Bank TT slip.xlsx
| Engine | Download Report | Detection | Info |
|---|---|---|---|
|
malicious
|
||
|
malicious
Score: 100
|
System: Windows 7 x64 SP1 with Office 2010 SP1 (IE 11, FF52, Chrome 57, Adobe Reader DC 15, Flash 25.0.0.127, Java 8 Update 121, .NET 4.6.2)
|
| IP | Country | Detection |
|---|---|---|
| 172.245.27.27 | United States |  |
| Name | IP | Detection |
|---|---|---|
| api.telegram.org | 149.154.167.220 |  |
| Name | Detection |
|---|---|
| http://172.245.27.27/SOA.exe | |
| Http://172.245.27.27/SOA.exeK | |
| http://172.245.27.27/SOA.exeX | |
| Click to see the 11 hidden entries | |
| http://172.245.27.27/SOA.exehhC: | |
| Http://172.245.27.27/SOA.exej | |
| http://172.245.27.27/SOA.exeB | |
| http://127.0.0.1:HTTP/1.1 | |
| http://DynDns.comDynDNS | |
| https://www.theonionrouter.com/dist.torproject.org/torbrowser/9.5.3/tor-win32-0.4.3.6.zip%tordir%%ha | |
| https://api.telegram.org/bot2134979594:AAFk4QkrlHlt2a-q-EhIoHZBbzxSH0QxiBI/ | |
| https://api.ipify.org%GETMozilla/5.0 | |
| http://bLHfhV.com | |
| https://api.telegram.org/bot2134979594:AAFk4QkrlHlt2a-q-EhIoHZBbzxSH0QxiBI/sendDocumentdocument----- | |
| https://www.theonionrouter.com/dist.torproject.org/torbrowser/9.5.3/tor-win32-0.4.3.6.zip | |
| Name | File Type | Hashes | Detection |
|---|---|---|---|
C:\Windows\System32\drivers\etc\hosts |
ASCII text, with CRLF line terminators | # | |
C:\Users\Public\vbc.exe |
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows | # | |
C:\Users\user\Desktop\~$Bank TT slip.xlsx |
data | # | |
| Click to see the 15 hidden entries | |||
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\SOA[1].exe |
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\DE3E0A16.png |
PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced | # | |
C:\Users\user\AppData\Local\Temp\~DFDAC05FDF80BA3ECF.TMP |
data | # | |
C:\Users\user\AppData\Local\Temp\~DFC691B0AA0E02487B.TMP |
data | # | |
C:\Users\user\AppData\Local\Temp\~DFBAFAEA404D417564.TMP |
CDFV2 Encrypted | # | |
C:\Users\user\AppData\Local\Temp\~DF7445FC000D331A6E.TMP |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\FD51471F.png |
PNG image data, 458 x 211, 8-bit/color RGB, non-interlaced | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\D45E828D.png |
PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\C1A95BC.jpeg |
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 160x160, frames 3 | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\A240C8.png |
PNG image data, 139 x 180, 8-bit colormap, non-interlaced | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\63404123.png |
PNG image data, 413 x 220, 8-bit/color RGBA, non-interlaced | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\317DF694.png |
PNG image data, 413 x 220, 8-bit/color RGBA, non-interlaced | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\3095CF2A.png |
PNG image data, 458 x 211, 8-bit/color RGB, non-interlaced | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\194FA29.jpeg |
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 160x160, frames 3 | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\18D80E7.png |
PNG image data, 139 x 180, 8-bit colormap, non-interlaced | # | |
