Engine | Download Report | Detection | Info |
---|---|---|---|
|
malicious
Score: 100
|
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
|
IP | Country | Detection |
---|---|---|
185.228.233.17 | Russian Federation |
Name | IP | Detection |
---|---|---|
gtr.antoinfer.com | 185.228.233.17 | |
app.flashgameo.at | 185.228.233.17 | |
resolver1.opendns.com | 208.67.222.222 |
Name | Detection |
---|---|
http://gtr.antoinfer.com/FXZ4lJvs/pnPhoUboMRVeoTe_2BxFQHV/VrMabiiED1/fjSHMBnhaHvqGkBru/BBTTQ6QwiwG2/i_2B4XLvHY3/zQLJ0W4RRFNlvQ/B3u_2FSgrcZQDj_2BbFWa/Bx8WB7z_2BuLUgre/PCgyAB0W6V5ZAPj/EUhKDrtuQoVEfKF_2F/dcW7lxG1t/oqJkrgpYdakzYVLuFura/45KMjCH_2BPWhKVH2At/F3l8q550AYqbFa84glQVmt/K2gCe0Lr0TKfs/y_2FaOCB/ygw2OjZ6hu69MXjNR4EuLCN/Av5n84Tspg/9rzu_2F5EAjaDhz2A/PQ8PWyfZ/9t_2F | |
http://gtr.antoinfer.com/08OjUeXqnP9/J746P5EGkluNVd/IJ_2B0pRlg5g_2Fpunyf_/2BXLVHvYLaERgrs5/6QTGZHoxYTnKCap/ZPQAuenP_2FyJ6hWxg/pWql_2F5l/kLJRoq5u3UoR4652KiHp/EmofwTCfdG6EODl70rf/KEalVhNFb6NVkmQGTmfz_2/B7kttRIp_2Bne/TjMfdOpf/19l29_2BHFRm1Q66bkvKZWZ/DZZfqXshBY/y14LEgOTtytG3Ix8L/xeX8bRPtnh6u/r2W_2BXkRqN/peDwoZDDU11DTW/WVHbt8_2BPQcYfD7tFwK0/zJnaF28QV4LV_2F7/vA9Gd_2F8SeHe3M/sh52_2Bep9d5h/oiu8Z2yw | |
http://gtr.antoinfer.com/mTRcVo1kR/Y_2FA_2BfssGFqVyATv2/Ha48GIz6nIiYpIeUH4v/_2FG2EmK4VeNaMJVBDrk0J/_2B1TzmrJnGIJ/nya_2F8I/cdZf2M97sVJPBZwkgGorhXf/mRYeY9vLlb/ql65kRpFXqGZwBQer/rXMufQHq_2FU/nIy69w6PhML/8J3AhNFQ4Jy96G/w5vhfh_2BIJ7d9IoLb98y/oKxTbr81HhqnJ1L1/Jh1VS63mbokZ6cg/EiF4xFifMJVfOHV2Q_/2FlZvyJ76/jzog_2BoRPm_2FGOWmRI/FPnBmD_2BoCBmqUOVLw/rpKEm_2F86qO2njAFbe3qJ/1v9sWMzqblkv_/2F_2BDgW007d7/LtA8 | |
Click to see the 13 hidden entries | |
http://gtr.antoinfer.com/DeX5GWZg0Peq/7NgceSVLwb_/2FKBdrhD_2BrPB/8c1uiDVblu0VRxOwf86RB/7RlrJfNAcSl8yK9M/_2BR6tZsQdJK7DQ/0XeQ_2FDLrv1nAxzaB/T3xKAFAr_/2Fp4Ltq73VjaHHoQztD1/x183TFWpQzC6_2F2n_2/FW_2BJ7_2BLURkcNjyg4hv/iERXmjmDxZ_2B/MqlUCL1c/d0YTAfP_2B2t_2FpDPiA4C7/kp7kRE_2BM/6ThuCNdgd0HyvWufQ/x61l_2FymcLS/YGjjC9Byoh4/QKUChdjQOX9Lh8/tWuTsS4vrxaovoeb8MTe0/n0ug3jEb10v8CjXy/4y_2Bffi5hDHF4e/taOpwFWZ_2FIS/gE | |
http://nuget.org/NuGet.exe | |
http://constitution.org/usdeclar.txt | |
http://pesterbdd.com/images/Pester.png | |
http://www.apache.org/licenses/LICENSE-2.0.html | |
https://contoso.com/ | |
https://nuget.org/nuget.exe | |
http://constitution.org/usdeclar.txtC: | |
https://contoso.com/License | |
https://contoso.com/Icon | |
http://https://file://USER.ID%lu.exe/upd | |
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name | |
https://github.com/Pester/Pester |
Name | File Type | Hashes | Detection |
---|---|---|---|
C:\Users\user\AppData\Local\Temp\vbpfsg54\vbpfsg54.0.cs |
UTF-8 Unicode (with BOM) text | # | |
C:\Users\user\AppData\Local\Temp\senxb4p4\senxb4p4.cmdline |
UTF-8 Unicode (with BOM) text, with very long lines, with no line terminators | # | |
C:\Users\user\AppData\Local\Temp\jqkof1ka\jqkof1ka.0.cs |
UTF-8 Unicode (with BOM) text | # | |
Click to see the 28 hidden entries | |||
C:\Users\user\Documents\20210803\PowerShell_transcript.472847.skhGMmiY.20210803202633.txt |
UTF-8 Unicode (with BOM) text, with CRLF line terminators | # | |
C:\Users\user\Documents\20210803\PowerShell_transcript.472847.9H_WKwxk.20210803202644.txt |
UTF-8 Unicode (with BOM) text, with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Temp\vbpfsg54\vbpfsg54.out |
ASCII text, with CRLF, CR line terminators | # | |
C:\Users\user\AppData\Local\Temp\vbpfsg54\vbpfsg54.dll |
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\vbpfsg54\vbpfsg54.cmdline |
UTF-8 Unicode (with BOM) text, with very long lines, with no line terminators | # | |
C:\Users\user\AppData\Local\Temp\vbpfsg54\CSCC3210ABFD4B4742A7EBA7934EB0D0.TMP |
MSVC .res | # | |
C:\Users\user\AppData\Local\Temp\senxb4p4\senxb4p4.out |
ASCII text, with CRLF, CR line terminators | # | |
C:\Users\user\AppData\Local\Temp\senxb4p4\senxb4p4.dll |
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\senxb4p4\senxb4p4.0.cs |
UTF-8 Unicode (with BOM) text | # | |
C:\Users\user\AppData\Local\Temp\senxb4p4\CSCD728609DA3104BA4891CE07457BF77DE.TMP |
MSVC .res | # | |
C:\Users\user\AppData\Local\Temp\jqkof1ka\jqkof1ka.out |
ASCII text, with CRLF, CR line terminators | # | |
C:\Users\user\AppData\Local\Temp\jqkof1ka\jqkof1ka.dll |
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\jqkof1ka\jqkof1ka.cmdline |
UTF-8 Unicode (with BOM) text, with very long lines, with no line terminators | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache |
data | # | |
C:\Users\user\AppData\Local\Temp\jqkof1ka\CSCA3035077FC7544A28C7D2FD8A94650.TMP |
MSVC .res | # | |
C:\Users\user\AppData\Local\Temp\fedhsvoj\fedhsvoj.out |
ASCII text, with CRLF, CR line terminators | # | |
C:\Users\user\AppData\Local\Temp\fedhsvoj\fedhsvoj.dll |
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\fedhsvoj\fedhsvoj.cmdline |
UTF-8 Unicode (with BOM) text, with very long lines, with no line terminators | # | |
C:\Users\user\AppData\Local\Temp\fedhsvoj\fedhsvoj.0.cs |
UTF-8 Unicode (with BOM) text | # | |
C:\Users\user\AppData\Local\Temp\fedhsvoj\CSC2C7CB35724FE4D03B8B83A389D1E5FE.TMP |
MSVC .res | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_xugd3ey5.3ho.psm1 |
very short file (no magic) | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_vb04gpdl.oyg.ps1 |
very short file (no magic) | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_lusmgaxq.saw.psm1 |
very short file (no magic) | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_0w25flno.lby.ps1 |
very short file (no magic) | # | |
C:\Users\user\AppData\Local\Temp\RESE546.tmp |
data | # | |
C:\Users\user\AppData\Local\Temp\RESCE3.tmp |
data | # | |
C:\Users\user\AppData\Local\Temp\RES419.tmp |
data | # | |
C:\Users\user\AppData\Local\Temp\RES278F.tmp |
data | # |