Engine | Download Report | Detection | Info |
---|---|---|---|
|
malicious
Score: 72
|
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
|
IP | Country | Detection |
---|---|---|
110.92.66.246 | Hong Kong | |
40.126.31.135 | United States | |
204.79.197.200 | United States |
Name | Detection |
---|---|
http://110.92.66.246:13527/\ | |
http://crl.thawte.com/ThawtePremiumServerCA.crl0 | |
http://crl.thawte.com/ThawteTimestampingCA.crl0 | |
Click to see the 8 hidden entries | |
https://www.thawte.com/cps0/ | |
http://crl.thawte.com/ThawtePCA.crl0 | |
http://www.symauth.com/cps0( | |
http://www.symauth.com/rpa00 | |
https://www.thawte.com/cps0 | |
http://www.nsecsoft.com | |
https://www.thawte.com/repository0W | |
http://ocsp.thawte.com0 |
Name | File Type | Hashes | Detection |
---|---|---|---|
C:\Users\user\zT6Nm@i4\K_FPS64.dll |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
C:\Users\user\zT6Nm@i4\PMRunner64.exe |
PE32+ executable (GUI) x86-64, for MS Windows | # | |
C:\ProgramData\Microsoft\111.7z |
7-zip archive data, version 0.4 | # | |
Click to see the 13 hidden entries | |||
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\Realtek???????? .lnk |
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Icon number=0, Archive, ctime=Thu Jan 14 15:39:10 2021, mtime=Thu Jan 14 15:39:10 2021, atime=Thu Jan 14 15:39:10 2021, length=271704, (…) | # | |
C:\ProgramData\Microsoft\zr.exe |
PE32 executable (console) Intel 80386, for MS Windows | # | |
C:\Users\user\AppData\Roaming\Plugin32.dll |
data | # | |
C:\Users\user\zT6Nm@i4\111.7z |
7-zip archive data, version 0.4 | # | |
C:\Users\user\zT6Nm@i4\KK.txt |
data | # | |
C:\Users\user\zT6Nm@i4\TXP\Windows\Start Menu\Programs\Startup\Realtek???????? .lnk |
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Icon number=0, Archive, ctime=Thu Jan 14 15:39:10 2021, mtime=Thu Jan 14 15:39:10 2021, atime=Thu Jan 14 15:39:10 2021, length=271704, (…) | # | |
C:\Users\user\zT6Nm@i4\copy.bat |
ASCII text, with CR, LF line terminators | # | |
C:\Users\user\zT6Nm@i4\ru2.url |
MS Windows 95 Internet shortcut text (URL=<file:///C:\Users\user\zT6Nm@i4\run001.lnk>), ASCII text, with CR line terminators | # | |
C:\Users\user\zT6Nm@i4\run.lnk |
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Wed Apr 11 22:34:14 2018, mtime=Wed Sep 30 06:35:53 2020, atime=Wed Apr 11 22 (…) | # | |
C:\Users\user\zT6Nm@i4\run001.lnk |
MS Windows shortcut, Item id list present, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, ctime=Sun Dec 31 23:06:32 1600, mtime=Sun Dec 31 23:06:32 1600, atime=Sun Dec 31 23:06:32 1600, length=0, window=hide | # | |
C:\Users\user\zT6Nm@i4\run003.lnk |
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Sun Apr 30 07:53:46 2017, mtime=Sun Apr 30 07:53:46 2017, atime=Sun Apr 30 07 (…) | # | |
C:\Users\user\zT6Nm@i4\zr.exe |
PE32 executable (console) Intel 80386, for MS Windows | # | |
\Device\ConDrv |
ASCII text, with CRLF, CR line terminators | # |