Engine | Download Report | Detection | Info |
---|---|---|---|
|
malicious
|
||
|
malicious
Score: 100
|
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
|
Name | Detection |
---|---|
http://schemas.mic |
Name | File Type | Hashes | Detection |
---|---|---|---|
C:\Users\user\AppData\Local\Temp\Y1C20.tmp |
PE32+ executable (DLL) (console) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\vmqDDCE.tmp |
PE32+ executable (DLL) (console) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Roaming\ThotvT\phoneactivate.exe |
PE32+ executable (GUI) x86-64, for MS Windows | # | |
Click to see the 7 hidden entries | |||
C:\Users\user\AppData\Local\Temp\33sSd.cmd |
ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Temp\V8Ka.cmd |
ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-3853321935-2125563209-4053062332-1002\414045e2d09286d5db2581e0d955d358_d06ed635-68f6-4e9a-955c-4899f5f57b9a |
data | # | |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Conqxrew.lnk |
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Mon Apr 18 13:35:12 2022, mtime=Mon Apr 18 13:35:12 2022, atime=Wed Apr 11 22:34:36 2018, length=107504, window=hide | # | |
C:\Users\user\AppData\Roaming\ThotvT\DUI70.dll (copy) |
PE32+ executable (DLL) (console) x86-64, for MS Windows | # | |
C:\Windows\System32\xs2t3d\SppExtComObj.Exe |
PE32+ executable (GUI) x86-64, for MS Windows | # | |
C:\Windows\system32\xs2t3d\ACTIVEDS.dll (copy) |
PE32+ executable (DLL) (console) x86-64, for MS Windows | # |