DHLExpress.xlsx
| Engine | Download Report | Detection | Info |
|---|---|---|---|
|
malicious
|
||
|
malicious
Score: 100
|
System: Windows 7 x64 SP1 with Office 2010 SP1 (IE 11, FF52, Chrome 57, Adobe Reader DC 15, Flash 25.0.0.127, Java 8 Update 121, .NET 4.6.2)
|
| IP | Country | Detection |
|---|---|---|
| 172.67.178.13 | United States |  |
| 156.67.74.112 | United States | |
| 3.64.163.50 | United States | |
| Click to see the 3 hidden entries | ||
| 172.67.207.77 | United States | |
| 103.167.92.57 | unknown | |
| 34.102.136.180 | United States |  |
| Name | IP | Detection |
|---|---|---|
| lauraimoveis.com | 156.67.74.112 | |
| www.chiplorain.com | 3.64.163.50 | |
| www.louisesshop.com | 172.67.207.77 | |
| Click to see the 6 hidden entries | ||
| www.atlantahousingsolutions.com | 172.67.178.13 | |
| www.heigray.xyz | 0.0.0.0 | |
| www.searakloset.com | 0.0.0.0 | |
| www.lauraimoveis.com | 0.0.0.0 | |
| heigray.xyz | 34.102.136.180 | |
| searakloset.com | 34.102.136.180 | |
| Name | Detection |
|---|---|
| http://103.167.92.57/winos11pro/vbc.exe | |
| www.searakloset.com/bc93/ | |
| http://www.chiplorain.com/bc93/?DD=h0Dd6TfP&5jMx_fYX=m45wz0yJH0eU0AdWNIhpnj7O98T4qieiIfcSO4QQLTkRI2A85Oo6eqE9guaDClHK+tDn+A== | |
| Click to see the 26 hidden entries | |
| http://www.atlantahousingsolutions.com/bc93/?5jMx_fYX=NJ8vjIFYwVF+K1Zn/AGorNaFwyaz0G/XgrC+2klBX/IapeezUPO8bi3RGsgrxJXS1LqH5g==&DD=h0Dd6TfP | |
| http://www.louisesshop.com/bc93/?DD=h0Dd6TfP&5jMx_fYX=Dtwu72sJ/YpTMebBbpFICpD7OPufwyJSP0x6RFU6mEZA3uDfPjbVMUZhI3MTljxZrpV9GA== | |
| http://www.lauraimoveis.com/bc93/?DD=h0Dd6TfP&5jMx_fYX=45pLxo9kavwG0b6/ageG5KZoyEg3RdGQG9PSgAgmCz2Hqkg+0QkW1XX316CwBWlYmM0BuA== | |
| http://nsis.sf.net/NSIS_Error | |
| http://www.icra.org/vocabulary/. | |
| http://www.piriform.com/ccleanerhttp://www.piriform.com/ccleanerv | |
| http://www.heigray.xyz/bc93/?5jMx_fYX=LW5horzSF3uc1GWuNtjePQyf7tqmMuH+apCXxYGRs9OB+DuQ+Cegeibn8pPPEnsybp118Q==&DD=h0Dd6TfP | |
| http://www.piriform.com/ccleaner | |
| http://computername/printers/printername/.printer | |
| http://www.%s.comPA | |
| http://www.autoitscript.com/autoit3 | |
| https://support.mozilla.org | |
| http://www.piriform.com/ccleanerv | |
| http://servername/isapibackend.dll | |
| http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous. | |
| http://www.piriform.com/c | |
| http://www.windows.com/pctv. | |
| http://java.sun.com | |
| http://services.msn.com/svcs/oe/certpage.asp?name=%s&email=%s&&Check | |
| http://treyresearch.net | |
| http://www.hotmail.com/oe | |
| http://windowsmedia.com/redir/services.asp?WMPFriendly=true | |
| http://nsis.sf.net/NSIS_ErrorError | |
| http://www.searakloset.com/bc93/?5jMx_fYX=/0p52NrLw6/lfqJ/6i2KRqaclY9EGZAkl3iVYOjyKH0fSpE9MHsWsCd4MfgGNBa7PLwApw==&DD=h0Dd6TfP | |
| http://www.iis.fhg.de/audioPA | |
| http://wellformedweb.org/CommentAPI/ | |
| Name | File Type | Hashes | Detection |
|---|---|---|---|
C:\Users\Public\vbc.exe |
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive | # | |
C:\Users\user\Desktop\~$DHLExpress.xlsx |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\vbc[1].exe |
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive | # | |
| Click to see the 19 hidden entries | |||
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\AFEA009A.png |
PNG image data, 458 x 211, 8-bit/color RGB, non-interlaced | # | |
C:\Users\user\AppData\Local\Temp\~DFFD99C5C606B2616A.TMP |
data | # | |
C:\Users\user\AppData\Local\Temp\~DFE36B8A4AA29EFAFC.TMP |
data | # | |
C:\Users\user\AppData\Local\Temp\~DFE331969069BCDF1E.TMP |
CDFV2 Encrypted | # | |
C:\Users\user\AppData\Local\Temp\~DF7B5C07060C74ADB0.TMP |
data | # | |
C:\Users\user\AppData\Local\Temp\nsuBDB6.tmp\vdobpgi.dll |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\nsuBDB5.tmp |
data | # | |
C:\Users\user\AppData\Local\Temp\k1qxhyjx69ne |
data | # | |
C:\Users\user\AppData\Local\Temp\jtaloweyv |
PGP\011Secret Sub-key - | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\AADABCCF.png |
PNG image data, 458 x 211, 8-bit/color RGB, non-interlaced | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\6C08BD32.png |
PNG image data, 135 x 175, 8-bit colormap, non-interlaced | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\64631AC.emf |
Windows Enhanced Metafile (EMF) image data version 0x10000 | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\4CA26EB5.png |
PNG image data, 139 x 180, 8-bit colormap, non-interlaced | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\448D1084.png |
PNG image data, 413 x 220, 8-bit/color RGBA, non-interlaced | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\437A1A86.jpeg |
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 160x160, frames 3 | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\3A2963D3.png |
PNG image data, 413 x 220, 8-bit/color RGBA, non-interlaced | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\317B23B8.png |
PNG image data, 139 x 180, 8-bit colormap, non-interlaced | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\23270DBD.jpeg |
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 160x160, frames 3 | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\10742059.png |
PNG image data, 135 x 175, 8-bit colormap, non-interlaced | # | |
