Engine | Download Report | Detection | Info |
---|---|---|---|
|
malicious
Score: 92
|
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
|
IP | Country | Detection |
---|---|---|
142.250.181.238 | United States | |
142.250.185.129 | United States | |
23.254.131.176 | United States |
Name | IP | Detection |
---|---|---|
graphic-updater.com | 23.254.131.176 | |
drive.google.com | 142.250.181.238 | |
googlehosted.l.googleusercontent.com | 142.250.185.129 | |
Click to see the 1 hidden entries | ||
doc-0k-2o-docs.googleusercontent.com | 0.0.0.0 |
Name | Detection |
---|---|
https://graphic-updater.com/api/attacht.com | |
https://graphic-updater.com/api/req | |
https://graphic-updater.com/api/reqC | |
Click to see the 75 hidden entries | |
https://google.com/ | |
https://graphic-updater.com/api/attach/ | |
https://github.com/Pester/Pester | |
https://csp.withgoogle.com/csp/report-to/gse_l9ocg5Eh | |
https://graphic-updater.comcomV | |
https://doc-0k-2o-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/ot3340k8gdd9p4c62g2sf2iqkmc81t1u/1641917325000/15598710561884722261/*/1W64PQQxrwY3XjBnv_QAeBQu-ePr537eu | |
https://graphic-updater.com/api/req8 | |
https://graphic-updater.com/api/reqm64W% | |
https://graphic-updater.com/api/req7 | |
https://graphic-updater.com/api/req2 | |
https://contoso.com/Icon | |
https://google.com/a | |
https://graphic-updater.com/u | |
https://go.micro | |
http://www.apache.org/licenses/LICENSE-2.0.html | |
http://pesterbdd.com/images/Pester.png | |
http://nuget.org/NuGet.exe | |
https://graphic-updater.com/api/reqT | |
https://graphic-updater.com/api/attachent.com | |
https://graphic-updater.com/api/reqdlli | |
https://graphic-updater.comomH | |
https://graphic-updater.comcom5 | |
https://doc-0k-2o-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/ot3340k8 | |
https://graphic-updater.com/api/reqX | |
https://graphic-updater.com/api/reqV | |
https://graphic-updater.com/api/reqW | |
https://graphic-updater.com/X | |
https://csp.withgoogle.com/csp/report-to/gse_l9ocaq | |
https://graphic-updater.com/Q | |
https://graphic-updater.com/api/reqdll | |
https://graphic-updater.com/api/reqO | |
https://graphic-updater.com/P | |
https://graphic-updater.com/api/reqM | |
https://graphic-updater.com_ | |
https://graphic-updater.com/api/attachtent.com | |
https://graphic-updater.com/api/reqmx | |
https://graphic-updater.com/api/reqo | |
https://graphic-updater.com/api/reqs%qPG | |
https://drive.google.com/uc?id=1W64PQQxrwY3XjBnv_QAeBQu-ePr537eu | |
https://graphic-updater.com/api/attachM&dQ% | |
https://graphic-updater.com/api/requrlencoded | |
https://graphic-updater.com/om | |
https://graphic-updater.com/api/requrlencodedW% | |
https://graphic-updater.com/api/requ | |
https://graphic-updater.com/e6 | |
https://contoso.com/License | |
https://graphic-updater.com/comD | |
https://graphic-updater.com/5 | |
https://graphic-updater.comB | |
https://graphic-updater.com/api/reqm | |
https://graphic-updater.com/api/reqj | |
https://graphic-updater.com/m6 | |
https://doc-0k-2o-docs.googleusercontent.com/ | |
https://graphic-updater.com/api/reqd | |
https://graphic-updater.com/api/reqb | |
https://graphic-updater.com | |
https://contoso.com/ | |
https://graphic-updater.com/omX | |
https://grc-0k-2o-docs.googleusercontent.com/%%doc-0k-2o-docs.googleusercontent.com | |
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name | |
http://crl.micr | |
https://drive.google.com/uc?id=1W64PQQxrwY3XjBnv_QAeBQu-ePr537eumgr32.dll | |
https://graphic-updater.com/ll | |
https://graphic-updater.com/api/reqch | |
https://graphic-updater.com/api/attachn5 | |
https://nuget.org/nuget.exe | |
https://graphic-updater.com/api/attach | |
http://crl.microsoft.co | |
https://drive.google.com/ | |
https://graphic-updater.com/api/reqmv1 | |
https://graphic-updater.com/om6 | |
https://graphic-updater.com/C | |
https://graphic-updater.com/api/requrlencodedz%hPF | |
https://graphic-updater.com/api/reqmj | |
https://graphic-updater.com/ |
Name | File Type | Hashes | Detection |
---|---|---|---|
C:\ProgramData\SystemData\igfxCUIService.exe:Zone.Identifier |
ASCII text, with CRLF line terminators | # | |
C:\ProgramData\SystemData\igfxCUIService.exe |
PE32 executable (GUI) Intel 80386, for MS Windows | # | |
C:\ProgramData\SystemData\tempu.txt |
ASCII text, with CRLF line terminators | # | |
Click to see the 18 hidden entries | |||
C:\Users\user\Documents\20220111\PowerShell_transcript.216554.xGYTF23B.20220111170730.txt |
UTF-8 Unicode (with BOM) text, with CRLF line terminators | # | |
C:\Users\user\Documents\20220111\PowerShell_transcript.216554.b7XBSQRk.20220111170801.txt |
UTF-8 Unicode (with BOM) text, with CRLF line terminators | # | |
C:\Users\user\Documents\20220111\PowerShell_transcript.216554.4pmPLteW.20220111170842.txt |
UTF-8 Unicode (with BOM) text, with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_mnb3nmgl.fjp.ps1 |
very short file (no magic) | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ijgefb2u.3np.psm1 |
very short file (no magic) | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_hvbtqswx.dh0.psm1 |
very short file (no magic) | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_btj2vhwe.osx.ps1 |
very short file (no magic) | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_bil51lnr.xyu.ps1 |
very short file (no magic) | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_0cfw3gdv.gvv.psm1 |
very short file (no magic) | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache |
data | # | |
C:\ProgramData\SystemData\temps2.txt |
ASCII text, with CRLF line terminators | # | |
C:\ProgramData\SystemData\temps1.txt |
ASCII text, with CRLF line terminators | # | |
C:\ProgramData\SystemData\tempo2.txt |
ASCII text, with CRLF line terminators | # | |
C:\ProgramData\SystemData\tempo1.txt |
Little-endian UTF-16 Unicode text, with CRLF, CR line terminators | # | |
C:\ProgramData\SystemData\tempi2.txt |
ASCII text, with CRLF line terminators | # | |
C:\ProgramData\SystemData\tempi1.txt |
Little-endian UTF-16 Unicode text, with CRLF, CR line terminators | # | |
C:\ProgramData\SystemData\microsoft_Windows.dll |
ASCII text, with no line terminators | # |