Engine | Download Report | Detection | Info |
---|---|---|---|
|
malicious
|
||
|
malicious
Score: 100
|
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
|
IP | Country | Detection |
---|---|---|
208.91.199.225 | United States |
Name | IP | Detection |
---|---|---|
us2.smtp.mailhostbox.com | 208.91.199.225 |
Name | Detection |
---|---|
http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt0# | |
http://127.0.0.1:HTTP/1.1 | |
http://ocsp.sectigo.com0A | |
Click to see the 9 hidden entries | |
https://api.ipify.org%GETMozilla/5.0 | |
http://DynDns.comDynDNS | |
http://hFHvHh.com | |
https://sectigo.com/CPS0 | |
http://us2.smtp.mailhostbox.com | |
https://www.theonionrouter.com/dist.torproject.org/torbrowser/9.5.3/tor-win32-0.4.3.6.zip%tordir%%ha | |
https://wiYfivfC8nSIDolSjnz.org | |
https://www.theonionrouter.com/dist.torproject.org/torbrowser/9.5.3/tor-win32-0.4.3.6.zip | |
https://api.ipify.org%$ |
Name | File Type | Hashes | Detection |
---|---|---|---|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\DOCS.exe.log |
ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Roaming\NXLun\NXLun.exe |
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows | # | |
C:\Users\user\AppData\Roaming\NXLun\NXLun.exe:Zone.Identifier |
ASCII text, with CRLF line terminators | # | |
Click to see the 2 hidden entries | |||
C:\Windows\System32\drivers\etc\hosts |
ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\NXLun.exe.log |
ASCII text, with CRLF line terminators | # |