Engine | Download Report | Detection | Info |
---|---|---|---|
![]() |
malicious
|
||
![]() |
malicious
Score: 100
|
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
|
IP | Country | Detection |
---|---|---|
208.95.112.1 | United States | ![]() |
3.165.135.3 | United States | ![]() |
18.66.161.123 | United States | ![]() |
Click to see the 5 hidden entries | ||
65.9.108.148 | United States | ![]() |
104.21.85.189 | United States | ![]() |
65.9.108.93 | United States | ![]() |
172.67.160.84 | United States | ![]() |
13.226.4.166 | United States | ![]() |
Name | IP | Detection |
---|---|---|
shield.reasonsecurity.com | 0.0.0.0 | ![]() |
bg.microsoft.map.fastly.net | 199.232.214.172 | ![]() |
cheatengine.org | 104.20.94.94 | ![]() |
Click to see the 10 hidden entries | ||
d31tu1fsc224h4.cloudfront.net | 13.226.4.166 | ![]() |
eu-api.openweathermap.org | 57.129.2.123 | ![]() |
ipbase.com | 104.21.85.189 | ![]() |
d34hwk9wxgk5fi.cloudfront.net | 65.9.108.148 | ![]() |
ip-api.com | 208.95.112.1 | ![]() |
freegeoip.app | 172.67.160.84 | ![]() |
d2axwe94icddzf.cloudfront.net | 18.66.161.99 | ![]() |
d14mh4uvqj4iiz.cloudfront.net | 18.66.161.123 | ![]() |
api.openweathermap.org | 0.0.0.0 | ![]() |
electron-shell.reasonsecurity.com | 0.0.0.0 | ![]() |
Name | Detection |
---|---|
https://www.avast.com/e | ![]() |
http://crt.sectigo.com/SectigoPublicCodeSigningCAR36.crt0# | ![]() |
https://www.premieropinion.com/privacy-policy- | ![]() |
Click to see the 97 hidden entries | |
https://www.google.com/images/branding/product/ico/googleg_lodp.ico | ![]() |
https://t.me/VegaStealer_bot-/sendDocument?chat_id= | ![]() |
https://www.sqlite.org/lang_c | ![]() |
http://cacerts.di | ![]() |
https://assets.razerzone.com/downloads/software/RazerEndUserLicenseAgreement.pdf | ![]() |
https://freegeoip.app/xml/ | ![]() |
https://www.avast.com/p | ![]() |
https://www.avast.com | ![]() |
https://ipbase.com | ![]() |
https://t.me/VegaStealer_bot | ![]() |
https://aka.ms/winsvr-2022-pshelpX | ![]() |
http://go.microsoft | ![]() |
https://reasonlabs.com/policies67r | ![]() |
https://d34hwk9wxgk5fi.cloudfront.net:443/zbd | ![]() |
http://ip-api.com/json/ | ![]() |
https://reasonlabs.com/policies | ![]() |
https://webcompanion.com/terms5/= | ![]() |
https://www.avast.co | ![]() |
http://ip-api.com/json/?fieldsTDl | ![]() |
http://crt.sectigo.com/SectigoPublicCodeSigningRootR46.p7c0# | ![]() |
https://www.avg.com/ww-en/privacy..$ | ![]() |
https://d34hwk9wxgk5fi.cloudfront.net/f/WebAdvisor/files/1489/saBSI.zipTEM32-xL | ![]() |
https://www.sqlite.org/lang | ![]() |
https://d34hwk9wxgk5fi.cloudfront.net/K | ![]() |
https://api.telegram.org/bot | ![]() |
https://www.avast.com/eula-avast-consumer-products | ![]() |
http://www.microsoft.cx | ![]() |
https://d31tu1fsc224h4.cloudfront.net:443/ | ![]() |
https://jrsoftware.org/ishelp/index.php?topic=setupcmdlineSetupU | ![]() |
https://webcompanion.com/privacys/ | ![]() |
https://www.nortonlifelock.com/us/en/privacy/Op | ![]() |
https://d31tu1fsc224h4.cloudfront.net:443/bdp | ![]() |
https://system.data.sqlite.org/ | ![]() |
https://d34hwk9wxgk5fi.cloudfront.net/f/WebAdvisor/files/1489/saBSI.zipp.png4 | ![]() |
https://www.premieropinion.com/privacy-policyG | ![]() |
https://system.data.sqlite.org/X | ![]() |
https://www.ccleaner.com/legal/end-usecense-agreem | ![]() |
https://d31tu1fsc224h4.cloudfront.net/FbN | ![]() |
http://crl.sectigo.com/SectigoPublicCodeSigningCAR36.crl0y | ![]() |
http://go.micro | ![]() |
https://www.ccleaner.com/legal/end-use | ![]() |
https://freegeoip.app/xml/9https://api.telegram.org/botGhttps://api.vimeworld.ru/user/name/1-------- | ![]() |
http://www.dk-soft.org/ | ![]() |
https://www.sqlite.org/copyright.html2 | ![]() |
https://d34hwk9wxgk5fi.cloudfront.net/f/RAV_Triple_NCB/images/DOTPS-855/EN.pnge | ![]() |
https://d31tu1fsc224h4.cloudfront.net:443/gd | ![]() |
https://www.avast.com/eula | ![]() |
https://www.premieropinion.com/common/termsofservice-v1 | ![]() |
https://d34hwk9wxgk5fi.cloudfront.net:443/zbdk5fi.cloudfront.net:443/zbdv | ![]() |
https://d34hwk9wxgk5fi.cloudfront.net/f/WeatherZero/images/969/EN.png | ![]() |
https://www.mcafee.com/consumer/en-us/policy/legal.htmlReplaced/OperaSetup.zipnet | ![]() |
https://assets.razerzone.com/downloads/software/RazerEndUser | ![]() |
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name | ![]() |
https://www.sqlite.org/lang_corefunc.html | ![]() |
https://www.innosetup.com/ | ![]() |
https://nuget.org/nuget.exe | ![]() |
https://www.remobjects.com/ps | ![]() |
http://go.microsof | ![]() |
http://ns.adobe.0/ | ![]() |
https://d34hwk9wxgk5fi.cloudfront.net/f/WebAdvisor/files/1489/saBSI.zippM32-xL | ![]() |
http://crl3.digicert.cPom/D | ![]() |
https://www.mcafee.com/consumer/en-us/policy/legal.htmles/969/EN.pngzipMSSP | ![]() |
https://freegeoip.app | ![]() |
https://d34hwk9wxgk5fi.cloudfront.net/f/ | ![]() |
https://shield.reasonsecurity.com/rsStubActivator.exe. | ![]() |
https://www.premieropinion.com/privacy-policyl | ![]() |
https://home.mcafee.com/Root/AboutUs.aspx?id=eula | ![]() |
https://d34hwk9wxgk5fi.cloudfront.net:443/zbdWgI | ![]() |
http://crl.sectigo.com/SectigoPublicCodeSigningRootR46.crl0 | ![]() |
http://ip-api.com/json/?fields=61439 | ![]() |
https://duckduckgo.com/ac/?q= | ![]() |
https://webcompanion.com/terms | ![]() |
https://www.opera.com/he/eula/computers | ![]() |
http://ocsp.sectigo.com0 | ![]() |
https://d31tu1fsc224h4.cloudfront.net/IN | ![]() |
https://d34hwk9wxgk5fi.cloudfront.net/f/WeatherZero/files/969/WZSetup.zipjy | ![]() |
https://shield.reasonsecurity.com/rsStubActivator.exeles/969/WZSetup.zip | ![]() |
https://github.com/novotnyllc/bc-csharp | ![]() |
https://urn.to/r/sds_see | ![]() |
https://www.opera.com/he/eula/computersl | ![]() |
http://schemas.xmlsoap.org/wsdl/ | ![]() |
https://www.mcafee.com/consumer/en-us/policy/legal.html4 | ![]() |
https://github.com/Pester/Pester | ![]() |
https://www.ecosia.org/newtab/ | ![]() |
https://reasonlabs.com/policiesx | ![]() |
https://duckduckgo.com/chrome_newtab | ![]() |
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q= | ![]() |
https://shield.reasonsecurity.com/rsStubActivator.exem | ![]() |
https://d34hwk9wxgk5fi.cloudfront.net/f/WeatherZero/images/969/EN.pngzip)yH | ![]() |
https://contoso.com/Icon | ![]() |
http://www.microsoft.cxx | ![]() |
https://d31tu1fsc224h4.cloudfront.net:443//WebAdvisor/images/943/EN.png | ![]() |
http://www.apache.org/licenses/LICENSE-2.0.html | ![]() |
http://crl3.digicert | ![]() |
https://steamcommunity.com/profiles/ASOFTWARE | ![]() |
http://pesterbdd.com/images/Pester.png | ![]() |
https://www.ccleaner.com/legal/end-user-license-agreement | ![]() |
Name | File Type | Hashes | Detection |
---|---|---|---|
C:\Users\user\AppData\Local\Temp\System.Data.SQLite.dll |
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows | # | ![]() |
C:\Windows\Temp\cfoutowi.tmp |
PE32+ executable (GUI) x86-64, for MS Windows | # | ![]() |
C:\Users\user\AppData\Local\Temp\v2.exe |
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows | # | ![]() |
Click to see the 20 hidden entries | |||
C:\Users\user\AppData\Local\Temp\is-O39K6.tmp\CheatEngine75.tmp |
PE32 executable (GUI) Intel 80386, for MS Windows | # | ![]() |
C:\Users\user\AppData\Local\Temp\is-3E079.tmp\zbShieldUtils.dll |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # | ![]() |
C:\Users\user\AppData\Local\Temp\is-3E079.tmp\prod2.exe (copy) |
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows | # | ![]() |
C:\Users\user\AppData\Local\Temp\is-3E079.tmp\prod2 (copy) |
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows | # | ![]() |
C:\Users\user\AppData\Local\Temp\is-3E079.tmp\prod1_extract\WZSetup.exe |
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive | # | ![]() |
C:\Users\user\AppData\Local\Temp\is-3E079.tmp\prod0_extract\saBSI.exe |
PE32 executable (GUI) Intel 80386, for MS Windows | # | ![]() |
C:\Users\user\AppData\Local\Temp\is-3E079.tmp\is-L3QGH.tmp |
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows | # | ![]() |
C:\Users\user\AppData\Local\Temp\is-3E079.tmp\CheatEngine75.exe |
PE32 executable (GUI) Intel 80386, for MS Windows | # | ![]() |
C:\Users\user\AppData\Local\Temp\VegaStealer_v2.exe |
PE32 executable (GUI) Intel 80386, for MS Windows | # | ![]() |
C:\Program Files\Google\Chrome\updater.exe |
PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows | # | ![]() |
C:\Users\user\AppData\Local\Temp\System.Data.SQLite.Linq.dll |
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows | # | ![]() |
C:\Users\user\AppData\Local\Temp\System.Data.SQLite.EF6.dll |
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows | # | ![]() |
C:\Users\user\AppData\Local\Temp\SQLite.Interop.dll |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # | ![]() |
C:\Users\user\AppData\Local\Temp\Newtonsoft.Json.dll |
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows | # | ![]() |
C:\Users\user\AppData\Local\Temp\EntityFramework.dll |
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows | # | ![]() |
C:\Users\user\AppData\Local\Temp\EntityFramework.SqlServer.dll |
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows | # | ![]() |
C:\Users\user\AppData\Local\Temp\CheatEngine75.exe |
PE32 executable (GUI) Intel 80386, for MS Windows | # | ![]() |
C:\Users\user\AppData\Local\Temp\BouncyCastle.Crypto.dll |
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows | # | ![]() |
C:\Users\user\AppData\Local\Temp\3.exe |
PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows | # | ![]() |
C:\Program Files\Google\Libs\WR64.sys |
PE32+ executable (native) x86-64, for MS Windows | # | ![]() |