3nkW4MtwSD.rtf
| Engine | Download Report | Detection | Info |
|---|---|---|---|
|
malicious
|
||
|
malicious
Score: 100
|
System: Windows 7 x64 SP1 with Office 2010 SP1 (IE 11, FF52, Chrome 57, Adobe Reader DC 15, Flash 25.0.0.127, Java 8 Update 121, .NET 4.6.2)
|
| IP | Country | Detection |
|---|---|---|
| 198.46.199.153 | United States |  |
| 34.102.136.180 | United States |  |
| Name | IP | Detection |
|---|---|---|
| troddu.com | 162.240.31.112 | |
| www.troddu.com | 0.0.0.0 | |
| www.cuteprofessionalscrubs.com | 0.0.0.0 | |
| Click to see the 3 hidden entries | ||
| www.mountfrenchlodge.net | 0.0.0.0 | |
| cuteprofessionalscrubs.com | 34.102.136.180 | |
| mountfrenchlodge.net | 34.102.136.180 | |
| Name | Detection |
|---|---|
| www.cuteprofessionalscrubs.com/9gr5/ | |
| http://198.46.199.153/70007/vbc.exe | |
| http://computername/printers/printername/.printer | |
| Click to see the 30 hidden entries | |
| http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous. | |
| http://www.piriform.com/ccleanerhttp://www.piriform.com/ccleanerv | |
| http://investor.msn.com/ | |
| http://www.msn.com/?ocid=iehp | |
| http://www.msn.com/de-de/?ocid=iehp | |
| http://www.piriform.com/ccleaner | |
| http://java.sun.com | |
| http://www.%s.comPA | |
| http://www.autoitscript.com/autoit3 | |
| https://contextual.media.net/medianet.php?cid=8CUT39MWR&crid=715624197&size=306x271&https=18(P& | |
| http://www.mountfrenchlodge.net/9gr5/?gvT8Z=xQZabMU8dpACe7vSnuiwD/QS3vczr7oZL8st36+z5QOTIlaedyvl1J6mLYwfvajeV4x6zA==&wrx=KX64Xbs0GT8 | |
| http://www.msn.com/?ocid=iehps | |
| https://support.mozilla.org | |
| http://www.cuteprofessionalscrubs.com/9gr5/?gvT8Z=ywSUfm2fQGK6UvQCK3y+m09HhIkd7Ec2I38ZOQmE/hAglw7BpPTyU9WfPvviQ4VjNkYSbA==&wrx=KX64Xbs0GT8 | |
| http://servername/isapibackend.dll | |
| http://www.icra.org/vocabulary/. | |
| http://services.msn.com/svcs/oe/certpage.asp?name=%s&email=%s&&Check | |
| https://contextual.media.net/checksync.php?&vsSync=1&cs=1&hb=1&cv=37&ndec=1&cid=8HBSKZM1Y&prvid=77%2 | |
| http://treyresearch.net | |
| http://www.hotmail.com/oe | |
| http://windowsmedia.com/redir/services.asp?WMPFriendly=true | |
| https://contextual.media.net/medianet.php?cid=8CUT39MWR&crid=715624197&size=306x271&https=1-220 | |
| https://contextual.media.net/medianet.php?cid=8CUT39MWR&crid=715624197&size=306x271&https=1LMEM | |
| http://www.iis.fhg.de/audioPA | |
| https://contextual.media.net/medianet.php?cid=8CUT39MWR&crid=715624197&size=306x271&https=1 | |
| http://wellformedweb.org/CommentAPI/ | |
| http://www.msnbc.com/news/ticker.txt | |
| http://investor.msn.com | |
| http://www.msn.com/?ocid=iehpg | |
| http://www.windows.com/pctv. | |
| Name | File Type | Hashes | Detection |
|---|---|---|---|
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\vbc[1].exe |
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRF{85338F29-7DEE-45E7-AE54-3AA1C7FBE740}.tmp |
Composite Document File V2 Document, Cannot read section info | # | |
C:\Users\Public\vbc.exe |
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows | # | |
| Click to see the 6 hidden entries | |||
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{105A16FA-9724-40E9-B86D-EF139A6795E6}.tmp |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{B3E201F6-E172-4FB7-8EA2-C5E78A0177C3}.tmp |
data | # | |
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\3nkW4MtwSD.LNK |
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Fri Nov 26 00:24:08 2021, mtime=Fri Nov 26 00:24:08 2021, atime=Fri Nov 26 00:24:12 2021, length=22268, window=hide | # | |
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\index.dat |
ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Roaming\Microsoft\Templates\~$Normal.dotm |
data | # | |
C:\Users\user\Desktop\~$kW4MtwSD.rtf |
data | # | |
