ZwmyzMxFKL.exe
| Engine | Download Report | Detection | Info |
|---|---|---|---|
|
|
malicious
Score: 84
|
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
|
|
|
|
malicious
Score: 84
|
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Run Condition: Run with higher sleep bypass
|
| IP | Country | Detection |
|---|---|---|
| 206.238.43.118 | United States |  |
| Name | Detection |
|---|---|
| https://www.advancedinstaller.com |  |
| http://www.iobit.com/appgoto.php?to=feedback | |
| http://www.iobit.com/appgoto.php?to=othupdate | |
| Click to see the 97 hidden entries | |
| http://ocsp.sectigo.com0 | |
| http://www.cd4o.com/drivers/ | |
| https://idea.hfnuola.com20012rgbautoStartauto_start_slienthideDesktopIconpauseVidoset_mute_on_fullsc | |
| https://logs.hfnuola.com | |
| http://www.bsplayer.com | |
| http://www.360.cn | |
| https://www.itrus.com.cn0 | |
| http://klog.kuwo.cn/music.yl | |
| https://bizhi.hfnuola.com/pc/LockWallpaper/Wallpaper | |
| http://www.iobit.com/goto.php?id=dbsurvey | |
| https://bizhiweb.hfnuola.com/web/vip.htmlhttps://bizhiweb.hfnuola.com/web/payNew.html%s?channel=%s&p | |
| https://bizhiweb.hfnuola.com/web/advertising.html?type= | |
| https://bizhi.hfnuola.com/pc/fhbzApi/checkFile | |
| https://twitter.com/iobitsoft | |
| https://bizhi.hfnuola.com/pc/agg/StartUp | |
| http://www.info-zip.org/ | |
| https://bizhi.hfnuola.com/pc/desktopSubject | |
| http://crl.sectigo.com/SectigoPublicTimeStampingCAR36.crl0z | |
| http://www.zlib.net/D | |
| http://www.iobit.com/appgoto.php?to=install | |
| http://forums.iobit.com/showthread.php?t=16792 | |
| http://www.symauth.com/rpa00 | |
| http://www.iobit.com/productfeedback.php?product=driver-booster | |
| http://curl.haxx.se/docs/copyright.htmlDVarFileInfo$ | |
| http://www.iobit.com/appgoto.php?to=revokedkey | |
| http://www.google.com | |
| https://bizhi.hfnuola.com/pc/v/wallpaperInfoMulti | |
| http://www.iobit.com/ | |
| http://update.iobit.com/infofiles/db2/db2_pro.upt | |
| https://installeranalytics.com | |
| https://sectigo.com/CPS0B | |
| http://update.iobit.com/infofiles/db2/db2_free.upt | |
| http://crl.thawte.com/ThawteTimestampingCA.crl0 | |
| http://www.iobit.com/appgoto.php?to=filerupt | |
| https://idea.hfnuola.com | |
| http://update.iobit.com/infofiles/db2/Freeware-db.upt | |
| http://crl.sectigo.com/SectigoPublicTimeStampingRootR46.crl0 | |
| http://crt.sectigo.com/SectigoRSACodeSigningCA.crt0# | |
| http://ascstats.iobit.com/usage.php | |
| https://bizhi.hfnuola.com/pc/LockWallpaper/Gethttps://bizhi.hfnuola.com/pc/LockWallpaper/Wallpaperht | |
| http://www.iobit.com/appgoto.php?to=forum | |
| https://bizhi.hfnuola.com/pc/agg/hour | |
| http://www.sysinternals.com | |
| http://schemas.xmlsoap.org/soap/envelope/ | |
| https://www.hfnuola.com/select | |
| http://www.iobit.com/appgoto.php?to=helptranslate | |
| http://stats.iotransfer.net/active.php | |
| http://www.indyproject.org/ | |
| http://www.iobit.com/appgoto.php?to=index | |
| http://www.iobit.com/appgoto.php?to=bannerbuy | |
| http://collect.installeranalytics.com | |
| http://www.iobit.com/cloud/db/index.php | |
| http://curl.haxx.se/V | |
| http://www.iobit.com/appgoto.php?to=feature | |
| http://klog.kuwo.cn/music.ylhttp://install-log.kuwo.cn/music.ylhttp://log.kuwo.cn/music.ylrwSend | |
| http://update.iobit.com/infofiles/db2/db2_oth.upt | |
| http://ascstats.iobit.com/active.php | |
| http://www.iobit.com/appgoto.php?to=vertoold | |
| http://www.ludashi.com0 | |
| http://www.iobit.com/faq.php?product=db | |
| https://bizhi.hfnuola.com/pc/v/AfterLocalSethttps://bizhi.hfnuola.com/pc/DesktopComponent/GetPopupLi | |
| http://stats.iobit.com/register.php | |
| http://crl.sectigo.com/COMODOTimeStampingCA_2.crl0r | |
| https://www.hfnuola.com | |
| http://www.iobit.com/appgoto.php?to=activateweb-%d | |
| http://updatestats.cd4o.com/api.php?act=update | |
| https://bizhi.hfnuola.com/pc/v/FilterPayWallpaper | |
| http://www.iobit.com/goto.php?id=plusgp01_DB | |
| http://www.kuwo.cn0 | |
| https://bizhi.hfnuola.com/pc/v/AfterLocalSet | |
| http://www.vmware.com/0 | |
| http://crt.sectigo.com/SectigoPublicTimeStampingCAR36.crt0# | |
| http://www.iobit.com/driver-booster-pro.php | |
| http://www.rfc-editor.org/rfc/bcp/bcp47.txt | |
| http://ascstats.iobit.com/other/db_temp_download.php | |
| http://www.iobit.com/lostcode.php | |
| https://collect.installeranalytics.comhttp://collect.installeranalytics.comhttps://installeranalytic | |
| http://www.symauth.com/cps0( | |
| http://stats.iobit.com/active_month.php | |
| http://www.super-ec.cn | |
| http://crl.sectigo.com/SectigoRSACodeSigningCA.crl0s | |
| http://www.yahoo.com | |
| http://www.iobit.com/appgoto.php?to=usermanual | |
| http://www.iobit.com/appgoto.php?to=regovermax | |
| http://cacerts.digicerU | |
| http://www.iobit.com/appgoto.php?to=download | |
| http://www.iobit.com/hotquestions-db.php | |
| http://www.iobit.com/appgoto.php?to=compare | |
| http://www.iobit.com/goto.php?id=plusgp01_DBU | |
| https://s1.driverboosterscan.com/worker.php | |
| http://www.winimage.com/zLibDll1.2.3 | |
| http://install-log.kuwo.cn/music.yl | |
| http://idb.iobit.com/check.php | |
| http://ascstats.iobit.com/moreuse.php | |
| http://crt.sectigo.com/SectigoPublicTimeStampingRootR46.p7c0# | |
| http://www.iobit.com/appgoto.php?to=proupdate | |
| http://www.iobit.com/appgoto.php?to=lostcode | |
| Name | File Type | Hashes | Detection |
|---|---|---|---|
C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGXlong.sys |
data | # | |
C:\Program Files (x86)\DnLIMGKCARTO\qex.dll |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # | |
C:\Users\user\AppData\Roaming\BD8094EB83814BB7B1A4099568EFED73\VGX\Haloonoroff.exe |
PE32 executable (GUI) Intel 80386, for MS Windows | # | |
| Click to see the 1 hidden entries | |||
C:\Windows\Installer\MSIF1CE.tmp |
PE32 executable (GUI) Intel 80386, for MS Windows | # | |
