Engine | Download Report | Detection | Info |
---|---|---|---|
|
malicious
Score: 100
|
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
|
IP | Country | Detection |
---|---|---|
208.51.62.42 | United States |
Name | IP | Detection |
---|---|---|
purelai.store | 208.51.62.42 | |
www.purelai.store | 0.0.0.0 | |
www.archedbeautynw.com | 192.185.0.218 |
Name | Detection |
---|---|
http://www.purelai.store/p2r0/?U2JXS=kHZbGirW+rtifSnrplUrhxYS41BJcQ1JCeh0wMn6PQuFvfZqsbftW9WXbX4R7rV3sWuJ&cH=-ZeTxXnX | |
www.purelai.store/p2r0/ | |
https://wildcard.hostgator.com/p2r0/?U2JXS=zl7ruCTqPiUCF1L | |
Click to see the 1 hidden entries | |
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name |
Name | File Type | Hashes | Detection |
---|---|---|---|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\QUOTATION.exe.log |
ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Temp\tmp8E88.tmp |
XML 1.0 document, ASCII text | # | |
C:\Users\user\AppData\Roaming\lQdAGavApIJoo.exe |
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows | # | |
Click to see the 5 hidden entries | |||
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive |
data | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_0nyncxzs.h2v.psm1 |
very short file (no magic) | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_oorirpyr.0hv.ps1 |
very short file (no magic) | # | |
C:\Users\user\AppData\Roaming\lQdAGavApIJoo.exe:Zone.Identifier |
ASCII text, with CRLF line terminators | # | |
C:\Users\user\Documents\20211202\PowerShell_transcript.609290.OySUyLIk.20211202195435.txt |
UTF-8 Unicode (with BOM) text, with CRLF line terminators | # |