Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
MDE_File_Sample_d40d71effb912ebf90e190f862d1d86f16e1e4c6.zip
|
Zip archive data, at least v2.0 to extract, compression method=deflate
|
initial sample
|
||
C:\Users\user\AppData\Local\Temp\is-I76QC.tmp\$R11M6SU.tmp
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\is-MKE94.tmp\_isetup\_setup64.tmp
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\is-MKE94.tmp\botva2.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
d3vnxrgxbv8od6.cloudfront.net
|
18.66.121.171
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
18.66.121.171
|
d3vnxrgxbv8od6.cloudfront.net
|
United States
|