SjBVWCSxWi.exe

Status: finished

Submission Time: 2023-07-14 08:33:12 +02:00

Malicious

Ransomware

Trojan

Adware

Spyware

Evader

Phobos, RHADAMANTHYS

Comments

Details

Analysis ID:
1272930
API (Web) ID:
1272930
Original Filename:
7041b5e6716fbc3d51516bfc782b1adf.exe
Analysis Started:

2023-07-14 08:33:16 +02:00
Analysis Finished:

2023-07-14 08:46:25 +02:00
MD5:
7041b5e6716fbc3d51516bfc782b1adf
SHA1:
8a7188931e6d548c1c717be4386df5a19e04b51f
SHA256:
caf660d5a464070e4a488bb3d2153c90204f739e75684f4d8ed56de1062b2f87
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
		malicious
	Full Report Management Report IOC Report	malicious Score: 100	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

Open Full Report

malicious

Score: 30/70

malicious

Score: 25/38

IPs

IP	Country	Detection
45.131.66.61	Germany

Domains

Name	IP	Detection
servblog25.xyz	45.131.66.61

URLs

Name	Detection
http://servblog25.xyz/fe759c9a33a004baa54/gs6k90do.an5m9
http://www.autoitscript.com/autoit3/J
https://discord.com
Click to see the 4 hidden entries
https://http:///etc/puk.keyMachineGuid
https://http:///etc/puk.keyGET13ConnectionupgradeUpgradewebsocketUser-AgentAccept-Encodinggzip
https://discordapp.com
http://servblog25.xyz/fe759c9a33a004baa54/gs6k90do.an5m9kernelbasentdllkernel32GetProcessMitigationP

Dropped files

Name	File Type	Hashes
C:\$Recycle.Bin\S-1-5-21-3853321935-2125563209-4053062332-1002\desktop.ini.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\databases\Databases.db.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\IconCache.db.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
Click to see the 146 hidden entries
C:\Users\user\AppData\Local\Microsoft\775{341{`.exe	PE32 executable (GUI) Intel 80386, for MS Windows	#
C:\Users\user\AppData\Local\Microsoft\Windows\Caches\{0A0496DA-B905-4D30-88C9-B63C603DA134}.3.ver0x0000000000000001.db.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\Microsoft\Windows\Caches\{3DA71D5A-20CC-432F-A115-DFE92379E91F}.3.ver0x0000000000000013.db.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\Microsoft\Windows\Caches\{3DA71D5A-20CC-432F-A115-DFE92379E91F}.3.ver0x0000000000000016.db.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x000000000000000a.db.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x000000000000000b.db.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\Microsoft\l]n.exe	PE32 executable (GUI) Intel 80386, for MS Windows	#
C:\Users\user\AppData\Local\Microsoft\ljT.exe	PE32 executable (GUI) Intel 80386, for MS Windows	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\main-cef.css.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\main-high-contrast.css.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\main.css.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\themes\dark\S_IlluEmptyStateCCFiles_280x192.svg.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\themes\dark\S_IlluEmptyStateDCFiles_280x192.svg.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\themes\dark\s_signed_out.svg.id[C52F1068-3483].[support@rexsdata.pro].8base	DOS executable (COM, 0x8C-variant)	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\css\main.css.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\images\new_icons_retina.png.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\images\themes\dark\illustrations_retina.png.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\images\themes\dark\new_icons_retina.png.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\aicuc\css\main.css.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\app-center\images\themeless\desktop_acrobat_logo.png.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\app-center\images\themeless\web_documentcloud_logo.png.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\createpdfupsell-app\images\themes\dark\rhp_world_icon_hover.png.id[C52F1068-3483].[support@rexsdata.pro].8base	DOS executable (COM, 0x8C-variant)	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\digsig\css\main.css.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\digsig\images\digsig_icons_2x.png.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\digsig\images\themes\dark\digsig_icons_2x.png.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\Download_on_the_App_Store_Badge_cs_135x40.svg.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\Download_on_the_App_Store_Badge_en_135x40.svg.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\Download_on_the_App_Store_Badge_es_135x40.svg.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\Download_on_the_App_Store_Badge_fr_135x40.svg.id[C52F1068-3483].[support@rexsdata.pro].8base	MPEG-4 LOAS, 4 or more streams	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\Download_on_the_App_Store_Badge_it_135x40.svg.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\Download_on_the_App_Store_Badge_ja_135x40.svg.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\Download_on_the_App_Store_Badge_nb_135x40.svg.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\Download_on_the_App_Store_Badge_nl_135x40.svg.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\Download_on_the_App_Store_Badge_pl_135x40.svg.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\Download_on_the_App_Store_Badge_ru_135x40.svg.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\Download_on_the_App_Store_Badge_sv_135x40.svg.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\Download_on_the_App_Store_Badge_tr_135x40.svg.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\FillnSign_visual.svg.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\HomeBanner-3x.png.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\HomeBanner-4x.png.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\Localized_images\cs-cz\AppStore_icon.svg.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\Localized_images\es-es\AppStore_icon.svg.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\Localized_images\fr-fr\AppStore_icon.svg.id[C52F1068-3483].[support@rexsdata.pro].8base	OpenPGP Public Key	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\Localized_images\ja-jp\AppStore_icon.svg.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\Localized_images\ko-kr\AppStore_icon.svg.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\Localized_images\nb-no\AppStore_icon.svg.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\Localized_images\pl-pl\AppStore_icon.svg.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\Localized_images\pt-br\AppStore_icon.svg.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\Localized_images\ru-ru\AppStore_icon.svg.id[C52F1068-3483].[support@rexsdata.pro].8base	PGP Secret Sub-key -	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\Localized_images\tr-tr\AppStore_icon.svg.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\MobileAcrobatCard_Dark.pdf.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\MobileAcrobatCard_Light.pdf.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\MobileScanCard_Dark.pdf.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\MobileScanCard_Light.pdf.id[C52F1068-3483].[support@rexsdata.pro].8base	DOS executable (COM)	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\Scan_visual.svg.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\WelcomeCardRdr-2x.png.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\WelcomeCardRdr.png.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\compare-2x.png.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\edit-pdf-2x.png.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\fill-sign-2x.png.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\find-text-2x.png.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\flags.png.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\flags@2x.png.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\go-mobile-2x.png.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\go-mobile.png.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\lets-get-started-2x.png.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\multi-tab-file-view-2x.png.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\pdf-ownership-no-text.gif.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\pdf-ownership-no-text_2x.gif.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\pdf-ownership-rdr-de_de.gif.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\pdf-ownership-rdr-de_de_2x.gif.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\pdf-ownership-rdr-en_us.gif.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\pdf-ownership-rdr-en_us_2x.gif.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\pdf-ownership-rdr-es_es.gif.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\pdf-ownership-rdr-es_es_2x.gif.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\pdf-ownership-rdr-fr_fr.gif.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\pdf-ownership-rdr-fr_fr_2x.gif.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\pdf-ownership-rdr-ja_jp.gif.id[C52F1068-3483].[support@rexsdata.pro].8base	OpenPGP Public Key	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\pdf-ownership-rdr-ja_jp_2x.gif.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\pdf-ownership-variant2-2x.gif.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\pdf-ownership-variant2.gif.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\read_EX_Challenger_1-2x.png.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\read_EX_Challenger_1.png.id[C52F1068-3483].[support@rexsdata.pro].8base	COM executable for DOS	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\read_EX_Challenger_1_DT-2x.png.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\read_EX_Challenger_1_DT.png.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\read_EX_Challenger_1_non_EN-2x.png.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\read_EX_Challenger_1_non_EN.png.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\read_EX_Challenger_1_non_EN_DT-2x.png.id[C52F1068-3483].[support@rexsdata.pro].8base	OpenPGP Public Key	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\reduced_mode-2x.png.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\scan-2x.png.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\scan.png.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\sign-in-2x.png.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\sign-in.png.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\theme-2x.png.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\tool-search-2x.png.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\tool-search.png.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\upsell-2x.png.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\upsell.png.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\welcome-2x.png.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\welcome.png.id[C52F1068-3483].[support@rexsdata.pro].8base	OpenPGP Secret Key	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\pages-app\images\rhp_world_icon_2x.png.id[C52F1068-3483].[support@rexsdata.pro].8base	DOS executable (COM)	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\pages-app\images\themes\dark\rhp_world_icon_2x.png.id[C52F1068-3483].[support@rexsdata.pro].8base	DOS executable (COM, 0x8C-variant)	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\pages-app\images\themes\dark\rhp_world_icon_hover_2x.png.id[C52F1068-3483].[support@rexsdata.pro].8base	DOS executable (COM, 0x8C-variant)	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\reviews\css\main.css.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\walk-through\css\main.css.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\walk-through\images\dc_review_upsell_2x.png.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\walk-through\images\dc_share_upsell_2x.png.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\walk-through\images\themes\dark\dc_share_upsell_2x.png.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Welcome.pdf.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins3d\2d.x3d.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins3d\3difr.x3d.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins3d\drvDX9.x3d.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins3d\drvSOFT.x3d.id[C52F1068-3483].[support@rexsdata.pro].8base	DOS executable (COM)	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins3d\prc\MyriadCAD.otf.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins3d\tesselate.x3d.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\StorageConnectors.api.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\Updater.api.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\weblink.api.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\Font\AdobePiStd.otf.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\Font\CourierStd-Bold.otf.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\Font\CourierStd-BoldOblique.otf.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\Font\CourierStd-Oblique.otf.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\Font\CourierStd.otf.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\Font\MinionPro-Bold.otf.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\Font\MinionPro-BoldIt.otf.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\Font\MinionPro-It.otf.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\Font\MinionPro-Regular.otf.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\Font\MyriadPro-Bold.otf.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\Font\MyriadPro-BoldIt.otf.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\Font\MyriadPro-It.otf.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\Font\MyriadPro-Regular.otf.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\Font\SY______.PFB.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\Font\ZX______.PFB.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\Font\ZY______.PFB.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\TypeSupport\Unicode\ICU\icudt26l.dat.id[C52F1068-3483].[support@rexsdata.pro].8base	OpenPGP Secret Key	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\TypeSupport\Unicode\Mappings\Mac\CORPCHAR.TXT.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\AutoIt3\Aut2Exe\Icons\AutoIt_Main_v10_256x256_RGB-A.ico.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\AutoIt3\Aut2Exe\Icons\AutoIt_Main_v10_48x48_RGB-A.ico.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\AutoIt3\Aut2Exe\Icons\AutoIt_Main_v11_256x256_RGB-A.ico.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\AutoIt3\Aut2Exe\Icons\AutoIt_Main_v9_48x48_RGB-A.ico.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\AutoIt3\Examples\Helpfile\_Excel_ColumnToNumber.au3.id[C52F1068-3483].[support@rexsdata.pro].8base	DOS executable (COM)	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\AutoIt3\Examples\Helpfile\_GDIPlus_ArrowCapGetHeight.au3.id[C52F1068-3483].[support@rexsdata.pro].8base	DOS executable (COM)	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\AutoIt3\Examples\Helpfile\_GDIPlus_BitmapCreateApplyEffectEx.au3.id[C52F1068-3483].[support@rexsdata.pro].8base	DOS executable (COM, 0x8C-variant)	#
C:\Users\user\AppData\Local\VirtualStore\Program Files (x86)\AutoIt3\Examples\Helpfile\_GDIPlus_FontPrivateAddMemoryFont.au3.id[C52F1068-3483].[support@rexsdata.pro].8base	data	#
C:\Users\user\AppData\Local\l]n.exe	PE32 executable (GUI) Intel 80386, for MS Windows	#
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\l]n.exe	PE32 executable (GUI) Intel 80386, for MS Windows	#

Deep Malware Analysis

SjBVWCSxWi.exe

Comments

Tags

Available tags:

Details

Joe Sandbox

Third Party Analysis Engines

IPs

Domains

URLs

Dropped files

Deep Malware Analysis

SjBVWCSxWi.exe Options

Comments

Tags

Available tags:

Details

Joe Sandbox

Third Party Analysis Engines

IPs

Domains

URLs

Dropped files

Search started

SjBVWCSxWi.exe