Engine | Download Report | Detection | Info |
---|---|---|---|
|
malicious
Score: 100
|
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
|
IP | Country | Detection |
---|---|---|
81.161.229.9 | Germany | |
193.42.32.61 | Germany |
Name | IP | Detection |
---|---|---|
orifak.ydns.eu | 193.42.32.61 | |
wsvdyhrgebwhevawe.ydns.eu | 81.161.229.9 | |
tornado.ydns.eu | 193.42.32.61 |
Name | Detection |
---|---|
http://wsvdyhrgebwhevawe.ydns.eu/goofeeewsvd/FnvtdhenapsDLL | |
http://wsvdyhrgebwhevawe.ydns.eu/goofeeewsvd/Fnvtdhenaps | |
http://wsvdyhrgebwhevawe.ydns.eu/ | |
Click to see the 9 hidden entries | |
http://wsvdyhrgebwhevawe.ydns.eu/goofeeewsvd/Fnvtdhenapsll&= | |
http://wsvdyhrgebwhevawe.ydns.eu/goofeeewsvd/Fnvtdhenapsf | |
http://wsvdyhrgebwhevawe.ydns.eu/goofeeewsvd/FnvtdhenapsDLLq/ | |
tornado.ydns.eu | |
http://geoplugin.net/json.gp | |
http://://t.exet.exen | |
http://://t.exet.exe | |
http://geoplugin.net/json.gp/C | |
http://www.pmail.com |
Name | File Type | Hashes | Detection |
---|---|---|---|
C:\ProgramData\remcos\logs.dat |
data | # | |
C:\Users\Public\Libraries\Fnvtdhen.PIF |
PE32 executable (GUI) Intel 80386, for MS Windows | # | |
C:\Users\Public\Fnvtdhen.url |
MS Windows 95 Internet shortcut text (URL=<file:"C:\\Users\\Public\\Libraries\\Fnvtdhen.PIF">), ASCII text, with CRLF line terminators | # |