yZcecBUXN7.exe
| Engine | Download Report | Detection | Info |
|---|---|---|---|
|
malicious
|
||
|
malicious
Score: 100
|
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
|
| IP | Country | Detection |
|---|---|---|
| 203.161.50.127 | Malaysia |  |
| 195.24.68.5 | Russian Federation | |
| 153.92.8.41 | Germany | |
| Click to see the 9 hidden entries | ||
| 101.99.93.157 | Malaysia | |
| 188.116.38.155 | Poland | |
| 148.251.36.121 | Germany | |
| 119.18.54.116 | India | |
| 108.186.8.158 | United States | |
| 192.250.235.36 | United States | |
| 91.195.240.19 | Germany | |
| 194.58.112.173 | Russian Federation | |
| 216.40.34.41 | Canada | |
| Name | IP | Detection |
|---|---|---|
| www.vaesen.net | 0.0.0.0 |  |
| www.vavada-band.ru | 0.0.0.0 | |
| www.yamiyasheec.online | 0.0.0.0 | |
| Click to see the 18 hidden entries | ||
| www.cluird.cloud | 0.0.0.0 | |
| www.dk48.lol | 0.0.0.0 | |
| www.dainikmirpur.com | 0.0.0.0 | |
| www.bnbuotqakx.shop | 0.0.0.0 | |
| www.cucuzeus88.store | 0.0.0.0 | |
| www.applesolve.com | 0.0.0.0 | |
| www.whirledairlines.com | 216.40.34.41 | |
| yamiyasheec.online | 119.18.54.116 | |
| vavada-band.ru | 148.251.36.121 | |
| dainikmirpur.com | 192.250.235.36 | |
| www.xxaiai.top | 108.186.8.158 | |
| bnbuotqakx.shop | 101.99.93.157 | |
| www.bettaroom.ru | 194.58.112.173 | |
| parkingpage.namecheap.com | 91.195.240.19 | |
| applesolve.com | 188.116.38.155 | |
| www.dhleba51.ru | 195.24.68.5 | |
| www.quantummquest.top | 203.161.50.127 | |
| cucuzeus88.store | 153.92.8.41 | |
| Name | Detection |
|---|---|
| http://www.yamiyasheec.online/0hhg/ | |
| http://www.bnbuotqakx.shop/0hhg/ | |
| http://www.whirledairlines.com/0hhg/?nNWXI=ybhXiHipjHJ&ABqDW6A8=OATZzJPiUUGU3mpjZciWUPZeXbT2MJCMteYhXkaeth47OgAuOtH7Ax1R5cSUzc8K7tJsdCLV7T20xyzul8wSbYrVofQNfqyssPuErqT1NUPeqaem3KrcSI4= | |
| Click to see the 53 hidden entries | |
| http://applesolve.com/0hhg/?ABqDW6A8=vkFwZ006WdHbpHCmjjBOYDeoX | |
| https://www.hover.com/transfer_in?source=parked | |
| https://www.hover.com/renew?source=parked | |
| https://www.cucuzeus88.store/0hhg/?nNWXI=ybhXiHipjHJ&ABqDW6A8=nRUqMZh05AeT5XBXy6tvbUigcs6hc4rC | |
| http://www.quantummquest.top/0hhg/ | |
| http://www.quantummquest.top/0hhg/?ABqDW6A8=nDs+4sFgmC14rZAzdMtU+fOluyCTVoLAn9AW6ezlSd5l//pRDkDNUYKtMPmQp3hOJuHIoac+nQZfVGszaQStOPCeLqTfiXL51+ke6KS/qQDP30/ytVZd2Oc=&nNWXI=ybhXiHipjHJ | |
| https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q= | |
| https://zz.bdstatic.com/linksubmit/push.js | |
| http://www.dainikmirpur.com/0hhg/ | |
| https://www.nic.ru/catalog/hosting/dedicated/ | |
| https://www.ecosia.org/newtab/ | |
| https://twitter.com/hover | |
| http://www.dhleba51.ru/0hhg/ | |
| http://www.xxaiai.top/0hhg/ | |
| http://www.dainikmirpur.com/0hhg/?ABqDW6A8=3wBFJopWm5CMrZiTyKtS+1p+7hjS88lkxUD6z9EbhjEDI4ONso69BWfj9WDOW8yAnPP5dxxY4Y59DXJqqTyKGc0G8sgHpv85TbqwFJKqhW0zFRgOzIl1BwU=&nNWXI=ybhXiHipjHJ | |
| https://ac.ecosia.org/autocomplete?q= | |
| https://www.nic.ru/catalog/hosting/vds-vps/ | |
| https://www.hover.com/tos?source=parked | |
| http://www.vavada-band.ru/0hhg/?nNWXI=ybhXiHipjHJ&ABqDW6A8=ZgUGIv2SFtjYSXZ+sPWjrnmi9x4JTSAxK/4wkC6FqAYJ2g+qpBbYR3pK2HW+0dFnzG0fITqUvE2Gc/Yp1eE4tJw0C8fQ5yYHj2xbYtSMWmtqetVE9PQCI40= | |
| http://www.bnbuotqakx.shop | |
| https://www.nic.ru/catalog/hosting/ | |
| http://www.bettaroom.ru/0hhg/ | |
| http://www.cucuzeus88.store/0hhg/ | |
| https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q= | |
| https://www.hover.com/?source=parked | |
| http://www.applesolve.com/0hhg/?ABqDW6A8=vkFwZ006WdHbpHCmjjBOYDeoX+Rn6aHsZLnu3NGBe2VBUm0fUZsnu3sABaHfjqCa4r+GKRPsyPs5e5gNT6h7MvS/nYKUeSlb7fRS9PCej43uXu++wSLzang=&nNWXI=ybhXiHipjHJ | |
| https://duckduckgo.com/ac/?q= | |
| https://www.instagram.com/hover_domains | |
| https://www.nic.ru/catalog/ssl/ | |
| http://www.whirledairlines.com/0hhg/ | |
| http://www.yamiyasheec.online/0hhg/?nNWXI=ybhXiHipjHJ&ABqDW6A8=XN/uN6nMvrGkpcBz+Thv1jYaxJtcZ3guzCEwk+wO1IePrLEfQ2dONhxJJ5MfI8SrhyY28ykjUI4nvFFhDsPQuo7fansGo7O9hSpOWy12njMGsYSDFVmwrLg= | |
| https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command= | |
| https://www.nic.ru/ | |
| http://push.zhanzhang.baidu.com/push.js | |
| https://www.hover.com/email?source=parked | |
| https://www.hover.com/about?source=parked | |
| http://www.dhleba51.ru/0hhg/?nNWXI=ybhXiHipjHJ&ABqDW6A8=bCD+TBjy8MosL0R8cjbFvxriDyPYhKFZsDVB2lzqkrb80jeseZ1xwY0K4Gv6crRSCTRNIEUsU3Jqelj2oHAe6QPTv8GQpjovQK3uiYXh6MxwvjeFy3ewRNM= | |
| https://www.nic.ru/catalog/domains/ | |
| https://www.nic.ru/help/oshibka-404_8500.html | |
| https://duckduckgo.com/chrome_newtab | |
| https://www.hover.com/domains/results | |
| https://www.nic.ru/catalog/hosting/shared/ | |
| http://www.applesolve.com/0hhg/ | |
| https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search | |
| http://www.dk48.lol/0hhg/ | |
| https://cdnjs.cloudflare.com/ajax/libs/normalize/5.0.0/normalize.min.css | |
| http://www.dk48.lol/0hhg/?nNWXI=ybhXiHipjHJ&ABqDW6A8=Np3vqe/1Cu/OQ51upJR8Qsht1t6ybRV+pU7NEwPzo+CdnJXCrwJJ0q4TeA3yrjOGKQp+qts/DZNdYR5Nz+PtVR15bhmDHV5jmEZsuo4OBXvm+mP+YyhGbOc= | |
| https://www.hover.com/tools?source=parked | |
| https://help.hover.com/home?source=parked | |
| http://www.xxaiai.top/0hhg/?nNWXI=ybhXiHipjHJ&ABqDW6A8=4PSEdCTPIXdKXl7uh+LsBTwAtAbEEDmKYAJsxyVVq9bdmcYGjB9JHSE/ykX4VkYbcxwnxSFcyayelsVtdhVYibhKvsL7bWoBJw77jiRnpeIfkNF5+PYwYCo= | |
| https://yastatic.net/pcode/adfox/loader.js | |
| https://www.hover.com/domain_pricing?source=parked | |
| https://www.hover.com/privacy?source=parked | |
| Name | File Type | Hashes | Detection |
|---|---|---|---|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\yZcecBUXN7.exe.log |
ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Temp\1-00F23L |
SQLite 3.x database, last written using SQLite version 3035005, page size 2048, file counter 2, database pages 56, cookie 0x24, schema 4, UTF-8, version-valid-for 2 | # | |
