Engine | Download Report | Detection | Info |
---|---|---|---|
|
malicious
|
||
|
malicious
Score: 100
|
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
|
IP | Country | Detection |
---|---|---|
188.166.28.199 | Netherlands | |
185.233.81.115 | Russian Federation | |
185.7.214.171 | France | |
Click to see the 10 hidden entries | ||
185.186.142.166 | Russian Federation | |
94.142.143.116 | Russian Federation | |
172.67.139.105 | United States | |
86.107.197.138 | Romania | |
8.209.70.0 | Singapore | |
54.38.220.85 | France | |
162.159.133.233 | United States | |
52.101.24.0 | United States | |
144.76.136.153 | Germany | |
81.163.30.181 | Russian Federation |
Name | IP | Detection |
---|---|---|
ipwhois.app | 136.243.172.101 | |
unicupload.top | 54.38.220.85 | |
host-data-coin-11.com | 8.209.70.0 | |
Click to see the 9 hidden entries | ||
patmushta.info | 94.142.143.116 | |
c9d0e790b353537889bd47a364f5acff43c11f248.xyz | 185.112.83.97 | |
cdn.discordapp.com | 162.159.133.233 | |
microsoft-com.mail.protection.outlook.com | 52.101.24.0 | |
goo.su | 172.67.139.105 | |
transfer.sh | 144.76.136.153 | |
api.telegram.org | 149.154.167.220 | |
data-host-coin-8.com | 8.209.70.0 | |
api.ip.sb | 0.0.0.0 |
Name | Detection |
---|---|
http://81.163.30.181/l3.exe | |
http://unicupload.top/install5.exe | |
http://81.163.30.181/l2.exe | |
Click to see the 23 hidden entries | |
http://185.7.214.171:8080/6.php | |
http://data-host-coin-8.com/files/9030_1641816409_7037.exe | |
http://data-host-coin-8.com/files/6961_1642089187_2359.exe | |
http://data-host-coin-8.com/files/7729_1642101604_1835.exe | |
https://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command= | |
https://duckduckgo.com/chrome_newtab | |
http://help.disneyplus.com. | |
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q= | |
https://www.tiktok.com/legal/report | |
https://watson.telemetry.microsoft | |
https://disneyplus.com/legal. | |
http://data-host-coin-8.com/game.exe | |
https://www.disneyplus.com/legal/privacy-policy | |
https://ac.ecosia.org/autocomplete?q= | |
https://www.tiktok.com/legal/report/feedback | |
https://search.yahoo.com/favicon.icohttps://search.yahoo.com/search | |
http://crl.ver) | |
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q= | |
http://host-data-coin-11.com/ | |
https://www.google.com/images/branding/product/ico/googleg_lodp.ico | |
https://duckduckgo.com/ac/?q= | |
https://api.ip.sb/ip | |
https://www.disneyplus.com/legal/your-california-privacy-rights |
Name | File Type | Hashes | Detection |
---|---|---|---|
C:\Users\user\AppData\Local\Temp\A18E.exe |
PE32 executable (GUI) Intel 80386, for MS Windows | # | |
C:\Windows\SysWOW64\jusiylah\lnagngtg.exe (copy) |
PE32 executable (GUI) Intel 80386, for MS Windows | # | |
C:\Users\user\AppData\Roaming\jcewded:Zone.Identifier |
ASCII text, with CRLF line terminators | # | |
Click to see the 21 hidden entries | |||
C:\Users\user\AppData\Roaming\jcewded |
PE32 executable (GUI) Intel 80386, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\lnagngtg.exe |
PE32 executable (GUI) Intel 80386, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\F5CD.exe |
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\F377.exe |
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\EB0E.exe |
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\EA4E.exe |
PE32 executable (GUI) Intel 80386, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\DD90.exe |
PE32 executable (GUI) Intel 80386, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\CB8E.exe |
PE32+ executable (GUI) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\ADE3.exe |
MS-DOS executable | # | |
C:\Users\user\AppData\Local\Temp\9642.exe |
PE32 executable (GUI) Intel 80386, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\8152.exe |
PE32+ executable (GUI) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\5CD1.exe |
PE32 executable (GUI) Intel 80386, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\55A1.exe |
PE32 executable (GUI) Intel 80386, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\4341.exe |
PE32 executable (GUI) Intel 80386, for MS Windows | # | |
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_4341.exe_a0a96da5a23a017df6ab2ee7cdd0a3d6d0621e_0e995d71_1a4c4ae2\Report.wer |
Little-endian UTF-16 Unicode text, with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\F377.exe.log |
ASCII text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WERACB0.tmp.xml |
XML 1.0 document, ASCII text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WERA7FC.tmp.WERInternalMetadata.xml |
XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WER9F31.tmp.dmp |
Mini DuMP crash report, 14 streams, Sat Jan 15 05:29:03 2022, 0x1205a4 type | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WER2E79.tmp.txt |
data | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WER2967.tmp.csv |
data | # |