Engine | Download Report | Detection | Info |
---|---|---|---|
|
malicious
Score: 64
|
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
|
|
|
malicious
Score: 64
|
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Run Condition: Run with higher sleep bypass
|
Name | IP | Detection |
---|---|---|
onedrive.live.com | 0.0.0.0 | |
clientconfig.passport.net | 0.0.0.0 |
Name | Detection |
---|---|
https://logincdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_OjveJe7WDNHIjSCucBEfkA2.js | |
https://github.com/login/oauth/authorize?response_type=code&client_id=e37ffdec11c0245cb2e0&scope=rea | |
https://logincdn.msauth.net/16.000/Converged_v21033__M8MTZS7Nv0I1zR18wd | |
Click to see the 35 hidden entries | |
https://onedrive.live.com/preload?view=Folders.All&id=250206&mkt=EN-US | |
https://p.sfx.ms/login/v1/head | |
https://logincdn.msauth.net/16.000.29174.3/images/Windows_Live_v_thumb.jpg | |
https://logincdn.msauth.net/shared/1.0/content/js/Conver | |
https://account.live.com/username/recover?wreply=https://login.live.c | |
https://lgincdnvzeuno.B | |
https://onedrive.live.com/download?cid=1B877C3EDE919037&resid=1B | |
https://github.com/login/oauth/authorize?response_type=code&client_i | |
https://logincdn.msauth.net | |
https://onedrive.live.com/9 | |
https://onedrive.live.coTR | |
https://onedrive.live.com/nW | |
https://github.com/logi | |
https://logincdn.msauth.net/shared/1.0/ | |
https://account.live.com/ChangePassword?uaid=dc8fa6b4c18946c2b26a42c526ae2a5f | |
https://account.live.com/query.aspx?uaid=dc8fa6b4c18946c2b26a42c526ae2a5f&mkt=EN-US&lc=1033&id=25020 | |
https://login.l | |
https://acctcdn.msftauth.net/ | |
https://login.mic | |
https://logincdn.msauth.net/16.000/Converged_v21033__M8MTZS7Nv0I1zR18wdR-g2.css | |
https://logincdn.msauth.net/16.000/content/js/ConvergedLoginPaginatedStrings.en_3ParxANZ-MNmIfU_UoPk | |
https://acctcdn.msauth.net | |
https://logincdn.msauth.net/16.000.29174.3/images/f | |
https://account.liv | |
https://onedrive.live.com/download?cid=1B877C3EDE919037&resid=1B877C3EDE919037%21441&authkey=AMAxN3s | |
https://lgincdnvzeuno.BB | |
https://lgincdnmsftuswe2.azureed | |
https://logincdn.msauth.net/16.000.29174.3/images/favicon.ico | |
https://p.sfx.ms/login/v1/header.html?id=250206&mkt=EN-US&cbcxt=sky | |
https://onedrive.live.com/ | |
https://onedrive.live.com/download%3fcid%3d1B877C3EDE919037%26resid%3d1B877C3EDE919037%2521441%26aut | |
https://sc.imp.live.com/content/dam/imp/surfaces/mail_signin/v3/sky/EN-US.html?id=250206&mkt=EN-US&c | |
https://logincdn.msauth.net/ | |
https://account.live.com/security/LoginStage.aspx?lmif=1000&ru | |
https://acctcdn.msauth.net/ |
Name | File Type | Hashes | Detection |
---|---|---|---|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_Auftragsbest#U00_e3b95c6b267aed71e39879d4727ca63bf4c9e8_fd6e1fa4_1b86a4fb\Report.wer |
Little-endian UTF-16 Unicode text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WER76A8.tmp.dmp |
Mini DuMP crash report, 14 streams, Tue Sep 28 02:28:54 2021, 0x1205a4 type | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WER83F7.tmp.WERInternalMetadata.xml |
XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators | # | |
Click to see the 1 hidden entries | |||
C:\ProgramData\Microsoft\Windows\WER\Temp\WER8FDF.tmp.xml |
XML 1.0 document, ASCII text, with CRLF line terminators | # |