
https://stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/bootstrap.min.css | |
https://github.com/unguest9WinForms_RecursiveFormCreate5WinForms_SeeInnerExceptionGProperty |
Name | File Type | Hashes | Detection |
---|---|---|---|
C:\Users\Public\vbc.exe |
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNHC0JWC\vbc[1].exe |
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\v[1].doc |
data | # | |
Click to see the 21 hidden entries | |||
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\3B75759.doc |
data | # | |
C:\Users\user\AppData\Roaming\EA860E7A-A87F-4A88-92EF-38F744458171\run.dat |
data | # | |
C:\Users\user\AppData\Local\Temp\{542180A0-A252-45A6-9AB6-97F222355736} |
data | # | |
C:\Users\user\Desktop\~$1e3984_by_Libranalysis.docx |
data | # | |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\KCZ27U86.txt |
ASCII text | # | |
C:\Users\user\AppData\Roaming\Microsoft\UProof\ExcludeDictionaryEN0409.lex |
Little-endian UTF-16 Unicode text, with no line terminators | # | |
C:\Users\user\AppData\Roaming\Microsoft\Templates\~$Normal.dotm |
data | # | |
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\reg on nta.hopto.org.url |
MS Windows 95 Internet shortcut text (URL=<http://nta.hopto.org/reg/>), ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\index.dat |
ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\dbzEXdF.url |
MS Windows 95 Internet shortcut text (URL=<https://cutt.ly/dbzEXdF>), ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\471e3984_by_Libranalysis.LNK |
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Mon May 3 20:30:28 2021, mtime=Mon May 3 20:30:28 2021, atime=Mon May 3 20:30:34 2021, length=10310, window=hide | # | |
C:\Users\user\AppData\Local\Temp\{B4AE6734-762A-4AC3-86CE-9329F6012CCF} |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Office\14.0\OfficeFileCache\FSD-CNRY.FSD |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{DD41239A-D6DE-42E0-947A-6C3BAA1EDCFF}.tmp |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{9CA5B12C-492C-4E57-AE2D-0E7798ADDEF4}.tmp |
dBase III DBT, version number 0, next free block index 7536653 | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{8AE4CB73-349E-46EF-BF24-C3A751787722}.tmp |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Office\14.0\OfficeFileCache\LocalCacheFileEditManager\FSF-{0E1EEE64-E8C6-4E2A-9759-63CF07FD8988}.FSF |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Office\14.0\OfficeFileCache\LocalCacheFileEditManager\FSD-{45D439A1-3537-4B88-BE41-836CEF25E81A}.FSD |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Office\14.0\OfficeFileCache\LocalCacheFileEditManager\FSD-CNRY.FSD |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Office\14.0\OfficeFileCache\FSF-CTBL.FSF |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Office\14.0\OfficeFileCache\FSD-{F68D7747-BDFB-4414-9397-CF20B10DDA5F}.FSD |
data | # |