Engine | Download Report | Detection | Info |
---|---|---|---|
|
malicious
Score: 96
|
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
|
|
|
malicious
Score: 100
|
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Run Condition: Run with higher sleep bypass
|
IP | Country | Detection |
---|---|---|
64.33.128.70 | United States |
Name | IP | Detection |
---|---|---|
maxvilletruck.com | 64.33.128.70 |
Name | Detection |
---|---|
www.serpascarnes.com/8iwd/ | |
https://maxvilletruck.com/errorserverlogrelaapirootterminationloggercongurat/Udffvxubuutfiqkrvfkzhnjdxnhxzvn |
Name | File Type | Hashes | Detection |
---|---|---|---|
C:\Users\Public\Libraries\Udffvxu\Udffvxu.exe |
PE32 executable (GUI) Intel 80386, for MS Windows | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WERFBC8.tmp.dmp |
Mini DuMP crash report, 14 streams, Tue Sep 28 01:50:05 2021, 0x1205a4 type | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\Udffvxubuutfiqkrvfkzhnjdxnhxzvn[2] |
data | # | |
Click to see the 19 hidden entries | |||
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\Udffvxubuutfiqkrvfkzhnjdxnhxzvn[1] |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\Udffvxubuutfiqkrvfkzhnjdxnhxzvn[1] |
data | # | |
C:\Users\Public\nest.bat |
ASCII text, with CRLF line terminators | # | |
C:\Users\Public\nest |
ASCII text, with CRLF line terminators | # | |
C:\Users\Public\UKO.bat |
ASCII text, with CRLF line terminators | # | |
C:\Users\Public\Trast.bat |
ASCII text, with no line terminators | # | |
C:\Users\Public\Libraries\uxvffdU.url |
MS Windows 95 Internet shortcut text (URL=<file:"C:\\Users\\Public\\Libraries\\Udffvxu\\Udffvxu.exe">), ASCII text, with CRLF line terminators | # | |
C:\Users\Public\KDECO.bat |
ASCII text, with no line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_DpiScaling.exe_648f5ab1da1711bb1334cd7344bb484c9114_7e536682_1abe159a\Report.wer |
Little-endian UTF-16 Unicode text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WERDDDD.tmp.xml |
XML 1.0 document, ASCII text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WERD8BC.tmp.WERInternalMetadata.xml |
XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WERD417.tmp.dmp |
Mini DuMP crash report, 14 streams, Tue Sep 28 01:51:00 2021, 0x1205a4 type | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WERBF1A.tmp.xml |
XML 1.0 document, ASCII text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WERB19C.tmp.WERInternalMetadata.xml |
XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WERA806.tmp.dmp |
Mini DuMP crash report, 14 streams, Tue Sep 28 01:50:49 2021, 0x1205a4 type | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WER724.tmp.xml |
XML 1.0 document, ASCII text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WER501.tmp.WERInternalMetadata.xml |
XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_secinit.exe_f56c6123434aae7f359d957692c7683f1aa80c_b4caafd3_1872f6a3\Report.wer |
Little-endian UTF-16 Unicode text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_mobsync.exe_6bcc80c01b68d7a1856c1d36a5714599ce5c4b73_cdf4f12b_0802d9e4\Report.wer |
Little-endian UTF-16 Unicode text, with CRLF line terminators | # |