Engine | Download Report | Detection | Info |
---|---|---|---|
|
malicious
Score: 45
|
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
|
Name | Detection |
---|---|
http://schemas.xmlsoap.org/wsdl/ | |
https://github.com/Pester/Pester | |
http://www.winimage.com/zLibDll1.2.7rbr | |
Click to see the 20 hidden entries | |
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name | |
http://www.apache.org/licenses/LICENSE-2.0.html0 | |
http://www.winimage.com/zLibDll | |
https://www.advancedinstaller.com | |
https://contoso.com/Icon | |
https://contoso.com/License | |
https://t.me/LHRUnlockerChannelButtonText_Finish&FinishManufacturerSergeyProductCode | |
https://nuget.org/nuget.exe | |
https://contoso.com/ | |
https://t.me/LHRUnlockerMSIFASTINSTALLAI_CURRENT_YEAR2022ButtonText_Decline&DeclineAI_PREDEF_LCONDS_ | |
https://www.thawte.com/repository0W | |
https://go.micro | |
https://drivers.sergeydev.com/windows/511.65-desktop-win64bit-interr | |
http://www.apache.org/licenses/LICENSE-2.0.html | |
http://schemas.xmlsoap.org/soap/encoding/ | |
https://www.thawte.com/cps0/ | |
http://pesterbdd.com/images/Pester.png | |
https://github.com/Pester/Pester0 | |
http://pesterbdd.com/images/Pester.png0 | |
http://nuget.org/NuGet.exe |
Name | File Type | Hashes | Detection |
---|---|---|---|
C:\Users\user\AppData\Local\Temp\scr3351.ps1 |
Little-endian UTF-16 Unicode text, with CR line terminators | # | |
C:\Users\user\AppData\Local\Temp\pss341F.ps1 |
Little-endian UTF-16 Unicode text, with CRLF, CR line terminators | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_lf5no10l.5dz.ps1 |
very short file (no magic) | # | |
Click to see the 17 hidden entries | |||
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.log |
UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators | # | |
C:\Windows\Installer\MSI3268.tmp |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # | |
C:\Windows\Installer\MSI2874.tmp |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # | |
C:\Windows\Installer\MSI1FD8.tmp |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # | |
C:\Windows\Installer\3c1a5a.msi |
Composite Document File V2 Document, Little Endian, Os: Windows, Version 10.0, MSI Installer, Last Printed: Fri Dec 11 11:47:44 2009, Create Time/Date: Fri Dec 11 11:47:44 2009, Last Saved Time/Date: Fri Sep 18 15:06:51 2020, Security: 0, Code page: 1 (…) | # | |
C:\Users\user\Documents\20220223\PowerShell_transcript.878411.jRMym6xB.20220223184945.txt |
UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_xhr5i13g.js1.psm1 |
very short file (no magic) | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache |
data | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_i2ddoyuu.1tk.psm1 |
very short file (no magic) | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_5xdfaoyo.lnf.ps1 |
very short file (no magic) | # | |
C:\Users\user\AppData\Local\Temp\MSIF832.tmp |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\MSIF69B.tmp |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\MSIF513.tmp |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\MSIF447.tmp |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\MSIF34C.tmp |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\MSIF280.tmp |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\MSIEF62.tmp |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # |