Engine | Download Report | Detection | Info |
---|---|---|---|
|
malicious
Score: 100
|
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
|
IP | Country | Detection |
---|---|---|
91.215.85.142 | Russian Federation | |
173.231.16.77 | United States |
Name | IP | Detection |
---|---|---|
api4.ipify.org | 173.231.16.77 | |
api.ipify.org | 0.0.0.0 |
Name | Detection |
---|---|
http://91.215.85.142/QWEwqdsvsf/ap.phpnQ | |
http://91.215.85.142/QWEwqdsvsf/ap.php | |
http://91.215.85.142/QWEwqdsvsf/ap.phpM | |
Click to see the 24 hidden entries | |
http://91.215.85.142/QWEwqdsvsf/ap.phpP | |
http://91.215.85.142/QWEwqdsvsf/ap.phpC: | |
http://91.215.85.142/QWEwqdsvsf/ap.phpE | |
http://91.215.85.142/QWEwqdsvsf/ap.phpx | |
http://91.215.85.142/QWEwqdsvsf/ap.php? | |
http://91.215.85.142/QWEwqdsvsf/ap.phpContent-Type: | |
http://91.215.85.142/QWEwqdsvsf/ap.phpr | |
http://91.215.85.142/RS | |
http://91.215.85.142/ows | |
http://api.ipify.org/N | |
https://login.windows.net/common/oauth2/authorize | |
https://petrol.offi; | |
http://91.215.85.142/QWEwqdsvsf/ap.phpata | |
http://91.215.85.142/QWEwqdsvsf/ap.phpj | |
http://api.ipify.org/ | |
http://91.215.85.142/QWEwqdsvsf/ap.phpf | |
https://d.docs.live.net | |
http://91.215.85.142/QWEwqdsvsf/ap.php_ | |
https://api.pJ; | |
http://91.215.85.142/ | |
http://api.ipify.org | |
http://api.ipify.orgx32x64%s | |
https://login.windows-ppe.net | |
https://www.torproject.org/download/ |
Name | File Type | Hashes | Detection |
---|---|---|---|
C:\Users\user\AppData\Local\Packages\Microsoft.WindowsCalculator_8wekyb3d8bbwe\LocalState\HOW TO BACK FILES.txt |
data | # | |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeSysFnt23.lst |
data | # | |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\IconCacheAcro65536.dat |
data | # | |
Click to see the 35 hidden entries | |||
C:\Users\user\AppData\Local\Microsoft\Office\16.0\WebServiceCache\AllUsers\officeclient.microsoft.com\AA3DCC85-1029-4D9F-A8D2-CD0AE28D4CCD |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Office\16.0\WebServiceCache\AllUsers\officeclient.microsoft.com\D4AAED77-3A86-4390-8A8C-B5376696441B |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Office\16.0\officec2rclient.exe_Rules.xml |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Office\16.0\officeclicktorun.exe_Rules.xml |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Office\16.0\officeclicktorun.exe_Rules\rule230170v1.xml |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Office\16.0\officeclicktorun.exe_Rules\rule230172v1.xml |
data | # | |
C:\Users\user\AppData\Local\Packages\Microsoft.WindowsCalculator_8wekyb3d8bbwe\HOW TO BACK FILES.txt |
data | # | |
C:\Recovery\WindowsRE\Winre.wim |
data | # | |
C:\Users\user\AppData\Local\Packages\Microsoft.WindowsCalculator_8wekyb3d8bbwe\RoamingState\HOW TO BACK FILES.txt |
data | # | |
C:\Users\user\AppData\Local\Packages\Microsoft.WindowsCalculator_8wekyb3d8bbwe\Settings\HOW TO BACK FILES.txt |
data | # | |
C:\Users\user\AppData\Local\Packages\Microsoft.WindowsCalculator_8wekyb3d8bbwe\SystemAppData\HOW TO BACK FILES.txt |
data | # | |
C:\Users\user\AppData\Local\Packages\Microsoft.WindowsCalculator_8wekyb3d8bbwe\TempState\HOW TO BACK FILES.txt |
data | # | |
C:\Users\user\AppData\Local\Packages\Microsoft.WindowsCamera_8wekyb3d8bbwe\AC\INetCache\HOW TO BACK FILES.txt |
data | # | |
C:\Users\user\AppData\Local\Packages\Microsoft.WindowsCamera_8wekyb3d8bbwe\AC\INetCookies\HOW TO BACK FILES.txt |
data | # | |
C:\Users\user\AppData\Local\Packages\Microsoft.WindowsCamera_8wekyb3d8bbwe\AC\INetHistory\HOW TO BACK FILES.txt |
data | # | |
C:\Users\user\AppData\Local\Packages\Microsoft.WindowsCamera_8wekyb3d8bbwe\AC\Temp\HOW TO BACK FILES.txt |
data | # | |
C:\Program Files (x86)\Microsoft Office\root\Office16\sdxs\FA000000051\dist\en-us_web\taskpane.js.map.gz |
data | # | |
C:\EFI\Microsoft\Recovery\BCD |
OpenPGP Public Key | # | |
C:\EFI\Microsoft\Recovery\BCD.LOG |
data | # | |
C:\Program Files (x86)\Microsoft Office\root\Office16\Microsoft.Lync.Model.zip |
COM executable for DOS | # | |
C:\Program Files (x86)\Microsoft Office\root\Office16\Microsoft.Lync.Utilities.Controls.zip |
data | # | |
C:\Program Files (x86)\Microsoft Office\root\Office16\Microsoft.Lync.Utilities.zip |
data | # | |
C:\Program Files (x86)\Microsoft Office\root\Office16\Ocomprivate.zip |
data | # | |
C:\Program Files (x86)\Microsoft Office\root\Office16\sdxs\FA000000051\dist\en-us_web\fabric.js.gz |
data | # | |
C:\Program Files (x86)\Microsoft Office\root\Office16\sdxs\FA000000051\dist\en-us_web\fabric.js.map.gz |
data | # | |
C:\Program Files (x86)\Microsoft Office\root\Office16\sdxs\FA000000051\dist\en-us_web\taskpane.js.gz |
data | # | |
C:\$Recycle.Bin\S-1-5-21-2246122658-3693405117-2476756634-1000\HOW TO BACK FILES.txt |
data | # | |
C:\Program Files (x86)\Microsoft Office\root\Office16\sdxs\FA000000051\dist\en-us_web\taskpanev2.js.gz |
data | # | |
C:\Program Files (x86)\Microsoft Office\root\Office16\sdxs\FA000000051\dist\en-us_web\taskpanev2.js.map.gz |
data | # | |
C:\Program Files (x86)\Microsoft Office\root\Office16\sdxs\FA000000051\dist\en-us_web\vendor.js.gz |
data | # | |
C:\Program Files (x86)\Microsoft Office\root\Office16\sdxs\FA000000051\dist\en-us_web\vendor.js.map.gz |
data | # | |
C:\Program Files (x86)\Microsoft Office\root\Office16\sdxs\FA000000109\dist\taskpane.js.gz |
data | # | |
C:\Program Files (x86)\Microsoft Office\root\Office16\sdxs\FA000000109\dist\taskpane.js.map.gz |
data | # | |
C:\Program Files (x86)\Microsoft Office\root\Office16\sdxs\FA000000109\dist\vendor.js.gz |
data | # | |
C:\Program Files (x86)\Microsoft Office\root\Office16\sdxs\FA000000109\dist\vendor.js.map.gz |
data | # |