Joe Sandbox Cloud Basic

Want to search on specific fields?


Try our:

Advanced Search

Want to search in depth on all Cloud Basic reports?

Try: Joe Sandbox View

Register Login
Deep Malware Analysis
top title background image
flash

6STrd2WC88FOIND.exe

Status: finished
Submission Time: 2023-12-12 11:06:13 +01:00
Malicious
Trojan
Spyware
Evader
FormBook, zgRAT

Comments

Tags

  • exe
  • Formbook
  • zgrat

Details

  • Analysis ID:
    1359957
  • API (Web) ID:
    1359957
  • Analysis Started:
    2023-12-12 11:48:36 +01:00
  • Analysis Finished:
    2023-12-12 12:01:12 +01:00
  • MD5:
    391e7914fb40c657f3e1068cdb2711b4
  • SHA1:
    14487c52e61c3a499a19029ac5d955fa94dada52
  • SHA256:
    5a62ce1ce44bcaed2a0fddb1aadfa7bc0fcc3a63eadfc0016fb4038975bf4ebe
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
Full Report Management Report IOC Report
malicious
Score: 100
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

malicious

IPs

IP Country Detection
162.240.81.18
 United States
108.179.192.34
 United States
70.36.107.203
 United States
Click to see the 9 hidden entries
195.161.62.100
 Russian Federation
198.177.123.106
 United States
160.251.148.119
 Japan
151.101.66.159
 United States
84.32.84.32
 Lithuania
34.149.87.45
 United States
199.59.243.225
 United States
146.148.34.125
 United States
162.210.199.87
 United States

Domains

Name IP Detection
www.loftpay.ru
 195.161.62.100
www.desidigitaldigest.com
 0.0.0.0
www.jxfktn.store
 0.0.0.0
Click to see the 18 hidden entries
www.atlasmisc.org
 0.0.0.0
www.caseytownship.org
 0.0.0.0
www.fashionbyfairies.com
 0.0.0.0
www.josefinaherz.com
 0.0.0.0
www.wearehydrant.com
 0.0.0.0
www.metodomestredojogo.com
 0.0.0.0
www.belaflorloja.online
 0.0.0.0
desidigitaldigest.com
 84.32.84.32
www.maruphoto1995.com
 160.251.148.119
www.poloaustria.com
 199.59.243.225
www.terranovaservices.top
 198.177.123.106
td-ccm-neg-87-45.wixdns.net
 34.149.87.45
caseytownship.org
 151.101.66.159
www.233138.com
 70.36.107.203
metodomestredojogo.com
 108.179.192.34
belaflorloja.online
 162.240.81.18
www.vsini.com
 162.210.199.87
www.tubidy.tech
 146.148.34.125

URLs

Name Detection
http://www.loftpay.ru/ch82/
http://www.josefinaherz.com/ch82/?ZjRtm=ROQijdc92+HCCF/lu34+uVlI1LEoWWm9i0J1RNS5HvrlPOVm28Ihhw1sD+2N4yq1Qb8uq4IxUBlBqHE67YkeOzrNcvqF6rYlSQ==&atNlc=MvY8l
http://www.desidigitaldigest.com/ch82/
Click to see the 69 hidden entries
http://www.maruphoto1995.com/ch82/
http://www.caseytownship.org/ch82/?ZjRtm=JBcNHKNpBauwjTeRB1geGfOOMOQPGRhBcwVtGQqlBj/2QR6BNxhfUNld2V2U734zLGpnH8ukRawGClefM7s96E5AdryZJdlpiQ==&atNlc=MvY8l
http://www.vsini.com/ch82/?ZjRtm=eSR5URyOC1ibFYRAESkxmwXT4gwzlLAGV/QYhwDkH4AjzZel5LRGAK4ni0laDnaq2OiWWdXqEy0KVle7jTpwFNgqxXoqc3FwUw==&atNlc=MvY8l
http://www.belaflorloja.online/ch82/
http://www.loftpay.ru/ch82/?ZjRtm=oNzgWPkANOZa9rHqWIZZBQyOhHCY2gFN7DVFbaEnDKKxCjPE/BvGoBYpnOYzvsiT7fTsIPhKAC6Vgwx9A1P5twhKp+FZSSnYOg==&atNlc=MvY8l
http://www.metodomestredojogo.com/ch82/
http://www.233138.com/ch82/?ZjRtm=/yQhDZfE0WTF70wNw/LM+DBZuVBuI5dIYXg3mkFqT18Y/9C7Z/lmE2JOr0jXZAwwXfvOfU7vhVoZAziuHxEVA22AT0NFu7wu4g==&atNlc=MvY8l
http://www.233138.com/ch82/
http://www.caseytownship.org/ch82/
http://www.poloaustria.com/ch82/
http://www.belaflorloja.online/ch82/?ZjRtm=TiOFK1ZgJvBjOMHyz1058qVou7euaMsik1VQD6rGaxWTvp1R1ahwPzeV2lbITta/koqER+yPuVa1OZDGM5spiU8J4yubQ0vatw==&atNlc=MvY8l
http://www.josefinaherz.com/ch82/
http://www.maruphoto1995.com/ch82/?ZjRtm=sHmCdQDEWPfk89wSL1dL+HKUlVUQDVldnsaJllK5gIvdfFNdchFHSs+OxlyQODljRxEXgRXoh10QYmHB2NVRjmj/aGJB6J+kng==&atNlc=MvY8l
http://www.terranovaservices.top/ch82/?ZjRtm=BgsX+R1trHaBfzk/oKwZzid+TrQJwN5chNdUmj2yIz0bcDHRg25PwFhi4CFX2VwOlRCqq1BBwT9mAXS7KNTGUVx/nZdeoGV2SA==&atNlc=MvY8l
https://caseytownship.org/ch82/?ZjRtm=JBcNHKNpBauwjTeRB1geGfOOMOQPGRhBcwVtGQqlBj/2QR6BNxhfUNld2V2U73
http://www.terranovaservices.top/ch82/
http://www.desidigitaldigest.com/ch82/?ZjRtm=fngQTsMLs7J0B5ZGr+5DzhBhWw7ifwFHT+yQPtin/Nxz+7gWL5DbGC8jBnlaiKTci2f2eSjSyQuAZbm0ru995SZFNxTjDtq3Iw==&atNlc=MvY8l
http://www.metodomestredojogo.com/ch82/?ZjRtm=KgnOrRqyyYnC5mo5js6X63QP2iXn9ZEa979VEso6JuA7dwNBGBn1IB5VOwbiSJjt/ix8kfBjFkA1dKnKU8OFLEuCCcAkMt0EdQ==&atNlc=MvY8l
http://www.poloaustria.com/ch82/?ZjRtm=rR1qdfzUB0XLOilWcD+xOXirRc9gGsJJOMrrGDgDdrw828SuQuVUTyfqpBhZzeNS20htx6V5USjNyjmkfDNaPeDh3VDnFeH+5A==&atNlc=MvY8l
https://mozilla.org0/
https://crash-reports.mozilla.com/submit?id=
http://ww1.vsini.com
http://www.jiyu-kobo.co.jp/
http://www.tubidy.tech
http://www.fontbureau.com
http://www.apache.org/licenses/LICENSE-2.0
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
http://ww11.www.tubidy.tech/
http://www.fonts.com
http://www.vsini.com/ch82/?ZjRtm=eSR5URyOC1ibFYRAESkxmwXT4gwzlLAGV%2FQYhwDkH4AjzZel5LRGAK4ni0laDnaq2
http://www.fontbureau.com/designers8
https://jino.ru/
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
https://www.ecosia.org/newtab/
https://cp-domains.jino.ru
http://www.carterandcone.coml
https://ac.ecosia.org/autocomplete?q=
http://www.fontbureau.com/designers/cabarga.htmlN
http://www.fontbureau.com/designers/frere-user.html
http://www.founder.com.cn/cn
https://www.google.com
http://www.fontbureau.com/designersG
https://duckduckgo.com/ac/?q=
http://www.fontbureau.com/designers/?
http://www.founder.com.cn/cn/bThe
http://metodomestredojogo.com/ch82/?ZjRtm=KgnOrRqyyYnC5mo5js6X63QP2iXn9ZEa979VEso6JuA7dwNBGBn1IB5VOw
http://www.fontbureau.com/designers?
https://hg.mozilla.org/releases/mozilla-release/rev/68e4c357d26c5a1f075a1ec0c696d4fe684ed881
http://www.tiro.com
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
http://www.fontbureau.com/designers
http://www.tubidy.tech/ch82/?ZjRtm=NjpVce6xBT9ty5OCT17TJHrStPrmmLvVV4ZCA7yS8FJv8nfY0hbRytPdBjQ27qj8dC9aou0+kL/VGjbbyQPqjZ8Sc/DyetMyoA==&atNlc=MvY8l
http://www.goodfont.co.kr
http://www.sajatypeworks.com
http://www.typography.netD
http://www.sakkal.com
http://www.founder.com.cn/cn/cThe
http://nginx.net/
http://www.galapagosdesign.com/staff/dennis.htm
http://help.yahoo.com/help/us/ysearch/slurp)
http://fedoraproject.org/
http://www.tubidy.tech/ch82/
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
http://www.galapagosdesign.com/DPlease
https://duckduckgo.com/chrome_newtab
http://www.sandoll.co.kr
https://www.josefinaherz.com/ch82?ZjRtm=ROQijdc92
http://www.urwpp.deDPlease
http://www.zhongyicts.com.cn

Dropped files

No malicious files found. See full and IOC report for all dropped files.