Engine | Download Report | Detection | Info |
---|---|---|---|
|
malicious
|
||
|
malicious
Score: 100
|
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
|
IP | Country | Detection |
---|---|---|
185.157.160.136 | Sweden |
Name | Detection |
---|---|
http://nuget.org/NuGet.exe | |
http://www.vb-helper.com/vba.htm | |
http://pesterbdd.com/images/Pester.png | |
Click to see the 9 hidden entries | |
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name | |
http://www.apache.org/licenses/LICENSE-2.0.html | |
https://github.com/Pester/Pester | |
http://schemas.microsof | |
https://curl.haxx.se/docs/http-cookies.html | |
https://contoso.com/ | |
https://nuget.org/nuget.exe | |
https://contoso.com/License | |
https://contoso.com/Icon |
Name | File Type | Hashes | Detection |
---|---|---|---|
C:\Users\user\AppData\Local:28-09-2021 |
ASCII text, with no line terminators | # | |
C:\Users\user\AppData\Local\Temp\mmybgd.exe |
PE32 executable (GUI) Intel 80386, for MS Windows | # | |
C:\Users\user\AppData\Roaming\bp\bg.exe |
PE32 executable (GUI) Intel 80386, for MS Windows | # | |
Click to see the 6 hidden entries | |||
C:\Users\user\AppData\Roaming\cf\ct.exe |
PE32 executable (GUI) Intel 80386, for MS Windows | # | |
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\RegAsm.exe.log |
ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive |
data | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_wp4lsxaf.jau.ps1 |
very short file (no magic) | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_yyk0woll.01u.psm1 |
very short file (no magic) | # | |
C:\Users\user\Documents\20210928\PowerShell_transcript.088753.vlQ_yutw.20210928072352.txt |
UTF-8 Unicode (with BOM) text, with CRLF line terminators | # |