Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
C:\Users\user\Downloads\new.bat
|
Unicode text, UTF-16, little-endian text, with very long lines (17700), with no line terminators
|
dropped
|
||
C:\Users\user\Downloads\plat.zip
|
Zip archive data, at least v2.0 to extract, compression method=store
|
modified
|
||
C:\Users\user\Downloads\update.bat
|
Unicode text, UTF-16, little-endian text, with very long lines (1561), with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
modified
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_jnbes5tt.3tc.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\2XW6ZO587UXR1TB4AYIP.temp
|
data
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms (copy)
|
data
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms~RF3c76e1.TMP
(copy)
|
data
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms~RF3d35dc.TMP
(copy)
|
data
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ICMWWOFP70X90AHDGL5O.temp
|
data
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jul 3 08:19:06 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jul 3 08:19:06 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jul 3 08:19:06 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jul 3 08:19:06 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jul 3 08:19:06 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\update.bat (copy)
|
Unicode text, UTF-16, little-endian text, with very long lines (1561), with no line terminators
|
dropped
|
||
C:\Users\user\Downloads\5ddcfc79-4ea6-4e61-84f8-43bbbcd0dab7.tmp
|
Zip archive data, at least v1.0 to extract, compression method=store
|
dropped
|
||
C:\Users\user\Downloads\doc0992002349204234.zip (copy)
|
Zip archive data, at least v1.0 to extract, compression method=store
|
dropped
|
||
C:\Users\user\Downloads\doc0992002349204234.zip.crdownload (copy)
|
Zip archive data, at least v1.0 to extract, compression method=store
|
dropped
|
There are 12 hidden files, click here to show them.
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
dl.dropboxusercontent.com
|
unknown
|
||
edge-block-www-env.dropbox-dns.com
|
162.125.66.15
|
||
www.google.com
|
142.250.185.132
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
1.1.1.1
|
unknown
|
Australia
|
||
142.250.186.174
|
unknown
|
United States
|
||
192.168.2.16
|
unknown
|
unknown
|
||
142.250.185.132
|
www.google.com
|
United States
|
||
192.168.2.4
|
unknown
|
unknown
|
||
162.125.66.15
|
edge-block-www-env.dropbox-dns.com
|
United States
|
||
216.58.206.35
|
unknown
|
United States
|
||
192.168.2.5
|
unknown
|
unknown
|
||
239.255.255.250
|
unknown
|
Reserved
|
||
142.250.185.131
|
unknown
|
United States
|
||
64.233.184.84
|
unknown
|
United States
|
||
23.43.61.160
|
unknown
|
United States
|
||
216.58.212.174
|
unknown
|
United States
|
||
127.0.0.1
|
unknown
|
unknown
|
||
104.16.230.132
|
unknown
|
United States
|
There are 5 hidden IPs, click here to show them.