Engine | Download Report | Detection | Info |
---|---|---|---|
|
malicious
|
||
|
malicious
Score: 100
|
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
|
IP | Country | Detection |
---|---|---|
79.134.225.71 | Switzerland |
Name | IP | Detection |
---|---|---|
emedoo.ddns.net | 79.134.225.71 |
Name | Detection |
---|---|
emedoo.ddns.net | |
127.0.0.1 | |
https://api.twitter.com/oauth/access_token | |
Click to see the 97 hidden entries | |
http://search.twitter.com/search.atomKhttp://search.twitter.com/trends.json | |
http://search.twitter.com/trends/weekly.json | |
http://twic.li/api/uploadVideoLhttp://twic.li/api/uploadVideoAndTweet | |
https://im.twitvid.com/api/authenticateCapplication/x-www-form-urlencoded | |
http://twic.li/api/uploadAudioAndTweetUContent-Disposition: | |
http://api.twitter.com/1.1/statuses/update.xml?status= | |
http://api.twitter.com/1.1/friendships/destroy/ | |
http://api.twitter.com/1.1/statuses/mentions.xmlnhttp://api.twitter.com/1.1/statuses/public_timeline | |
https://contoso.com/License | |
https://github.com/Pester/PesterH | |
http://twic.li/api/getUsersContent?username= | |
http://twic.li/api/video.flv?id= | |
http://search.twitter.com/search.atom | |
http://api.twitter.com/1.1/ | |
http://twitter.com/statuses/retweeted_to_me.xmlfhttp://api.twitter.com/1.1/statuses/retweets/id.xmll | |
http://api.twitter.com/1.1/blocks/blocking.xml | |
http://api.twitter.com/1.1/statuses/replies.xmlfhttp://api.twitter.com/1.1/statuses/retweet/ | |
http://api.twitter.com/1.1/users/search.xmlRhttp://api.twitter.com/1.1/users/show.xmlvhttp://api.twi | |
http://twic.li/api/uploadAudioiContent-disposition: | |
http://yfrog.com/api/uploadAndPost | |
http://twitter.com/oauth/access_token | |
http://api.twitter.com/1.1/direct_messages/new.xml?user= | |
http://twic.li/api/uploadAudio | |
http://api.twitter.com/1.1/statuses/retweets_of_me.xml | |
http://search.twitter.com/trends.json | |
http://im.twitvid.com/api/uploadrhttp://api.twitter.com/1.1/account/verify_credentials.xmljhttp://ap | |
http://api.twitter.com/1.1/favorites.xmlXhttp://api.twitter.com/1.1/followers/ids.xmlThttp://api.twi | |
http://api.twitter.com/1.1/statuses/retweets/id.xml_http://api.twitter.com/1.1/statuses/replies.xmlS | |
http://twic.li/api/uploadPhotoLhttp://twic.li/api/uploadPhotoAndTweet | |
http://api.twitter.com/1.1/statuses/update.xmljhttp://api.twitter.com/1.1/statuses/user_timeline.xml | |
http://www.apache.org/licenses/LICENSE-2.0.htmlH | |
http://api.twitter.com/1.1/followers/ids.xml | |
http://twitter.com/statuses/retweeted_to_me.xml | |
http://twic.li/api/uploadAudioLhttp://twic.li/api/uploadAudioAndTweet:http://twic.li/api/getContentD | |
http://nuget.org/NuGet.exe | |
http://api.twitter.com/1.1/direct_messages/destroy/ | |
http://api.twitter.com/1.1/trends/ | |
http://twic.li/api/uploadPhotokContent-Disposition: | |
http://api.twitter.com/1.1/account/verify_credentials.xml | |
http://api.twitter.com/1.1/statuses/home_timeline.xml | |
http://api.twitter.com/1.1/favorites.xml | |
http://api.twitter.com/1.1/blocks/blocking/ids.xml | |
http://api.twitter.com/1.1/statuses/retweet/ | |
http://api.twitter.com/1.1/blocks/create/ | |
http://twic.li/api/uploadPhoto | |
https://contoso.com/ | |
http://twic.li/api/uploadVideo | |
http://api.twitter.com/1.1/account/update_profile.xml | |
http://pesterbdd.com/images/Pester.png | |
http://api.twitter.com/1.1/statuses/destroy/ | |
http://twitter.com/oauth/request_token- | |
https://im.twitvid.com/api/authenticate | |
http://api.twitter.com/1.1/report_spam.xml | |
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name | |
http://api.twitter.com/1.1/statuses/friends.xml | |
http://search.twitter.com/trends/current.json | |
https://nuget.org/nuget.exe | |
http://api.twitter.com/1.1/friendships/show.xml? | |
http://api.twitter.com/1.1/statuses/show/ | |
http://yfrog.com/api/uploadAndPostAmultipart/form-data | |
http://schemas.xmlsoap.org/soap/encoding/ | |
http://twic.li/api/video.flv?id=-No | |
http://api.twitter.com/1.1/report_spam.xmlJhttp://search.twitter.com/search.atomfhttp://api.twitter. | |
http://api.twitter.com/1.1/direct_messages/new.xmlfhttp://api.twitter.com/1.1/direct_messages/sent.x | |
http://api.twitter.com/1.1/blocks/destroy/ | |
https://stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/bootstrap.min.css | |
http://twic.li/api/uploadAudioAndTweet | |
http://api.twitter.com/1.1/direct_messages.xml | |
http://api.twitter.com/1.1/statuses/friends_timeline.xml | |
http://api.twitter.com/1.1/statuses/retweeted_by_me.xml | |
http://api.twitter.com/1.1/blocks/blocking.xmldhttp://api.twitter.com/1.1/blocks/blocking/ids.xml | |
http://api.twitter.com/1.1/statuses/mentions.xml | |
http://twic.li/api/photo.jpg?id= | |
http://schemas.xmlsoap.org/wsdl/ | |
http://twitter.com/oauth/request_token | |
http://api.twitter.com/1.1/users/show.xml | |
http://api.twitter.com/1.1/account/update_profile_image.xml | |
http://twic.li/api/getContent?id= | |
http://api.twitter.com/1.1/statuses/friends.xmlbhttp://api.twitter.com/1.1/statuses/followers.xmlpht | |
http://api.twitter.com/1.1/statuses/replies.xml | |
http://twic.li/api/uploadPhotoAndTweet | |
http://api.twitter.com/1.1/favorites/create/ | |
https://github.com/Pester/Pester | |
http://twic.li/api/getUsersContent?userid= | |
http://twic.li/api/getUsersContent?userid=)&content_type=photos | |
http://im.twitvid.com/api/upload | |
http://api.twitter.com/1.1/trends/available.xml | |
http://api.twitter.com/1.1/favorites/destroy/ | |
http://api.twitter.com/1.1/direct_messages/sent.xml | |
https://contoso.com/Icon | |
http://twic.li/api/uploadVideoAndTweet | |
http://api.twitter.com/1.1/account/update_profile.xmlQhttp://api.twitter.com/1.1/favorites.xmlghttp: | |
http://api.twitter.com/1.1/trends/available.xmlThttp://api.twitter.com/1.1/trends/ | |
https://go.micro | |
http://api.twitter.com/1.1/statuses/public_timeline.xml | |
http://www.apache.org/licenses/LICENSE-2.0.html | |
http://twitter.com/oauth/access_token#?x_auth_username=#&x_auth_password=1&x_auth_mode=client_authUh |
Name | File Type | Hashes | Detection |
---|---|---|---|
C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe:Zone.Identifier |
ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\Devizni izvod za partiju 0050100073053.exe.log |
ASCII text, with CRLF line terminators | # | |
C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe |
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows | # | |
Click to see the 26 hidden entries | |||
C:\Users\user\AppData\Roaming\D06ED635-68F6-4E9A-955C-4899F5F57B9A\run.dat |
data | # | |
C:\Users\user\AppData\Roaming\AGYVBigGPY.exe:Zone.Identifier |
ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Roaming\AGYVBigGPY.exe |
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\tmp2011.tmp |
XML 1.0 document, ASCII text, with CRLF line terminators | # | |
C:\Users\user\Documents\20210512\PowerShell_transcript.284992.oeX3hsoM.20210512063048.txt |
UTF-8 Unicode (with BOM) text, with CRLF line terminators | # | |
C:\Users\user\Documents\20210512\PowerShell_transcript.284992.nr8pMLKJ.20210512063051.txt |
UTF-8 Unicode (with BOM) text, with CRLF line terminators | # | |
C:\Users\user\Documents\20210512\PowerShell_transcript.284992.hO0k8c4M.20210512063049.txt |
UTF-8 Unicode (with BOM) text, with CRLF line terminators | # | |
C:\Users\user\Documents\20210512\PowerShell_transcript.284992.9Vv_x1G2.20210512063125.txt |
UTF-8 Unicode (with BOM) text, with CRLF line terminators | # | |
C:\Users\user\Documents\20210512\PowerShell_transcript.284992.8sAzw+Dk.20210512063128.txt |
UTF-8 Unicode (with BOM) text, with CRLF line terminators | # | |
C:\Users\user\AppData\Roaming\D06ED635-68F6-4E9A-955C-4899F5F57B9A\storage.dat |
data | # | |
C:\Users\user\AppData\Roaming\D06ED635-68F6-4E9A-955C-4899F5F57B9A\settings.bin |
data | # | |
C:\Users\user\AppData\Roaming\D06ED635-68F6-4E9A-955C-4899F5F57B9A\settings.bak |
data | # | |
C:\Users\user\AppData\Roaming\D06ED635-68F6-4E9A-955C-4899F5F57B9A\catalog.dat |
data | # | |
C:\Users\user\AppData\Local\Temp\tmp864D.tmp |
XML 1.0 document, ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_zopv30bh.0qg.ps1 |
very short file (no magic) | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_zm0bfdmr.3xj.ps1 |
very short file (no magic) | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_v2l21i0h.hu0.ps1 |
very short file (no magic) | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_udy30vs2.d4j.psm1 |
very short file (no magic) | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_rhz4qu2t.ytv.psm1 |
very short file (no magic) | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_l1gqcsja.gw5.psm1 |
very short file (no magic) | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_kv2bxms5.otf.psm1 |
very short file (no magic) | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_fgwq2vs1.fuu.ps1 |
very short file (no magic) | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_2br1q3bz.k2u.psm1 |
very short file (no magic) | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_0nf01gm5.vvm.ps1 |
very short file (no magic) | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache |
data | # | |
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\dhcpmon.exe.log |
ASCII text, with CRLF line terminators | # |