OWd39WUX3D.exe

Status: finished

Submission Time: 2023-09-15 07:25:05 +02:00

Malicious

Spreader

Trojan

Evader

Pushdo

Comments

Details

Analysis ID:
1308712
API (Web) ID:
1308712
Original Filename:
dc6330aff08812b5dbaf66cf0671cb20.exe
Analysis Started:

2023-09-15 07:25:05 +02:00
Analysis Finished:

2023-09-15 07:38:51 +02:00
MD5:
dc6330aff08812b5dbaf66cf0671cb20
SHA1:
12ce2b2bf8bceb6862db8ae9f8af9e709844d051
SHA256:
3f45f9a83b45320ea3d0350d7d4f221a3a575a42a8e6928ae6cc158ff41256b8
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
		malicious
	Full Report Management Report IOC Report	malicious Score: 100	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

Open Full Report

malicious

Score: 27/71

malicious

Score: 11/37

malicious

IPs

IP	Country	Detection
156.251.140.23	Seychelles
204.11.56.50	Virgin Islands (BRITISH)
85.233.160.146	United Kingdom
Click to see the 96 hidden entries
104.21.24.39	United States
195.96.252.188	Bulgaria
104.21.68.7	United States
172.67.164.178	United States
172.67.97.62	United States
61.200.81.21	Japan
192.124.249.3	United States
199.34.228.78	United States
172.67.196.25	United States
203.0.113.0	Reserved
72.251.233.245	United States
212.44.102.75	Slovenia
62.122.170.171	Czech Republic
210.140.73.39	Japan
104.26.13.244	United States
137.118.26.67	United States
104.21.55.151	United States
195.128.140.29	Poland
75.2.70.75	United States
82.208.6.9	Czech Republic
93.187.206.66	Turkey
104.21.8.75	United States
104.21.234.121	United States
219.94.128.87	Japan
47.91.167.60	United States
92.204.129.113	Germany
76.223.35.103	United States
217.69.139.150	Russian Federation
154.201.225.123	Seychelles
35.172.94.1	United States
141.193.213.20	United States
103.168.172.221	unknown
211.13.196.162	Japan
198.185.159.144	United States
185.230.63.107	Israel
103.168.172.217	unknown
13.113.204.223	United States
74.208.215.145	United States
219.94.129.97	Japan
109.71.54.22	Netherlands
93.189.66.202	Switzerland
217.74.161.133	Russian Federation
5.189.171.125	Germany
216.177.137.32	United States
217.19.254.22	United Kingdom
104.21.26.121	United States
18.179.184.212	United States
83.167.255.150	Czech Republic
67.21.93.239	United States
192.99.226.184	Canada
85.128.196.22	Poland
104.21.73.229	United States
13.248.169.48	United States
217.79.184.35	Germany
78.46.224.133	Germany
194.143.194.23	Spain
104.21.23.9	United States
46.30.60.158	Germany
192.252.159.165	United States
83.223.113.46	United Kingdom
145.239.5.159	France
203.137.75.45	Japan
49.12.155.123	Germany
91.229.22.126	Poland
217.160.0.131	Germany
54.36.175.146	France
5.39.75.157	France
104.21.89.126	United States
154.203.14.100	Seychelles
64.125.133.18	United States
66.94.119.160	United States
108.167.164.216	United States
5.196.166.214	France
165.227.252.190	United States
213.186.33.17	France
3.130.204.160	United States
172.67.152.159	United States
157.112.176.4	Japan
54.161.222.85	United States
211.1.226.67	Japan
69.163.239.62	United States
66.226.70.66	United States
202.254.236.40	Japan
81.2.194.241	Czech Republic
192.241.158.94	United States
52.71.57.184	United States
104.21.25.200	United States
82.201.61.230	Netherlands
216.239.32.21	United States
172.67.152.88	United States
104.21.42.10	United States
104.26.10.81	United States
104.26.7.221	United States
70.39.251.249	United States
188.166.152.188	Netherlands
195.78.66.50	Poland

Domains

Name	IP	Detection
fdlymca.org	192.124.249.9
hbfuels.com	85.233.160.146
vdoherty.com	91.216.241.100
Click to see the 97 hidden entries
smtp.mail.global.gm0.yahoodns.net	66.218.88.167
karmy.com.pl	185.253.212.22
www.clinicasanluis.com.co	172.67.164.178
vvsteknik.dk	185.31.76.90
www.vazir.se	206.191.152.37
bidroll.com	13.56.33.8
cbras.com	54.39.198.18
assideum.com	52.219.80.107
mackusick.de	217.160.0.131
metaforacom.com	185.42.105.162
usadig.com	198.100.146.220
aiolos-sa.gr	104.21.26.121
shztm.ru	62.122.170.171
akr.co.id	104.20.123.68
oaith.ca	192.124.249.12
www.railbook.net	208.91.197.46
muhr-soehne.de	5.189.171.125
any-s.net	108.170.12.50
pellys.co.uk	77.72.4.226
lyto.net	104.21.62.182
camamat.com	104.21.235.32
fortknox.bm	216.177.137.32
www.muhr-soehne.de	5.189.171.125
cqdgroup.com	221.132.33.88
tabbles.net	80.211.41.39
tozzhin.com	202.94.166.30
semuk.com	86.105.245.69
cubodown.com	91.195.240.94
infotech.pl	79.96.32.254
impexnc.com	208.91.197.46
www.findbc.com	13.248.169.48
onzcda.com	13.248.169.48
sledsport.ru	185.22.232.175
ftmobile.com	199.34.228.78
komie.com	59.106.13.181
fnw.us	137.118.26.67
nekono.net	202.172.28.187
cvswl.org	104.21.55.151
ncn.de	46.30.60.158
missnue.com	104.21.234.121
tcpoa.com	159.89.244.183
isom.org	192.124.249.14
nts-web.net	49.212.235.175
www.tyrns.com	217.79.184.35
www.jenco.co.uk	104.21.23.9
canasil.com	104.26.2.14
avse.hu	185.129.138.60
jsaps.com	49.212.235.59
gphpedit.org	127.0.0.1
shesfit.com	172.67.158.251
kallman.net	0.0.0.0
shittas.com	192.3.246.178
dataform.co.uk	83.223.113.46
shteeble.com	185.106.129.180
enguita.net	195.5.116.23
dayvo.com	104.21.68.7
webways.com	104.21.1.51
holp-ai.com	59.106.13.169
zupraha.cz	77.78.104.3
in1.smtp.messagingengine.com	103.168.172.217
dog-jog.net	153.122.24.177
s5w.com	192.99.226.184
kamptal.at	128.204.134.138
bd-style.com	103.112.69.92
adventist.ro	49.12.155.123
hdr-nlb5-4e815dd67a14bf7f.elb.us-east-2.amazonaws.com	3.130.204.160
ora.ecnet.jp	60.43.154.138
hdr-nlb7-aebd5d615260636b.elb.us-east-1.amazonaws.com	54.161.222.85
evcpa.com	192.124.249.10
www.abdg.com	192.252.154.18
www.spanesi.com	5.196.166.214
tbvlugus.nl	174.129.25.170
www.fcwcvt.org	104.21.25.200
www.edimart.hu	81.2.194.241
mail.airmail.net	66.226.70.66
bible.org	104.20.54.214
www.x0c.com	104.247.81.50
pohlfood.com	104.218.10.254
www.mobilnic.net	154.203.14.100
www.naoi-a.com	202.254.236.40
kevyt.net	104.21.2.101
d2r2uj0bnofxxz.cloudfront.net	13.249.85.117
www.valselit.com	193.70.68.254
cpmteam.com	104.21.32.240
www.vexcom.com	172.67.173.200
biosolve.com	151.101.130.159
ldh.la.gov	75.2.95.235
www.fe-bauer.de	3.65.101.129
dhh.la.gov	52.200.51.73
smtp1.sbc.mail.am0.yahoodns.net	67.195.12.38
willsub.com	69.89.107.122
td-ccm-neg-87-45.wixdns.net	34.149.87.45
pb-games.com	173.254.28.29
www.sclover3.com	157.112.182.239
gmail-smtp-in.l.google.com	172.253.63.27
notis.ru	185.178.208.141
atbauk.org	172.67.196.145

URLs

Name	Detection
http://likangds.com/
http://univi.it/
https://www.clinicasanluis.com.co/
Click to see the 97 hidden entries
http://skypearl.com/
http://sigtoa.com/
http://www.valselit.com/177-appartement-a-vendre-sigean-30378
https://www.ora-ito.com/
https://www.elpro.si/kategorija-izdelka/kabli-zice-in-konektorji/podaljski-za-termoclene-termoelemen
http://calvinly.com/
http://pohlfood.com/wp-content/plugins/wc-product-table-pro/assets/css.min.css?ver=2.1.0
http://gholographic.com/
http://www.pcgrate.com/wp-content/themes/dt-the7/js/main.min.js?ver=9.12.0
https://ldh.la.gov/
https://www.elpro.si/kategorija-izdelka/wika-partner/nivo/pretvorniki-nivoja/
http://www.myropcb.com/why-use-myro/
http://msl-lock.com/
https://use.fontawesome.com/releases/v5.12.0/webfonts/fa-brands-400.woff2
http://pohlfood.com/wp-content/plugins/real3d-flipbook/js/flipbook.pdfservice.min.js?ver=3.25
http://www.myropcb.com/services-capabilities/stencil/
https://www.cloudflare.com/5xx-error-landing
http://gmpg.org/xfn/11
http://chart.apis.google.com/chart?chs=100x100&cht=qr&chld=L
https://www.elpro.si/kategorija-izdelka/merilniki-tlaka/tlacni-vmesniki/
http://www.pcgrate.com/wp-content/plugins/pro-elements/assets/js/frontend.min.js?ver=3.3.1
http://www.abdg.com/
http://www.myropcb.com/services-capabilities/pcb-restoration/
http://www.naoi-a.com/
https://www.elpro.si/kategorija-izdelka/termometri-dataloggerji-ex/termometri/alkoholni-termometri/
https://www.elpro.si/kategorija-izdelka/industrijske-tablice-telefoni-handheld/industrijski-skenerji
https://pohlfood.com/wp-json/oembed/1.0/embed?url=https%3A%2F%2Fpohlfood.com%2F
https://www.com-sit.com/feed/
https://lolipop.jp/
http://www.ora-ito.com/
https://www.elpro.si/kategorija-izdelka/prenosni-osebni-detektorji/
http://www.pcgrate.com
http://www.myropcb.com/why-use-myro/terms-of-service/
https://www.com-sit.com/wp-content/uploads/2023/04/comsitBROWN-1.jpg
http://www.pcgrate.com/wp-content/plugins/woo-discount-rules/v2/Assets/Js/site_main.js?ver=2.3.7
http://pohlfood.com/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.16
https://www.elpro.si/kategorija-izdelka/grelci-polprevodniski-releji-ssr-in-tiristorji/ssr-rele-polp
https://pohlfood.com/wp-content/uploads/iStock-1031193710b.jpg
https://tickets.suresupport.com/faq/article-1596/en
https://www.elpro.si/kategorija-izdelka/merilniki-tlaka/elektricni-pribor-za-merilnike-tlaka/
https://www.elpro.si/kategorija-izdelka/elpro-posebne-izvedbe-temperaturnih-tipal/profesionalni-seti
http://www.elpro.si/wp-content/plugins/cf7-conditional-fields/style.css?ver=2.3.9
https://www.com-sit.com/branchen-know-how/
http://www.winhui.cn/template/default/img/fixedimg4.png
http://myropcb.com/login/
http://www.elpro.si/wp-content/plugins/mailchimp-for-woocommerce/public/js/mailchimp-woocommerce-pub
https://www.elpro.si/kategorija-izdelka/wika-partner/
https://www.lrsuk.com/
http://www.pcgrate.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff?5.10.0)
http://www.elpro.si/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
https://inhouse.pohlfood.com/
https://www.com-sit.com/kontakt-comsit-distribution-gmbh/
http://gpthink.com/product/204.html
http://www.myropcb.com/wp-content/themes/thematic/library/scripts/supersubs.js
https://www.elpro.si/kategorija-izdelka/merilniki-nivoja/jola-nivo-tekocin/regulacija-nivoja/meritev
https://www.elpro.si/kategorija-izdelka/merilniki-nivoja/jola-nivo-tekocin/prikazovalnik-toka-jola/
https://www.elpro.si/kategorija-izdelka/merilniki-tlaka/manometri-z-izhodnim-signalom/
http://www.pcgrate.com/wp-content/uploads/the7-css/post-type-dynamic.css?ver=c08792de11d2
https://www.elpro.si/kategorija-izdelka/rotronic/temperatura-rotronic-merilniki-temperature/
http://www.com-sit.com/wp-includes/js/dist/hooks.min.js?ver=c6aec9a8d4e5a5d543a1
http://pohlfood.com/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=26c380492a5e27db8a412ecdd
https://www.elpro.si/wp-content/uploads/2020/03/ICO-75-Prenosne-naprave.svg
https://www.elpro.si/kategorija-izdelka/wika-partner/tlak/pretvorniki-tlaka-wika/
https://www.pcgrate.com/#webpage
https://pohlfood.com/#website
http://pohlfood.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc
https://www.elpro.si/wp-content/uploads/2023/07/PRENOSNA_2220-9670-asfalt_asvalt_moder-150x150.jpg
https://oss.maxcdn.com/respond/1.4.2/respond.min.js
https://www.elpro.si/kategorija-izdelka/wika-partner/kalibracija/
https://www.elpro.si/wp-content/uploads/2020/03/ICO-75-Monitoring.svg
http://www.elpro.si/wp-content/themes/elpro/js/functions.js?ver=1.0.0
http://pohlfood.com/wp-content/plugins/ooohboi-steroids-for-elementor/assets/css/main.css?ver=2.1.62
https://www.elpro.si/kategorija-izdelka/elpro-posebne-izvedbe-temperaturnih-tipal/merilni-pretvornik
https://www.com-sit.com/usa/
https://www.elpro.si/kategorija-izdelka/razdelitev-po-standardih-direktivah/2014-34-eu/
https://www.elpro.si/kategorija-izdelka/merilniki-vlage/rotronic-vlaga-aktivnost-vode-dew-point-moni
https://www.stajerskagz.si/o-sgz-2/
https://www.com-sit.com/testhouse/
https://www.elpro.si/kategorija-izdelka/wika-partner/tlak/
https://pohlfood.com/comments/feed/
http://dhh.la.gov/
https://net3.necs.com/pohlfood/site/search?selectview=choose&queryCol=class&terms=Mediterran
http://www.elpro.si/wp-content/plugins/yith-woocommerce-wishlist/assets/css/jquery.selectBox.css?ver
http://www.com-sit.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
http://www.credo.edu.pl/
https://www.elpro.si/kategorija-izdelka/rotronic/tlak-rotronic-merilniki-tlaka/
https://www.aevga.com/
https://www.elpro.si/avtorji/
https://net3.necs.com/pohlfood/site/search?selectview=byclass&queryCol=&terms=pizza
http://www.pcgrate.com/wp-content/plugins/woo-rfq-for-woocommerce/gpls_assets/js/gpls_woo_rfq.js?ver
https://www.elpro.si/kategorija-izdelka/resitve-za/industrija/
https://www.pwd.org/
http://www.elpro.si/wp-content/plugins/magic-tooltips-for-contact-form-7/assets/css/jquery.qtip.min.
http://pohlfood.com/wp-content/uploads/elementor/css/post-330.css?ver=1694553266
https://www.elpro.si/kategorija-izdelka/wika-partner/temperatura/prikazovalniki-temperature/
http://www.com-sit.com/wp-content/uploads/premium-addons-elementor/pa-frontend-2947ecb72.min.css?ver
http://www.elpro.si/

Dropped files

Name	File Type	Hashes	Detection
C:\Users\user\pigalicapi.exe	PE32 executable (GUI) Intel 80386, for MS Windows	#

Deep Malware Analysis

OWd39WUX3D.exe

Comments

Tags

Available tags:

Details

Joe Sandbox

Third Party Analysis Engines

IPs

Domains

URLs

Dropped files

Deep Malware Analysis

OWd39WUX3D.exe Options

Comments

Tags

Available tags:

Details

Joe Sandbox

Third Party Analysis Engines

IPs

Domains

URLs

Dropped files

Search started

OWd39WUX3D.exe