C.V_Job Request.doc
| Engine | Download Report | Detection | Info |
|---|---|---|---|
|
malicious
|
||
|
malicious
Score: 100
|
System: Windows 7 x64 SP1 with Office 2010 SP1 (IE 11, FF52, Chrome 57, Adobe Reader DC 15, Flash 25.0.0.127, Java 8 Update 121, .NET 4.6.2)
|
|
|
|
clean
0/100
|
| IP | Country | Detection |
|---|---|---|
| 2.56.59.211 | Netherlands |  |
| Name | IP | Detection |
|---|---|---|
| binatonezx.tk | 2.56.59.211 | |
| www.lenovoidc.com | 0.0.0.0 | |
| Name | Detection |
|---|---|
| www.agentpathleurre.space/s18y/ | |
| http://binatonezx.tk/seasonzx.exe | |
| http://www.msn.com/de-de/?ocid=iehp_2P& |  |
| Click to see the 27 hidden entries | |
| http://servername/isapibackend.dll | |
| https://support.mozilla.org | |
| http://www.msn.com/de-de/?ocid=iehpT2P& | |
| http://www.autoitscript.com/autoit3 | |
| http://www.%s.comPA | |
| http://go.microsoft.c | |
| http://computername/printers/printername/.printer | |
| http://www.piriform.com/ccleaner | |
| http://www.msn.com/?ocid=iehp | |
| http://investor.msn.com/ | |
| http://www.piriform.com/ccleanerhttp://www.piriform.com/ccleanerv | |
| http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous. | |
| http://www.windows.com/pctv. | |
| http://www.icra.org/vocabulary/. | |
| http://java.sun.com | |
| http://services.msn.com/svcs/oe/certpage.asp?name=%s&email=%s&&Check | |
| http://www.collada.org/2005/11/COLLADASchema9Done | |
| https://contextual.media.net/checksync.php?&vsSync=1&cs=1&hb=1&cv=37&ndec=1&cid=8HBSKZM1Y&prvid=77%2 | |
| http://treyresearch.net | |
| http://www.hotmail.com/oe | |
| http://windowsmedia.com/redir/services.asp?WMPFriendly=true | |
| https://contextual.media.net/medianet.php?cid=8CUT39MWR&crid=715624197&size=306x271&https=1LMEM | |
| http://www.iis.fhg.de/audioPA | |
| https://contextual.media.net/medianet.php?cid=8CUT39MWR&crid=715624197&size=306x271&https=1 | |
| http://wellformedweb.org/CommentAPI/ | |
| http://www.msnbc.com/news/ticker.txt | |
| http://investor.msn.com | |
| Name | File Type | Hashes | Detection |
|---|---|---|---|
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\seasonzx[1].exe |
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRF{4A35DA17-E94D-4691-827C-120A276E213C}.tmp |
Composite Document File V2 Document, Cannot read section info | # | |
C:\Users\user\AppData\Roaming\seasonhd72463.exe |
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows | # | |
| Click to see the 7 hidden entries | |||
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{7F12DB12-48BF-46DA-B084-D7B910635C9B}.tmp |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{99A74BA1-7084-4250-8A29-E85A11395DDC}.tmp |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{BE99F549-07B9-491A-8DB9-68BEA2AC23A8}.tmp |
data | # | |
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\C.V_Job Request.LNK |
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Mon Aug 30 20:08:58 2021, mtime=Mon Aug 30 20:08:58 2021, atime=Wed Oct 27 22:42:17 2021, length=445393, window=hide | # | |
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\index.dat |
ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Roaming\Microsoft\Templates\~$Normal.dotm |
data | # | |
C:\Users\user\Desktop\~$V_Job Request.doc |
data | # | |
