| Engine | Download Report | Detection | Info |
|---|---|---|---|
|
malicious
|
||
|
malicious
Score: 100
|
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
|
| IP | Country | Detection |
|---|---|---|
| 173.82.82.196 | United States |  |
| 98.142.105.106 | United States | |
| Name | IP | Detection |
|---|---|---|
| jsonsintl.com | 98.142.105.106 | |
| www.jsonsintl.com | 0.0.0.0 | |
| Name | Detection |
|---|---|
| http://ncia.dothome.co.kr/wp-includes/lu7JbjX8XL1KaD/ | |
| http://www.jsonsintl.com | |
| http://digitalkitchen.jp/images/PVn/ | |
| Click to see the 66 hidden entries | |
| https://nakharinitwebhosting.com/HSDYKN1X5GLF/ | |
| http://www.jsonsintl.com/ | |
| https://173.82.82.196:8080/l | |
| http://jsonsintl.com | |
| http://piffl.com/piffl.com/a/ | |
| https://173.82.82.196:8080/temV | |
| http://www.jsonsintl.com4 | |
| http://www.jsonsintl.com/RxsGgoVWz9/4HFi3ZZYtnYgtELgCHnZ/ | |
| https://173.82.82.196/ | |
| https://173.82.82.196:8080/P | |
| https://173.82.82.196:8080/ | |
| https://dev.ditu.live.com/mapcontrol/mapconfiguration.ashx?name=native&v= |  |
| https://support.hotspotshield.com/ | |
| https://github.com/Pester/Pester | |
| https://dev.virtualearth.net/mapcontrol/logging.ashx | |
| https://ecn.dev.virtualearth.net/mapcontrol/mapconfiguration.ashx?name=native&v= | |
| https://dev.virtualearth.net/REST/v1/Locations | |
| https://www.tiktok.com/legal/report/feedback | |
| https://%s.xboxlive.com | |
| https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gd?pv=1&r= | |
| https://contoso.com/Icon | |
| https://dynamic.api.tiles.ditu.live.com/odvs/gdi?pv=1&r= | |
| https://www.disneyplus.com/legal/privacy-policy | |
| https://dev.virtualearth.net/REST/v1/JsonFilter/VenueMaps/data/ | |
| https://dynamic.t | |
| https://dev.virtualearth.net/REST/v1/Routes/Transit | |
| https://disneyplus.com/legal. | |
| https://t0.ssl.ak.tiles.virtualearth.net/tiles/gen | |
| https://dynamic.api.tiles.ditu.live.com/odvs/gdv?pv=1&r= | |
| https://activity.windows.com | |
| http://cmentarz.5v.pl/themes/zalMkTb/ | |
| https://dev.ditu.live.com/REST/v1/Locations | |
| http://help.disneyplus.com. | |
| https://%s.dnet.xboxlive.com | |
| https://dev.ditu.live.com/REST/v1/JsonFilter/VenueMaps/data/ | |
| https://dynamic.api.tiles.ditu.live.com/odvs/gd?pv=1&r= | |
| https://www.hotspotshield.com/terms/ | |
| https://dev.ditu.live.com/REST/v1/Routes/ | |
| https://dev.virtualearth.net/REST/v1/Routes/Driving | |
| https://t0.ssl.ak.dynamic.tiles.virtualearth.net/comp/gen.ashx | |
| https://dev.ditu.live.com/REST/v1/Traffic/Incidents/ | |
| https://t0.tiles.ditu.live.com/tiles/gen | |
| https://contoso.com/License | |
| https://dev.virtualearth.net/REST/v1/Routes/Walking | |
| https://dev.virtualearth.net/mapcontrol/HumanScaleServices/GetBubbles.ashx?n= | |
| https://dev.ditu.live.com/mapcontrol/logging.ashx | |
| https://dev.ditu.live.com/REST/v1/Imagery/Copyright/ | |
| https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gri?pv=1&r= | |
| https://dev.virtualearth.net/REST/v1/Transit/Schedules/ | |
| https://contoso.com/ | |
| https://nuget.org/nuget.exe | |
| https://dev.virtualearth.net/webservices/v1/LoggingService/LoggingService.svc/Log? | |
| https://www.pango.co/privacy | |
| http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name | |
| http://www.bingmapsportal.com | |
| https://ecn.dev.virtualearth.net/REST/v1/Imagery/Copyright/ | |
| https://dynamic.t0.tiles.ditu.live.com/comp/gen.ashx | |
| https://www.disneyplus.com/legal/your-california-privacy-rights | |
| https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gdv?pv=1&r= | |
| http://pesterbdd.com/images/Pester.png | |
| http://www.apache.org/licenses/LICENSE-2.0.html | |
| https://go.micro | |
| https://dev.ditu.live.com/REST/v1/Transit/Stops/ | |
| https://dev.virtualearth.net/REST/v1/Routes/ | |
| https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gdi?pv=1&r= | |
| http://crl.ver) | |
| Name | File Type | Hashes | Detection |
|---|---|---|---|
C:\Users\user\AppData\Local\ZtMIjYx\IKdzfJtQpj.BCP |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
C:\Windows\System32\AHWppkeB\tZBUnLQvw.dll (copy) |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
C:\ProgramData\Microsoft\Network\Downloader\qmgr.db |
Extensible storage engine DataBase, version 0x620, checksum 0x94425ecd, page size 16384, DirtyShutdown, Windows version 10.0 | # | |
| Click to see the 8 hidden entries | |||
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506 |
Microsoft Cabinet archive data, 61480 bytes, 1 file | # | |
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506 |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive |
data | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_skdzzo1y.zp2.ps1 |
very short file (no magic) | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_xsngl2rj.jzl.psm1 |
very short file (no magic) | # | |
C:\Users\user\Documents\20220523\PowerShell_transcript.783875.AWzQimiM.20220523041148.txt |
UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators | # | |
C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp |
ASCII text, with no line terminators | # | |
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\MpCmdRun.log |
Little-endian UTF-16 Unicode text, with CRLF, CR line terminators | # | |
