ms.exe
| Engine | Download Report | Detection | Info |
|---|---|---|---|
|
malicious
|
||
|
malicious
Score: 52
|
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
|
| IP | Country | Detection |
|---|---|---|
| 185.195.232.251 | Sweden |  |
| 104.23.98.190 | United States | |
| Name | IP | Detection |
|---|---|---|
| pastebin.com | 104.23.98.190 | |
| Name | Detection |
|---|---|
| http://pastebin.com | |
| http://downloads.sourceforge.net/astrogrep/ | |
| http://nlog-project.org/ws/ILogReceiverOneWayServer/ProcessLogMessages | |
| Click to see the 32 hidden entries | |
| http://www.gnu.org/copyleft/gpl.html#SEC3 | |
| http://astrogrep.sourceforge.net/download/ | |
| http://astrogrep.sourceforge.net/version.htmlUhttp://astrogrep.sourceforge.net/download/Whttps://sou | |
| http://nlog-project.org/ws/ | |
| http://nlog-project.org/ws/ILogReceiverServer/ProcessLogMessagesT | |
| http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name | |
| http://nlog-project.org/dummynamespace/ | |
| https://pastebin.com | |
| http://icsharpcode.net/sharpdevelop/avalonedit#ICSharpCode.AvalonEdit.Highlighting | |
| http://nlog-project.org/ws/3 | |
| http://schemas.microsof | |
| http://icsharpcode.net/sharpdevelop/avalonedit#ICSharpCode.AvalonEdit.HighlightingQ | |
| http://nlog-project.org/ws/5 | |
| http://astrogrep.sourceforge.net | |
| http://www.gnu.org/copyleft/gpl.html | |
| https://nlog-project.org/ | |
| http://icsharpcode.net/sharpdevelop/syntaxdefinition/2008 | |
| http://icsharpcode.net/sharpdevelop/syntaxdefinition/20081Error | |
| http://icsharpcode.net/sharpdevelop/avalonedit | |
| https://pastebin.com/raw | |
| https://pastebin.com/raw/VTByvKGM | |
| http://astrogrep.sourceforge.net/Ihttp://www.gnu.org/copyleft/gpl.html | |
| http://schemas.xmlsoap.org/soap/envelope/ | |
| https://pastebin.comD83l | |
| https://pastebin.com43l | |
| https://pastebin.comD83lh; | |
| http://nsis.sf.net/NSIS_ErrorError | |
| https://www.nuget.org/packages/NLog.Web.AspNetCore | |
| http://nlog-project.org/ws/T | |
| http://downloads.sourceforge.net/astrogrep/readme.txt | |
| http://nlog-project.org/ws/ILogReceiverServer/ProcessLogMessagesResponsep | |
| http://nsis.sf.net/NSIS_Error | |
| Name | File Type | Hashes | Detection |
|---|---|---|---|
C:\Users\user\AppData\Roaming\astro-grep.exe |
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows | # |  |
C:\Users\user\AppData\Local\Temp\ASTRO-GREP.EXE |
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows | # | |
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AstroGrep\AstroGrep.lnk |
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Archive, ctime=Thu Apr 4 19:57:44 2019, mtime=Sun Jul 18 04:37:27 2021, atime=Thu Apr 4 19:57:44 2019, length=573440, window=hide | # | |
| Click to see the 23 hidden entries | |||
\Device\Null |
ASCII text, with CRLF line terminators, with overstriking | # | |
C:\Users\user\AppData\Local\Temp\tmp7B21.tmp.bat |
DOS batch file, ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Temp\nsq211B.tmp\nsDialogs.dll |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\nsq211B.tmp\modern-wizard.bmp |
PC bitmap, Windows 3.x format, 164 x 314 x 4 | # | |
C:\Users\user\AppData\Local\Temp\nsq211B.tmp\System.dll |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\nsq211B.tmp\StartMenu.dll |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\nsq211B.tmp\LangDLL.dll |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\ASTROGREP_SETUP_V4.4.7.EXE |
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive | # | |
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\ASTRO-GREP.EXE.log |
ASCII text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AstroGrep\Uninstall AstroGrep.lnk |
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Archive, ctime=Sun Jul 18 04:37:27 2021, mtime=Sun Jul 18 04:37:27 2021, atime=Sun Jul 18 04:37:27 2021, length=61854, window=hide | # | |
C:\Program Files (x86)\AstroGrep\AstroGrep.AdminProcess.exe |
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows | # | |
C:\Program Files (x86)\AstroGrep\readme.txt |
UTF-8 Unicode (with BOM) text, with CRLF line terminators | # | |
C:\Program Files (x86)\AstroGrep\license.txt |
ASCII text, with CRLF line terminators | # | |
C:\Program Files (x86)\AstroGrep\libAstroGrep.dll |
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows | # | |
C:\Program Files (x86)\AstroGrep\astrogrep.VisualElementsManifest.xml |
ASCII text, with CRLF line terminators | # | |
C:\Program Files (x86)\AstroGrep\Uninstall.exe |
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive | # | |
C:\Program Files (x86)\AstroGrep\NLog.dll |
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows | # | |
C:\Program Files (x86)\AstroGrep\ICSharpCode.AvalonEdit.dll |
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows | # | |
C:\Program Files (x86)\AstroGrep\AstroGrep_256x256.png |
PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced | # | |
C:\Program Files (x86)\AstroGrep\AstroGrep.exe.config |
XML 1.0 document, ASCII text, with CRLF line terminators | # | |
C:\Program Files (x86)\AstroGrep\AstroGrep.exe |
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows | # | |
C:\Program Files (x86)\AstroGrep\AstroGrep.Common.dll |
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows | # | |
C:\Program Files (x86)\AstroGrep\AstroGrep.AdminProcess.exe.config |
XML 1.0 document, ASCII text, with CRLF line terminators | # | |
