top title background image
flash

NArK6vBU1f.exe

Status: finished
Submission Time: 2022-07-17 05:38:39 +02:00
Malicious
Trojan

Comments

Tags

  • exe

Details

  • Analysis ID:
    666825
  • API (Web) ID:
    1034331
  • Analysis Started:
    2022-07-17 05:47:28 +02:00
  • Analysis Finished:
    2022-07-17 05:56:24 +02:00
  • MD5:
    4d06c7813bddbe7207c3f40a668f94f0
  • SHA1:
    7848d07116f947fa941c288c4b2c51f9c9812f4f
  • SHA256:
    2f1efed2c123ae89315e081006bae687e0d497978c8e1fc1de0e06ee2abdc698
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
malicious
Score: 60
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

malicious
Score: 31/70
malicious
Score: 7/35
malicious
Score: 12/26
malicious

URLs

Name Detection
https://bltools.moy.su/keys4/
https://bltools.moy.su/keys2/
https://bltools.moy.su/keys3/
Click to see the 97 hidden entries
https://bltools.moy.su/ytapikey.txt
https://www.kryptex.org/site/balance
https://www.escapefromtarkov.com/?lang-en
https://chain.so/api/v2/get_address_balance/ZEC/
https://www.coinbase.com/api/v2/user
http://foo/MainWindow.xaml
https://www.tiktok.com/
https://store.steampowered.com/steamaccount/addfunds?
http://foo/bar/themes/colourfuldarktheme.baml
https://bbs-api-os.mihoyo.com/game_record/genshin/api/character
http://foo/bar/mainwindow.baml
https://ogs.google.com/u/0/widget/account
https://openapi.debank.com/v1/user/total_balance?id=%
https://premiumfeatures.roblox.com/v1/users/
https://www.youtube.com/channel/9
https://www.coinbase.com/api/v2/user/second-factor
https://account.blizzard.com/oauth2/authorization/account-settings?ref=/transactions
https://www.amazon.com.br
https://twitch.tv/-
https://mail.yahoo.com/psearch/v3/srp?&multipart=true&appid=YMailNorrin&wssid=
https://www.amazon.se3https://www.amazon.com.tr1/cpe/yourpayments/wallet
https://www.youtube.com/channel/1
https://hitbtc.com/settings/general
https://www.amazon.co.jp
https://chain.so/api/v2/get_address_balance/LTC/
https://www.instant-gaming.com/en/my-credits/
https://www.kryptex.org/site/balanceMhttps://www.kryptex.org/site/dashboard?
https://www.coinbase.com/api/v2/user#
https://www.amazon.fr
https://www.pathofexile.com/my-account
https://upload-os-bbs.mihoyo.com/game_record/genshin/character_image/UI_AvatarIcon
https://discordapp.com/api/v9/users/
https://inventory.roblox.com/v1/users/Y/assets/collectibles?sortOrder=Asc&limit=100
https://bbs-api-os.mihoyo.com/game_record/card/wapi/getGameRecordCard?uid=
http://defaultcontainer/CTools;component/MainWindow.xaml
https://funpay.com/account/balance-/account/logout?token=;
https://www.amazon.nl
https://chain.so/api/v2/get_address_balance/DOGE/
https://www.youtube.com/channel/
https://www.pathofexile.com/account/view-profile/
https://account.battle.net/api/-/cp-ui/passport/logout
https://freebitco.in/
https://poloniex.com/wallet
https://dota2.backpack.tf/_inventory/
https://www.amazon.com.tr
https://www.netflix.com/SwitchProfile?tkn=gclass=
https://www.instagram.com/accounts/edit/
https://www.humblebundle.com/user/wallet?hmb_source=navbar
http://foo/Themes/ColourfulDarkTheme.xaml
https://www.amazon.sa
https://www.humblebundle.com/api/v1/user/order
https://www.amazon.nl1https://www.amazon.co.jp3https://www.amazon.com.br
https://openapi.debank.com/v1/user/token_list?id=
https://mail.yahoo.com/
https://upload-os-bbs.mihoyo.com/game_record/genshin/equip/UI_EquipIcon_
https://id.twitch.tv/oauth2/validate
https://www.amazon.sg
https://studio.youtube.com/getAccountSwitcherEndpoint
https://www.amazon.se
https://backpack.tf/_inventory/
https://twitter.com/5
https://web.np.playstation.com/api/graphql/v1/transact/wallets
https://openapi.debank.com/v1/user/total_balance?id=
https://www.amazon.in3https://www.amazon.com.mx
https://www.instagram.com/%
https://www.amazon.com
https://www.epicgames.com/account/v2/api/email/info
https://twitter.com/%
https://www.amazon.com.mx
https://www.instagram.com//
https://inventory.roblox.com/v1/users/
https://chain.so/api/v2/get_address_balance/DASH/
https://store.steampowered.com/account
https://bbs-api-os.mihoyo.com/game_record/genshin/api/index?server=
https://api.rustinventory.com/inventory?id=
https://poloniex.com/private?command=getUserProfile
https://funpay.com/users/
https://studio.youtube.com/getAccountSwitcherEndpoint/
https://www.instagram.com/
https://account.battle.net/api/
https://payments.google.com/payments/u/0/payment_methods?tc=35&wst=1623884460143&cst=1623884460160&s
https://www.amazon.pl
https://tokenview.com/api/search/
https://buff.163.com/api/asset/get_brief_asset/
https://www.instagram.com/9
https://gql.twitch.tv/gql#origin=twilight
https://chain.so/api/v2/get_address_balance/BTC/
https://www.amazon.it1https://www.amazon.co.uk
https://www.amazon.it
https://accounts.google.com/Logout
https://twitter.com/home
https://www.amazon.ae
https://web.np.playstation.com/api/graphql/v1/op?operationName=getPurchasedGameList&variables=%7B%22
https://www.amazon.in
https://api.mojang.com/creditcards
https://www.kryptex.org/site/dashboard
https://webcast.tiktok.com/webcast/wallet_api/diamond_buy/permission/

Dropped files

Name File Type Hashes Detection
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_NArK6vBU1f.exe_dd20456556ff57696eb2c5e5d51a8e2b96def1_abfa8857_1ab796d2\Report.wer
Little-endian UTF-16 Unicode text, with CRLF line terminators
#