Engine | Download Report | Detection | Info |
---|---|---|---|
|
malicious
|
||
|
malicious
Score: 100
|
System: Windows 7 x64 SP1 with Office 2010 SP1 (IE 11, FF52, Chrome 57, Adobe Reader DC 15, Flash 25.0.0.127, Java 8 Update 121, .NET 4.6.2)
|
IP | Country | Detection |
---|---|---|
66.29.141.207 | United States | |
107.172.93.32 | United States |
Name | IP | Detection |
---|---|---|
onebztip.club | 66.29.141.207 |
Name | Detection |
---|---|
https://www.konutmarket.com/2022file_iz | |
https://onebztip.club/index.php/x | |
http://107.172.93.32/invoice/dhl_shp.wbk | |
Click to see the 3 hidden entries | |
http://107.172.93.32/309/vbc.exe | |
http://nsis.sf.net/NSIS_ErrorError | |
http://107.172.93.32/invoice/ |
Name | File Type | Hashes | Detection |
---|---|---|---|
C:\Users\Public\vbc.exe |
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNHC0JWC\vbc[1].exe |
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRF{95D87E15-AC65-4DDD-9F50-9A36A5790D0B}.tmp |
Composite Document File V2 Document, Cannot read section info | # | |
Click to see the 23 hidden entries | |||
C:\Users\user\AppData\Local\Temp\nsv7B0.tmp\System.dll |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # | |
C:\Users\user\Desktop\~$-AWE9934.docx |
data | # | |
C:\Users\user\AppData\Roaming\Microsoft\Templates\~$Normal.dotm |
data | # | |
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\x.url |
MS Windows 95 Internet shortcut text (URL=<https://onebztip.club/index.php/x>), ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\invoice on 107.172.93.32.url |
MS Windows 95 Internet shortcut text (URL=<http://107.172.93.32/invoice/>), ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\index.dat |
ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\PO-AWE9934.LNK |
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Mon Aug 30 20:08:58 2021, mtime=Mon Aug 30 20:08:58 2021, atime=Fri Jan 28 18:25:16 2022, length=10338, window=hide | # | |
C:\Users\user\AppData\Local\Temp\{E15EED8A-E489-447C-AA78-2010F2F4B9A5} |
data | # | |
C:\Users\user\AppData\Local\Temp\{CD1AE7DA-2A17-41D2-8189-9C674B582013} |
data | # | |
C:\Users\user\AppData\Local\Temp\sxsstore.dll |
PE32 executable (DLL) (console) Intel 80386, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\secur32.dll |
PE32 executable (DLL) (console) Intel 80386, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\racehorse.dat |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Office\14.0\OfficeFileCache\FSD-CNRY.FSD |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{EB971226-827B-47B0-8F41-C98C9532A108}.tmp |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{C73D7E24-0695-475A-9EE3-0951BA4BA5FE}.tmp |
dBase III DBT, version number 0, next free block index 7536653 | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{AF71696C-9FFE-4094-80B8-5D87621A22A7}.tmp |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\2DCC5A3.wbk |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\dhl_shp[1].wbk |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Office\14.0\OfficeFileCache\LocalCacheFileEditManager\FSF-{0E1EEE64-E8C6-4E2A-9759-63CF07FD8988}.FSF |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Office\14.0\OfficeFileCache\LocalCacheFileEditManager\FSD-{D52C8A6F-38F1-4102-9EE5-ECDCF6278B29}.FSD |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Office\14.0\OfficeFileCache\LocalCacheFileEditManager\FSD-CNRY.FSD |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Office\14.0\OfficeFileCache\FSF-CTBL.FSF |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Office\14.0\OfficeFileCache\FSD-{A7237623-5E03-4814-94FE-7F3CA262EA81}.FSD |
data | # |