Engine | Download Report | Detection | Info |
---|---|---|---|
|
malicious
|
||
|
malicious
Score: 72
|
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
|
IP | Country | Detection |
---|---|---|
162.159.130.233 | United States |
Name | IP | Detection |
---|---|---|
cdn.discordapp.com | 162.159.130.233 |
Name | Detection |
---|---|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/authorizationdecisionzhttp://schemas.xmlsoap.o | |
https://cdn.discordapp.com | |
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/streetaddresszhttp://schemas.xmlsoap.org/ws/20 | |
Click to see the 30 hidden entries | |
https://github.com/Pester/Pester | |
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/postalcoderhttp://schemas.xmlsoap.org/ws/2005/ | |
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/authentication | |
https://cdn.discordapp.com4 | |
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/x500distinguishednamejhttp://schemas.xmlsoap.o | |
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid | |
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/stateorprovince | |
http://www.apache.org/licenses/LICENSE-2.0.html$ | |
http://cdn.discordapp.com | |
https://contoso.com/ | |
https://nuget.org/nuget.exe | |
http://pesterbdd.com/images/Pester.png$ | |
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprintrhttp://schemas.xmlsoap.org/ws/2005/ | |
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name | |
https://watson.telemetry) | |
http://upx.sf.net | |
https://github.com/Pester/Pester$ | |
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/mobilephone | |
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/otherphone | |
https://contoso.com/Icon | |
https://contoso.com/License | |
https://cdn.discordapp.com/attachments/928503440139771947/930108637681184768/Tbopbh.jpg | |
https://go.micro | |
http://www.apache.org/licenses/LICENSE-2.0.html | |
http://crl.microsoft | |
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddressxhttp://schemas.xmlsoap.org/ws/200 | |
http://pesterbdd.com/images/Pester.png | |
http://nuget.org/NuGet.exe | |
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier | |
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/dateofbirthrhttp://schemas.xmlsoap.org/ws/2005 |
Name | File Type | Hashes | Detection |
---|---|---|---|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_stage2.exe_71132b2d46f2be7ca5f7ca27edcda1a773a522_f347d55b_0069b9d6\Report.wer |
Little-endian UTF-16 Unicode text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WER14DB.tmp.dmp |
Mini DuMP crash report, 15 streams, Mon Jan 17 10:25:36 2022, 0x1205a4 type | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WER318C.tmp.WERInternalMetadata.xml |
XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators | # | |
Click to see the 11 hidden entries | |||
C:\ProgramData\Microsoft\Windows\WER\Temp\WER3611.tmp.xml |
XML 1.0 document, ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive |
data | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_3hiw1gde.haw.ps1 |
very short file (no magic) | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_dfyzxky1.kbr.psm1 |
very short file (no magic) | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_kw2ltvwn.ds0.psm1 |
very short file (no magic) | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_z0qgkhds.0yb.ps1 |
very short file (no magic) | # | |
C:\Users\user\Documents\20220117\PowerShell_transcript.082561.7m2ZOLtQ.20220117022409.txt |
UTF-8 Unicode (with BOM) text, with CRLF line terminators | # | |
C:\Users\user\Documents\20220117\PowerShell_transcript.082561.vEnUoizJ.20220117022446.txt |
UTF-8 Unicode (with BOM) text, with CRLF line terminators | # | |
C:\Windows\appcompat\Programs\Amcache.hve |
MS Windows registry file, NT/2000 or above | # | |
C:\Windows\appcompat\Programs\Amcache.hve.LOG1 |
MS Windows registry file, NT/2000 or above | # |