Proforma invoice.doc
| Engine | Download Report | Detection | Info |
|---|---|---|---|
|
malicious
Score: 100
|
System: Windows 7 x64 SP1 with Office 2010 SP1 (IE 11, FF52, Chrome 57, Adobe Reader DC 15, Flash 25.0.0.127, Java 8 Update 121, .NET 4.6.2)
|
| IP | Country | Detection |
|---|---|---|
| 185.239.243.112 | Moldova Republic of |  |
| 34.98.99.30 | United States |  |
| Name | IP | Detection |
|---|---|---|
| td-balancer-euw2-6-109.wixdns.net | 35.246.6.109 | |
| fantecheo.tk | 185.239.243.112 | |
| www.urbantennis.info | 0.0.0.0 | |
| Click to see the 3 hidden entries | ||
| www.visionandcourage.com | 0.0.0.0 | |
| www.lazyguysmarketing.com | 0.0.0.0 | |
| lazyguysmarketing.com | 34.98.99.30 | |
| Name | Detection |
|---|---|
| http://fantecheo.tk/ibefrankzx.exe | |
| www.handelsbetriebposavec.com/if60/ | |
| https://contextual.media.net/checksync.php?&vsSync=1&cs=1&hb=1&cv=37&ndec=1&cid=8HBSKZM1Y&prvid=77%2 | |
| Click to see the 28 hidden entries | |
| http://servername/isapibackend.dll | |
| http://www.lazyguysmarketing.com/if60/?L0Gd9F=rhh0xc6OYmH3Bp2G4X501Z0vOdzBEjh/MlQjf2DAfTSCIAGZoC8T5uMa8yxQ1kiGUtDxZg==&fDKt=ndxXaN5XDzkTz | |
| https://support.mozilla.org | |
| http://www.autoitscript.com/autoit3 | |
| http://www.%s.comPA | |
| http://computername/printers/printername/.printer | |
| http://www.piriform.com/ccleaner | |
| http://www.msn.com/de-de/?ocid=iehp | |
| http://investor.msn.com/ | |
| http://www.piriform.com/ccleanerhttp://www.piriform.com/ccleanerv | |
| http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous. | |
| http://www.icra.org/vocabulary/. | |
| http://java.sun.com | |
| http://services.msn.com/svcs/oe/certpage.asp?name=%s&email=%s&&Check | |
| http://www.windows.com/pctv. | |
| http://treyresearch.net | |
| http://www.hotmail.com/oe | |
| http://windowsmedia.com/redir/services.asp?WMPFriendly=true | |
| Http://www.msn.com/de-de/?ocid=iehp | |
| http://www.msn.com/?ocid=iehpLh- | |
| https://contextual.media.net/medianet.php?cid=8CUT39MWR&crid=715624197&size=306x271&https=1LMEM | |
| http://www.msn.com/?ocid=iehp=0 | |
| http://www.iis.fhg.de/audioPA | |
| https://contextual.media.net/medianet.php?cid=8CUT39MWR&crid=715624197&size=306x271&https=1 | |
| http://www.rspb.org.uk/wildlife/birdguide/name/ | |
| http://wellformedweb.org/CommentAPI/ | |
| http://www.msnbc.com/news/ticker.txt | |
| http://investor.msn.com | |
| Name | File Type | Hashes | Detection |
|---|---|---|---|
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\ibefrankzx[1].exe |
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows | # | |
C:\Users\user\AppData\Roaming\ibefrankhq4862.exe |
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{207906E3-995B-4984-95CE-8C9C4EA99CC3}.tmp |
data | # | |
| Click to see the 5 hidden entries | |||
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{D3778CDA-961A-4F4E-A09E-6641E3AF482B}.tmp |
data | # | |
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\Proforma invoice.LNK |
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Mon Aug 30 20:08:54 2021, mtime=Mon Aug 30 20:08:54 2021, atime=Mon Sep 27 20:25:14 2021, length=13744, window=hide | # | |
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\index.dat |
ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Roaming\Microsoft\Templates\~$Normal.dotm |
data | # | |
C:\Users\user\Desktop\~$oforma invoice.doc |
data | # | |
