ASGT(Al Sahoo General Trading) - RFQ.exe
| Engine | Download Report | Detection | Info |
|---|---|---|---|
|
malicious
|
||
|
malicious
Score: 100
|
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
|
| Name | Detection |
|---|---|
| http://www.fontbureau.coma |  |
| http://www.zhongyicts.com.cn | |
| http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name | |
| Click to see the 48 hidden entries | |
| http://www.sakkal.com | |
| http://nuget.org/NuGet.exe | |
| http://www.apache.org/licenses/LICENSE-2.0 | |
| http://www.fontbureau.com | |
| http://pesterbdd.com/images/Pester.png | |
| http://www.apache.org/licenses/LICENSE-2.0.html | |
| https://go.micro | |
| https://contoso.com/Icon | |
| http://crl.sectigo.com/SectigoRSACodeSigningCA.crl0s | |
| http://www.microsoft. | |
| http://www.nirsoft.net/ | |
| https://github.com/Pester/Pester | |
| http://james.newtonking.com/projects/json | |
| http://www.carterandcone.coml | |
| http://crl.sectigo.com/SectigoRSATimeStampingCA.crl0t | |
| http://www.fontbureau.com/designers/cabarga.htmlN | |
| http://www.founder.com.cn/cn | |
| http://www.fontbureau.com/designers/frere-jones.html | |
| http://crt.sectigo.com/SectigoRSATimeStampingCA.crt0# | |
| http://www.jiyu-kobo.co.jp/ | |
| https://www.newtonsoft.com/jsonschema | |
| http://www.fontbureau.com/designers8 | |
| https://www.nuget.org/packages/Newtonsoft.Json.Bson | |
| http://www.typography.netD | |
| http://www.fontbureau.com/designers/? | |
| http://www.founder.com.cn/cn/bThe | |
| http://ocsp.sectigo.com0 | |
| http://www.fontbureau.com/designers? | |
| https://contoso.com/License | |
| http://www.tiro.com | |
| https://www.newtonsoft.com/json | |
| http://www.fontbureau.com/designers | |
| http://www.goodfont.co.kr | |
| http://crt.sectigo.com/SectigoRSACodeSigningCA.crt0# | |
| http://google.com | |
| http://www.sajatypeworks.com | |
| http://www.fontbureau.com/designersG | |
| http://www.founder.com.cn/cn/cThe | |
| http://www.galapagosdesign.com/staff/dennis.htm | |
| http://fontfabrik.com | |
| https://contoso.com/ | |
| https://nuget.org/nuget.exe | |
| https://sectigo.com/CPS0C | |
| https://sectigo.com/CPS0D | |
| http://www.galapagosdesign.com/DPlease | |
| http://www.fonts.com | |
| http://www.sandoll.co.kr | |
| http://www.urwpp.deDPlease | |
| Name | File Type | Hashes | Detection |
|---|---|---|---|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\ASGT(Al Sahoo General Trading) - RFQ.exe.log |
ASCII text, with CRLF line terminators | # |  |
C:\Users\user\AppData\Local\Temp\ASGT(Al Sahoo General Trading) - RFQ.exe |
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\ASGT(Al Sahoo General Trading) - RFQ.exe:Zone.Identifier |
ASCII text, with CRLF line terminators | # | |
| Click to see the 8 hidden entries | |||
C:\Users\user\AppData\Local\Temp\AdvancedRun.exe |
PE32 executable (GUI) Intel 80386, for MS Windows | # | |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\myxpcstart.exe |
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows | # | |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\myxpcstart.exe:Zone.Identifier |
ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive |
data | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_2icawshj.zys.psm1 |
very short file (no magic) | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ufcdmgif.vi3.ps1 |
very short file (no magic) | # | |
C:\Users\user\Documents\20210914\PowerShell_transcript.899552.sqqflWff.20210914133456.txt |
UTF-8 Unicode (with BOM) text, with CRLF line terminators | # | |
