file.exe
| Engine | Download Report | Detection | Info |
|---|---|---|---|
|
|
malicious
Score: 92
|
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
|
|
|
|
malicious
Score: 100
|
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Run Condition: Run with higher sleep bypass
|
| IP | Country | Detection |
|---|---|---|
| 193.233.132.57 | Russian Federation |  |
| 34.117.186.192 | United States |  |
| 172.67.75.166 | United States | |
| Name | IP | Detection |
|---|---|---|
| ipinfo.io | 34.117.186.192 | |
| db-ip.com | 172.67.75.166 | |
| fp2e7a.wpc.phicdn.net | 192.229.211.108 | |
| Click to see the 1 hidden entries | ||
| windowsupdatebg.s.llnwi.net | 69.164.46.0 | |
| Name | Detection |
|---|---|
| http://www.tallysolutions.com/0 | |
| https://db-ip.com/demo/home.php?s=191.96.227.194~J | |
| https://t.me/RiseProSUPPORT | |
| Click to see the 51 hidden entries | |
| https://www.tunnelbear.com/terms-of-serviceShttps://www.tunnelbear.com/privacy-policy | |
| https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK2016 | |
| http://crt.sca1b.amazontrust.com/sca1b.crt0 | |
| https://www.ecosia.org/newtab/ | |
| http://www.symauth.com/cps0( | |
| https://ipinfo.io/Mozilla/5.0 | |
| https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-br | |
| https://ac.ecosia.org/autocomplete?q= | |
| https://t.me/risepro_bot | |
| https://github.com/WindowsNotifications/QueryString.NET | |
| https://ipinfo.io/ | |
| http://upx.sf.net | |
| http://www.symauth.com/rpa00 | |
| https://www.maxmind.com/en/locate-my-ip-address | |
| https://openvpn.net | |
| http://www.winimage.com/zLibDll | |
| https://support.mozilla.org | |
| https://www.tunnelbear.com/ | |
| https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK2016Examples | |
| http://www.hardcodet.net/wpf-notifyicon | |
| https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q= | |
| https://github.com/higankanshi/Meta.Vlc | |
| https://github.com/dahall/taskscheduler | |
| https://www.tunnelbear.com/support | |
| https://db-ip.com/demo/home.php?s=191.96.227.194 | |
| https://support.mozilla.org/products/firefoxgro.allizom.troppus.zvXrErQ5GYDF | |
| https://duckduckgo.com/ac/?q= | |
| https://html-agility-pack.net | |
| https://db-ip.com/ | |
| https://www.newtonsoft.com/json | |
| https://api.polargrizzly.com/ | |
| https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command= | |
| https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17 | |
| https://ipinfo.io/widget/demo/191.96.227.194 | |
| https://archive.codeplex.com/?p=dotras | |
| https://github.com/teichgraf/WriteableBitmapEx | |
| https://logging.apache.org/log4net/ | |
| https://ipinfo.io:443/widget/demo/191.96.227.194M | |
| https://duckduckgo.com/chrome_newtab | |
| https://github.com/TunnelBear/obfs4 | |
| https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17Install | |
| https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search | |
| https://github.com/App-vNext/Polly | |
| http://crl.sca1b.amazontrust.com/sca1b.crl0 | |
| https://dnsclient.michaco.net/ | |
| https://www.google.com/images/branding/product/ico/googleg_lodp.ico | |
| http://ocsp.sca1b.amazontrust.com06 | |
| https://github.com/Microsoft/appcenter | |
| https://ipinfo.io/https://www.maxmind.com/en/locate-my-ip-addressWs2_32.dll | |
| https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q= | |
| https://db-ip.com:443/demo/home.php?s=191.96.227.194 | |
| Name | File Type | Hashes | Detection |
|---|---|---|---|
C:\Users\user\AppData\Local\Temp\6Tm7UzVAJXUK91shID4Gsmx.zip |
Zip archive data, at least v2.0 to extract, compression method=deflate | # | |
