PO-003785GMHN.exe
| Engine | Download Report | Detection | Info |
|---|---|---|---|
|
malicious
Score: 96
|
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
|
|
|
|
malicious
Score: 100
|
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Run Condition: Run with higher sleep bypass
|
| IP | Country | Detection |
|---|---|---|
| 64.33.128.70 | United States |  |
| Name | IP | Detection |
|---|---|---|
| maxvilletruck.com | 64.33.128.70 | |
| Name | Detection |
|---|---|
| www.serpascarnes.com/8iwd/ |  |
| https://maxvilletruck.com/errorserverlogrelaapirootterminationloggercongurat/Udffvxubuutfiqkrvfkzhnjdxnhxzvn | |
| Name | File Type | Hashes | Detection |
|---|---|---|---|
C:\Users\Public\Libraries\Udffvxu\Udffvxu.exe |
PE32 executable (GUI) Intel 80386, for MS Windows | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WERFBC8.tmp.dmp |
Mini DuMP crash report, 14 streams, Tue Sep 28 01:50:05 2021, 0x1205a4 type | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\Udffvxubuutfiqkrvfkzhnjdxnhxzvn[2] |
data | # | |
| Click to see the 19 hidden entries | |||
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\Udffvxubuutfiqkrvfkzhnjdxnhxzvn[1] |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\Udffvxubuutfiqkrvfkzhnjdxnhxzvn[1] |
data | # | |
C:\Users\Public\nest.bat |
ASCII text, with CRLF line terminators | # | |
C:\Users\Public\nest |
ASCII text, with CRLF line terminators | # | |
C:\Users\Public\UKO.bat |
ASCII text, with CRLF line terminators | # | |
C:\Users\Public\Trast.bat |
ASCII text, with no line terminators | # | |
C:\Users\Public\Libraries\uxvffdU.url |
MS Windows 95 Internet shortcut text (URL=<file:"C:\\Users\\Public\\Libraries\\Udffvxu\\Udffvxu.exe">), ASCII text, with CRLF line terminators | # | |
C:\Users\Public\KDECO.bat |
ASCII text, with no line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_DpiScaling.exe_648f5ab1da1711bb1334cd7344bb484c9114_7e536682_1abe159a\Report.wer |
Little-endian UTF-16 Unicode text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WERDDDD.tmp.xml |
XML 1.0 document, ASCII text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WERD8BC.tmp.WERInternalMetadata.xml |
XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WERD417.tmp.dmp |
Mini DuMP crash report, 14 streams, Tue Sep 28 01:51:00 2021, 0x1205a4 type | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WERBF1A.tmp.xml |
XML 1.0 document, ASCII text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WERB19C.tmp.WERInternalMetadata.xml |
XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WERA806.tmp.dmp |
Mini DuMP crash report, 14 streams, Tue Sep 28 01:50:49 2021, 0x1205a4 type | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WER724.tmp.xml |
XML 1.0 document, ASCII text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WER501.tmp.WERInternalMetadata.xml |
XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_secinit.exe_f56c6123434aae7f359d957692c7683f1aa80c_b4caafd3_1872f6a3\Report.wer |
Little-endian UTF-16 Unicode text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_mobsync.exe_6bcc80c01b68d7a1856c1d36a5714599ce5c4b73_cdf4f12b_0802d9e4\Report.wer |
Little-endian UTF-16 Unicode text, with CRLF line terminators | # | |
