xaj0e933Uv.dll
| Engine | Download Report | Detection | Info |
|---|---|---|---|
|
malicious
|
||
|
malicious
Score: 100
|
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
|
| IP | Country | Detection |
|---|---|---|
| 185.189.151.28 | Switzerland |  |
| Name | IP | Detection |
|---|---|---|
| l-0007.l-dc-msedge.net | 13.107.43.16 | |
| Name | Detection |
|---|---|
| http://185.189.151.28/drew/DI9hOfnq4sis3AGOPt/_2FSN_2BC/vQMmpDQPqFMgJd7cY2BM/bpPiaoMoE2NRqo_2F46/T_2F2moLttcApM2j8JSDhs/WTmAL93U1NjUV/LMXna7GA/0XrWXSOJuSDBIpGqh8yB0Uw/8wBvAy1ROY/CU6_2BgS3mg1oC_2F/fr7BBq_2FOIM/8zgmlDNHCEg/MQH_2B5kPaL7jc/fyWcKgX2hWtfe66c_2BLA/pYfH_2BKPQZE6m8n/dgy8gM_2BVyJKF1/06D2L7PXyZQ5x_2F0m/7pDuXDGuxyU/cHq.jlk | |
| http://185.189.151.28/drew/yaLRzubGjQS/CFxKDeNAAfhLlC/CaygnSUs24bnRCfVOMlKd/kOu58i9k96sMGpEh/2ImNOGSnuowiNkO/ip_2FJtr3_2FyC3y34/NWeB6KDbS/szu4WIEy31uBJrZBRkk7/BA3lZi_2FOvOpDSYS4s/rj2HYxhZ8zs8SSN1QxOHNt/a0noZ7RHbBD3e/0lyarAzU/kswi_2B_2Bji3xmfI9dMO1H/eF7wdYyOYS/J0KjUNI3Yrq9HIDIZ/2ePpl9Tr16LA/Mto8yX4U3i1XH7H/1gu.jlk | |
| http://185.189.151.28/ |  |
| Click to see the 8 hidden entries | |
| http://https://file://USER.ID%lu.exe/upd | |
| http://185.189.151.28/drew/yaLRzubGjQS/CFxKDeNAAfhLlC/CaygnSUs24bnRCfVOMlKd/kOu58i9k96sMGpEh/2ImNOGS | |
| http://crl.osofts/Microt0 | |
| http://185.189.151.28/drew/1WYEBXmiF_2FMnySkI/AGFp1zkHl/1n_2BEbfMMGs7_2FFktP/VnEJxGiu_2BRheq2fuh/m_2 | |
| http://constitution.org/usdeclar.txt | |
| http://crl.micro | |
| http://185.189.151.28/drew/DI9hOfnq4sis3AGOPt/_2FSN_2BC/vQMmpDQPqFMgJd7cY2BM/bpPiaoMoE2NRqo_2F46/T_2 | |
| http://constitution.org/usdeclar.txtC: | |
| Name | File Type | Hashes | Detection |
|---|---|---|---|
C:\Users\user\AppData\Local\Temp\a1gxko15\a1gxko15.cmdline |
UTF-8 Unicode (with BOM) text, with very long lines, with no line terminators | # | |
C:\Users\user\Documents\20220504\PowerShell_transcript.506013.O71O_fmz.20220504162805.txt |
UTF-8 Unicode (with BOM) text, with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Temp\m5pod5s5\m5pod5s5.out |
UTF-8 Unicode (with BOM) text, with very long lines, with CRLF, CR line terminators | # | |
| Click to see the 14 hidden entries | |||
C:\Users\user\AppData\Local\Temp\m5pod5s5\m5pod5s5.dll |
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\m5pod5s5\m5pod5s5.cmdline |
UTF-8 Unicode (with BOM) text, with very long lines, with no line terminators | # | |
C:\Users\user\AppData\Local\Temp\m5pod5s5\m5pod5s5.0.cs |
UTF-8 Unicode (with BOM) text | # | |
C:\Users\user\AppData\Local\Temp\m5pod5s5\CSCDE04DA8616441A6AC3074D39CFFC1D3.TMP |
MSVC .res | # | |
C:\Users\user\AppData\Local\Temp\a1gxko15\a1gxko15.out |
UTF-8 Unicode (with BOM) text, with very long lines, with CRLF, CR line terminators | # | |
C:\Users\user\AppData\Local\Temp\a1gxko15\a1gxko15.dll |
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache |
data | # | |
C:\Users\user\AppData\Local\Temp\a1gxko15\a1gxko15.0.cs |
UTF-8 Unicode (with BOM) text | # | |
C:\Users\user\AppData\Local\Temp\a1gxko15\CSCE08F5B5052974B07835021DDCFF1297.TMP |
MSVC .res | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_jkorezbb.opv.ps1 |
very short file (no magic) | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_dgqpx5l1.q4z.psm1 |
very short file (no magic) | # | |
C:\Users\user\AppData\Local\Temp\RES73F5.tmp |
Intel 80386 COFF object file, not stripped, 3 sections, symbol offset=0x48a, 9 symbols | # | |
C:\Users\user\AppData\Local\Temp\RES5F15.tmp |
Intel 80386 COFF object file, not stripped, 3 sections, symbol offset=0x48a, 9 symbols | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive |
data | # | |
