top title background image
flash

Document.doc.lnk

Status: finished
Submission Time: 2024-03-28 10:32:09 +01:00
Malicious
Ransomware
Trojan
Evader
MalLnk

Comments

Tags

  • lnk

Details

  • Analysis ID:
    1416951
  • API (Web) ID:
    1416951
  • Analysis Started:
    2024-03-28 10:32:09 +01:00
  • Analysis Finished:
    2024-03-28 10:37:53 +01:00
  • MD5:
    98b1b442429c084ac8301af4638ea18d
  • SHA1:
    96aadee715463c50cf22c0a93b5fe1532a058d5c
  • SHA256:
    7b741ba5f5bfe5a6045f1f19e03f412226c7edb42c6c94a5a92922515da89aa0
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
malicious
malicious
Score: 100
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

malicious
Score: 37/61
malicious
Score: 17/24
malicious
malicious

IPs

IP Country Detection
185.215.113.66
Portugal

Domains

Name IP Detection
twizt.net
185.215.113.66

URLs

Name Detection
http://twizt.net/lslut.exe
http://twizt.net/Installed
http://twizt.net/spl.exe
Click to see the 22 hidden entries
http://twizt.net
http://twizt.net/lslut.exer
http://fuckput.in/
http://twizt.net/?
http://twizt.net/lslut.exe%s:Zone.Identifier%userprofile%%s
http://twizt.net/lsl
http://twizt.net/InstalledXZ
http://twizt.net/lslut.exewinsvc.exeKT
http://fuckput.in/N
http://twizt.net/lslut.exes
http://twizt.net/lslut.exewinsvc.exe
http://twizt.net/lslut.exe2
http://twizt.net/lslut.exeu
http://twizt.net/lslut.e8
http://twizt.net/lslut.e
http://twizt.net/InstalledL
http://twizt.net/lslut.exeb
http://twizt.net/lslut.exee
http://twizt.net/InstalledopenMozilla/5.0
http://twizt.net/lslut.eH
http://twizt.net/lslj
http://twizt.net/InstalledT

Dropped files

Name File Type Hashes Detection
C:\Users\user\windrv.exe
PE32 executable (GUI) Intel 80386, for MS Windows
#
C:\Users\user\winsvc.exe
PE32 executable (GUI) Intel 80386, for MS Windows
#