Engine | Download Report | Detection | Info |
---|---|---|---|
|
malicious
Score: 88
|
System: Windows 7 x64 SP1 with Office 2010 SP1 (IE 11, FF52, Chrome 57, Adobe Reader DC 15, Flash 25.0.0.127, Java 8 Update 121, .NET 4.6.2)
|
|
|
malicious
Score: 88
|
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Run Condition: Potential for more IOCs and behavior
|
IP | Country | Detection |
---|---|---|
51.15.56.22 | France |
Name | IP | Detection |
---|---|---|
gupta-foods.xyz | 51.15.56.22 | |
gupta-airways.icu | 51.15.56.22 | |
gupta-technologies.sbs | 51.15.56.22 |
Name | Detection |
---|---|
http://services.msn.com/svcs/oe/certpage.asp?name=%s&email=%s&&Check | |
http://www.windows.com/pctv. | |
http://investor.msn.com | |
Click to see the 8 hidden entries | |
http://www.msnbc.com/news/ticker.txt | |
http://www.%s.comPA | |
http://www.icra.org/vocabulary/. | |
http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous. | |
http://windowsmedia.com/redir/services.asp?WMPFriendly=true | |
http://www.hotmail.com/oe | |
http://servername/isapibackend.dll | |
http://investor.msn.com/ |
Name | File Type | Hashes | Detection |
---|---|---|---|
C:\Users\user\Desktop\sample2.xls.xls |
Composite Document File V2 Document, Little Endian, Os: MacOS, Version 6.11, Code page: -535, Last Saved By: Microsoft Office User, Name of Creating Application: Microsoft Macintosh Excel, Create Time/Date: Fri Jun 5 19:19:34 2015, Last Saved Time/Da (…) | # | |
C:\Users\user\AppData\Local\Temp\7D1C.tmp |
Composite Document File V2 Document, Cannot read section info | # | |
C:\Users\user\AppData\Local\Temp\~DF30EC3661E732423E.TMP |
data | # | |
Click to see the 1 hidden entries | |||
C:\Users\user\AppData\Local\Temp\~DF6FA4235239FD3AE0.TMP |
data | # |