home

admindesktop-635814802736122690.rdp

MD5:
fc2379f9dd5ae9b6de789b7b476b46e9

SHA-1:
3c39d79f61e271c17d28ef22c3d4ed53992909db

SHA-256:
c046cd6ebd7bc2ee58f4dea1e8ed17721f3ded5ea5fc0b435d6fdab2e6f3ba10

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
8/9/2025 11:24:29 PM UTC  (a few moments ago)

File size:
1.1 KB (1,094 bytes)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\admindesktop-635814802736122690.rdp

The file admindesktop-635814802736122690.rdp has been seen being distributed by the following URL.

https://passwordsafe.mountsinai.org/eEye.RetinaCS.Server/api/.../StartRemoteSessionAdmin?protocol=rdp&ipaddress=admindesktop&username=a89617930049e95422502cc2d2ab8d7c4e90d494a9fc4681ce82773318072d40f15856e0378d150c46bd12dc86888aedaef7ca6f4558a6c2d73bae8ab70db727b3693a701cba82af5339ec1e3491b1a4f8c77bce0a946128e45fa2e77be1da6134e9e173fc5e2bac983614538895ad23098608aad7502c8a3b9d677e72ebe665ddd7b62219262da2c1b2a2e6c2294e5bb350a75e75501f0a19a38ef9cd210d4d6581766aa74ecaa37ae4506d5c9c8cb384571c541031686296f89729550716e46502a118542cc069ab66afd33d4ca6613712b71629e858340af3afd5441bdbb424eca326ead1e987e1987fafab0870ec2237a516c6f742422a04968975b9964a&password=aaddae0eb37421d47dc153398c6ecd3af35cb26515f3318d6a917d81d7c588fde5ea00d1fd673c77500c8068fb0febac141343f2f117016bc4afe24872f72c58081b131089f276fd3bce0ba42ebba8ae873ae52191200e1c39d411cae17e2d1f32c2a68c7971c2d03ccc976320cba8a3eca8cc2ba903f895149aa852de08aa0affc58657980878560d5922b828052f362090b9b8a0f070446b2e940af39486c65e0b216d3e19bf67de0bdd9b

Scan admindesktop-635814802736122690.rdp - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.