Engine | Download Report | Detection | Info |
---|---|---|---|
|
malicious
|
||
|
malicious
Score: 100
|
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
|
IP | Country | Detection |
---|---|---|
76.8.53.133 | United States | |
51.210.156.152 | France |
Name | IP | Detection |
---|---|---|
exportersglobe.com | 51.210.156.152 | |
mail.exportersglobe.com | 0.0.0.0 | |
x1.i.lencr.org | 0.0.0.0 |
Name | Detection |
---|---|
76.8.53.133 | |
http://FuVaco.com | |
http://www.galapagosdesign.com/DPlease | |
Click to see the 52 hidden entries | |
http://www.fonts.com | |
http://www.sandoll.co.kr | |
http://www.sajatypeworks.coma | |
http://www.urwpp.deDPlease | |
http://www.zhongyicts.com.cn | |
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name | |
http://www.sakkal.com | |
https://api.ipify.org% | |
http://www.carterandcone.comN%CL. | |
http://www.apache.org/licenses/LICENSE-2.0 | |
http://www.fontbureau.com | |
http://x1.i.lencr.org/ | |
http://cps.letsencrypt.org0 | |
http://www.tiro.comt | |
http://www.tiro.como | |
https://www.theonionrouter.com/dist.torproject.org/torbrowser/9.5.3/tor-win32-0.4.3.6.ziphttps://www | |
http://www.carterandcone.coml | |
http://www.fontbureau.com/designers/cabarga.htmlN | |
http://www.founder.com.cn/cn | |
http://www.fontbureau.com/designers/frere-jones.html | |
http://DynDns.comDynDNSnamejidPsi/Psi | |
http://www.jiyu-kobo.co.jp/ | |
http://www.fontbureau.com/designers8 | |
https://api.ipify.org%facebooktwittergmailinstagrammovieskypepornhackwhatsappdiscordemailpassword%st | |
https://github.com/syohex/java-simple-mine-sweeperC: | |
http://r3.i.lencr.org/0 | |
http://www.fontbureau.com/designersG | |
http://www.sajatypeworks.com0 | |
http://www.sajatypeworks.com2 | |
http://www.fontbureau.com/designers/? | |
http://www.founder.com.cn/cn/bThe | |
http://www.fontbureau.com/designers? | |
http://www.tiro.com | |
http://www.fontbureau.com/designers | |
http://www.founder.c | |
http://www.goodfont.co.kr | |
https://gdvnpTNIZqNaaR.net | |
http://www.carterandcone.com | |
https://github.com/syohex/java-simple-mine-sweeper | |
http://127.0.0.1:HTTP/1.1 | |
http://www.carterandcone.coml% | |
http://www.sajatypeworks.com | |
http://www.typography.netD | |
http://www.founder.com.cn/cn/cThe | |
http://www.carterandcone.comsmJ | |
http://www.galapagosdesign.com/staff/dennis.htm | |
http://fontfabrik.com | |
http://www.carterandcone.comr%wL0 | |
http://crl.veris | |
http://x1.c.lencr.org/0 | |
http://x1.i.lencr.org/0 | |
http://r3.o.lencr.org0 |
Name | File Type | Hashes | Detection |
---|---|---|---|
C:\Users\user\AppData\Local\Temp\INVESTORORIGIN.exe |
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows | # | |
C:\Windows\System32\drivers\etc\hosts |
ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Roaming\ZWLqFmhrZsaGO.exe:Zone.Identifier |
ASCII text, with CRLF line terminators | # | |
Click to see the 14 hidden entries | |||
C:\Users\user\AppData\Roaming\ZWLqFmhrZsaGO.exe |
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\tmp8559.tmp |
XML 1.0 document, ASCII text | # | |
C:\Users\user\AppData\Local\Temp\INVESTORORIGN.exe |
PE32 executable (GUI) Intel 80386, for MS Windows | # | |
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\DHL SHIPMENT NOTIFICATION 1146789443.exe.log |
ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive |
data | # | |
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_INVESTORORIGIN.e_77f278dc5a2c1c3935eb52616b8cb594c251e8e_0e345062_1a0b7f2e\Report.wer |
Little-endian UTF-16 Unicode text, with CRLF line terminators | # | |
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\2D85F72862B55C4EADD9E66E06947F3D |
data | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ald43iwi.q5u.ps1 |
very short file (no magic) | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_wqdexkj3.urd.psm1 |
very short file (no magic) | # | |
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\2D85F72862B55C4EADD9E66E06947F3D |
data | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WER6957.tmp.xml |
XML 1.0 document, ASCII text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WER65CB.tmp.WERInternalMetadata.xml |
XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators | # | |
C:\Users\user\Documents\20220514\PowerShell_transcript.760639.TC5_eELU.20220514151113.txt |
UTF-8 Unicode (with BOM) text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WER5763.tmp.dmp |
Mini DuMP crash report, 15 streams, Sat May 14 22:11:57 2022, 0x1205a4 type | # |