Joe Sandbox Cloud Basic

Want to search on specific fields?


Try our:

Advanced Search

Want to search in depth on all Cloud Basic reports?

Try: Joe Sandbox View

Register Login
Deep Malware Analysis
top title background image
flash

SecuriteInfo.com.Trojan.Siggen20.45289.27589.26669.exe

Status: finished
Submission Time: 2024-07-05 06:19:04 +02:00
Suspicious
Ransomware
Evader

Comments

Tags

  • exe

Details

  • Analysis ID:
    1467948
  • API (Web) ID:
    1467948
  • Analysis Started:
    2024-07-05 06:19:05 +02:00
  • Analysis Finished:
    2024-07-05 06:44:34 +02:00
  • MD5:
    d24b89cd8ed0bf45794f5f6a1324cd64
  • SHA1:
    4218126f5f9f455af47a3c44552837357328d045
  • SHA256:
    13b11fea340a9312543a3f33cf271bdc340daec08a03d591aa9179eb95066dcd
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
Full Report Management Report IOC Report
suspicious
Score: 24
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Full Report Management Report IOC Report
clean
Score: 18
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Run Condition: Run with higher sleep bypass

IPs

IP Country Detection
38.45.227.13
 United States
38.45.227.5
 United States
38.45.227.6
 United States
Click to see the 4 hidden entries
34.107.172.168
 United States
34.110.215.133
 United States
76.9.213.8
 Canada
34.111.113.40
 United States

URLs

Name Detection
https://policies.google.com/privacy
http://crbug.com/360567
http://crbug.com/235689.
Click to see the 97 hidden entries
http://changyoufun.com/wmby/index.htmlRSTU
http://restools.hanzify.org/U
http://emggcdn1.ucimg.co/windows/UploadBundles/army-anim2_1335172117.brotli;;
http://crbug.com/415315.
https://m.evony.com/n6.html?content=Try_it_Yourself_Many_failed_before_Think_you_can_do_better&u=
http://www.wldna.com/?PreDefines.
https://www.google.com/
https://crbug.com/5448190).
http://www.wldna.com/?PreDefines.ish
https://m.evony.com/n13.html?content=Try_it_Yourself_Many_failed_before_Think_you_can_do_better&u=
http://crbug.com/470411
http://em.evony.com/index.php?r=shorturl/getRealUrl&&k=
http://crbug.com/516527
http://emcl.evony.com/pixel.jpg?project=EM&client=u3d&os=120&ve
https://m.evony.com/n11.html?content=Try_it_Yourself_Many_failed_before_Think_you_can_do_better&u=
http://emggcdn1.ucimg.co/windows/UploadBundles/army-ui-art_4269022620.brotlis).I
http://crbug.com/908458
http://crbug.com/514696
http://crbug.com/819404
https://curl.se/docs/alt-svc.html
http://emggcdn1.ucimg.co/windows/UploadBundles/army-anim2_1335172117.brotlin
http://code.google.com/p/chromium/issues/detail?id=125863)
http://crbug.com/258526.
http://emcl.evony.com/pixel.jpg?project=EM&client=u3d&os=120&.sdb
http://m.evony.com/Terms.html
http://crbug.com/478929
http://emggcdn1.ucimg.co/windows/UploadBundles/prefab-building-evony5_603251547.brotli
https://www.google.com/chrome/cleanup-tool/
http://emcl.evony.com/pixel.jpg_
http://crbug.com/275944
https://developer.mozilla.org/en/DOM/document.
https://m.evony.com/n2.html?content=Try_it_Yourself_Many_failed_before_Think_you_can_do_better&u=
https://code.google.com/p/chromium/issues/detail?id=162042
https://code.google.com/p/chromium/issues/detail?id=162044
http://emcl.evony.com/pixel.jpg?project=EM&client=u3d&os=120&ve%
http://emggcdn1.ucimg.co/windows/UploadBundles/army-anim4_2461290424.brotlimp
http://emggcdn1.ucimg.co/windows/UploadBundles/army-anim3_1034175375.brotli=)
https://emcl.evony.com/pixel.jpg?project=EM&client=u3d&os=120&type=0&user_id=1020291&isAmazon=0&hd=0
http://crbug.com/319444.
http://emggcdn1.ucimg.co/windows/UploadBundles/prefab-ui-others_2453432180.brotlip
http://emggcdn1.ucimg.co/client/Evony_release_b343_s298013_20240628-003014_50m_windows_new_auto.exe
http://emggcdn1.ucimg.co/windows/UploadBundles/army-anim1_147738136.brotli
https://support.google.com/chrome/?p=plugin_flash
http://emggcdn1.ucimg.co/windows/UploadBundles/prefab-ui-others_2453432180.brotli
https://m.evony.com/n16.html?content=Try_it_Yourself_Many_failed_before_Think_you_can_do_better&u=
https://support.google.com/chrome/answer/6258784
http://em.evony.com/PrivacyPolicy.html
http://emggcdn1.ucimg.co/windows/UploadBundles/anim-star_2533218360.brotli
http://emggcdn1.ucimg.co/windows/UploadBundles/prefab-world_3386343179.brotli
https://m.evony.com/n18.html?content=Try_it_Yourself_Many_failed_before_Think_you_can_do_better&u=
https://m.evony.com/n10.html?content=Try_it_Yourself_Many_failed_before_Think_you_can_do_better&u=
https://www.google.com/speech-api/v2/synthesize?
https://crbug.com/837107):
http://emcl.evony.com/pixel.jpg?project=EM&client=u3d&os=120&
https://curl.se/docs/alt-svc.html#
http://www.foo.com/bar
http://crbug.com/378067
https://curl.se/docs/hsts.html
https://policies.google.com/terms
http://emggcdn1.ucimg.co/windows/UploadBundles/army-anim6_3347160378.brotli
https://curl.se/docs/hsts.html#
http://crbug.com/510270
http://em.evony.com/down.php?type=windows&print=15360000
http://em.evony.com/p
http://em.evony.com/down.php?type=windows&print=1
https://m.evony.com/n4.html?content=Try_it_Yourself_Many_failed_before_Think_you_can_do_better&u=
https://m.evony.com/n8.html?content=Try_it_Yourself_Many_failed_before_Think_you_can_do_better&u=
http://surveys.google.com/unit?site=z4cctguzopq5x2ftal6vdgjrui
http://em.evony.com/index.php?r=shorturl/getRealUrl&&k=http://em.evony.com/down.php?type=windows&pri
https://crbug.com/593166
http://crbug.com/473845
http://crbug.com/371562.
http://emggcdn1.ucimg.co/client/Evony_release_b343_s298013_20240628-003014_50m_windows_new_auto.exen
http://crbug.com/541769
https://m.evony.com/n17.html?content=Try_it_Yourself_Many_failed_before_Think_you_can_do_better&u=
http://crbug.com/320723
http://emggcdn.ucimg.co
https://em.evony.com/index.php?r=shorturl/getRealUrl&k=
https://crbug.com/787427.
http://em.evony.com/index.php?r=shorturl/getRealUrl&&k=AABBCCDDEEFn=0.4.0&compileType=release&nH
https://chrome.google.com/webstore
http://emggcdn1.ucimg.co/windows/UploadBundles/puzzle-door_2747818999.brotli
https://m.evony.com/n15.html?content=Try_it_Yourself_Many_failed_before_Think_you_can_do_better&u=
http://foo.com/bar#NAMEDDEST.
http://www.innosetup.com/
http://em.evony.com/down.php?type=windows&print=1R_ARCHIfv
https://www.evony.com&
http://crbug.com/642141
http://crbug.com/122474.
http://emggcdn1.ucimg.co/client/Evony_release_b343_s298013_20240628-003014_50m_windows_new_auto.exet
https://crbug.com/701034
http://emcl.evony.com/pixel.jpg
https://developers.google.com/chrome-developer-tools/docs/remote-debugging
https://m.evony.com/n1.html?content=Try_it_Yourself_Many_failed_before_Think_you_can_do_better&u=
http://crbug.com/415315
https://www.google.com/cloudprint
https://support.google.com/legal/answer/3110420

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Temp\topgamesinc\Evony_ The King's Return\DownloadTemp\puzzle-ui_3658943333.brotli
 OpenPGP Public Key
 #
C:\Users\user\AppData\Local\Temp\topgamesinc\Evony_ The King's Return\DownloadTemp\en-US_dfbb5179cc57dd362efb6df431b2da0c.zip
 Zip archive data, at least v2.0 to extract, compression method=deflate
 #
C:\Users\user\AppData\Local\Temp\topgamesinc\Evony_ The King's Return\DownloadTemp\maincity-map-evony5_3462011455.brotli
 data
 #
Click to see the 60 hidden entries
C:\Users\user\AppData\Local\Temp\topgamesinc\Evony_ The King's Return\DownloadTemp\prefab-anim-evony5_2974154043.brotli
 data
 #
C:\Users\user\AppData\Local\Temp\topgamesinc\Evony_ The King's Return\DownloadTemp\prefab-building-evony5_603251547.brotli
 OpenPGP Public Key
 #
C:\Users\user\AppData\Local\Temp\topgamesinc\Evony_ The King's Return\DownloadTemp\puzzle-ad_49824091.brotli
 data
 #
C:\Users\user\AppData\Local\Temp\topgamesinc\Evony_ The King's Return\DownloadTemp\puzzle-bullhead_3362899041.brotli
 OpenPGP Public Key
 #
C:\Users\user\AppData\Local\Temp\topgamesinc\Evony_ The King's Return\DownloadTemp\puzzle-door_2747818999.brotli
 data
 #
C:\Users\user\AppData\Local\Temp\topgamesinc\Evony_ The King's Return\DownloadTemp\puzzle-egypt_4055153623.brotli
 data
 #
C:\Users\user\AppData\Local\Temp\topgamesinc\Evony_ The King's Return\DownloadTemp\puzzle-lava_754326057.brotli
 data
 #
C:\Users\user\AppData\Local\Temp\topgamesinc\Evony_ The King's Return\DownloadTemp\puzzle-map-frame_2291977699.brotli
 OpenPGP Public Key
 #
C:\Users\user\AppData\Local\Temp\topgamesinc\Evony_ The King's Return\DownloadTemp\puzzle-map_2337640541.brotli
 data
 #
C:\Users\user\AppData\Local\Temp\topgamesinc\Evony_ The King's Return\DownloadTemp\puzzle-maya_3478796074.brotli
 OpenPGP Public Key
 #
C:\Users\user\AppData\Local\Temp\topgamesinc\Evony_ The King's Return\DownloadTemp\puzzle-nu_1965725141.brotli
 data
 #
C:\Users\user\AppData\Local\Temp\topgamesinc\Evony_ The King's Return\DownloadTemp\puzzle-original_3128651657.brotli
 OpenPGP Public Key
 #
C:\Users\user\AppData\Local\Temp\topgamesinc\Evony_ The King's Return\DownloadTemp\puzzle-role_179201213.brotli
 data
 #
C:\Users\user\AppData\Local\Temp\topgamesinc\Evony_ The King's Return\DownloadTemp\e596f913526978b3de874d1d4e9fcb93.zip
 Zip archive data, at least v2.0 to extract, compression method=deflate
 #
C:\Users\user\AppData\Local\Temp\topgamesinc\Evony_ The King's Return\DownloadTemp\puzzle-viking_1594703064.brotli
 OpenPGP Public Key
 #
C:\Users\user\AppData\Local\Temp\topgamesinc\Evony_ The King's Return\DownloadTemp\role-evony1-anim_2029691946.brotli
 data
 #
C:\Users\user\AppData\Local\Temp\topgamesinc\Evony_ The King's Return\DownloadTemp\role-evony1-model_3161167982.brotli
 data
 #
C:\Users\user\AppData\Local\Temp\topgamesinc\Evony_ The King's Return\DownloadTemp\role-evony2-anim_2011285480.brotli
 data
 #
C:\Users\user\AppData\Local\Temp\topgamesinc\Evony_ The King's Return\DownloadTemp\role-evony2-model_3125278016.brotli
 data
 #
C:\Users\user\AppData\Local\Temp\topgamesinc\Evony_ The King's Return\DownloadTemp\role-evony3-anim_1520481958.brotli
 data
 #
C:\Users\user\AppData\Local\Temp\topgamesinc\Evony_ The King's Return\DownloadTemp\role-evony3-model_777875519.brotli
 data
 #
C:\Users\user\AppData\Local\Temp\topgamesinc\Evony_ The King's Return\DownloadTemp\role-evony4-model_3487144469.brotli
 data
 #
C:\Users\user\AppData\Local\Temp\topgamesinc\Evony_ The King's Return\DownloadTemp\role-evony5-anim_603136724.brotli
 data
 #
C:\Users\user\AppData\Local\Temp\topgamesinc\Evony_ The King's Return\DownloadTemp\role-evony5-model_3315917671.brotli
 data
 #
C:\Users\user\AppData\Local\Temp\topgamesinc\Evony_ The King's Return\DownloadTemp\role-evony6-anim_2687762604.brotli
 data
 #
C:\Users\user\AppData\Local\Temp\topgamesinc\Evony_ The King's Return\DownloadTemp\role-evony6-model_1593441291.brotli
 data
 #
C:\Users\user\AppData\Local\Temp\topgamesinc\Evony_ The King's Return\DownloadTemp\role-evony7-anim_1650297496.brotli
 data
 #
C:\Users\user\AppData\Local\Temp\topgamesinc\Evony_ The King's Return\DownloadTemp\role-evony7-model_2811439933.brotli
 data
 #
C:\Users\user\AppData\Local\Temp\topgamesinc\Evony_ The King's Return\DownloadTemp\shooting_sprite_puzzle_1147677540.brotli
 data
 #
C:\Users\user\AppData\Local\Temp\topgamesinc\Evony_ The King's Return\DownloadTemp\anim-army-evony2-age1_1360540446.brotli
 OpenPGP Public Key
 #
C:\Users\user\AppData\LocalLow\topgamesinc\Evony_ The King's Return\Loading\Temp\dynamic-pc-loading-l_9296308.brotli
 data
 #
C:\Users\user\AppData\Local\Temp\evony_install.exe
 PE32 executable (GUI) Intel 80386, for MS Windows
 #
C:\Users\user\AppData\Local\Temp\is-5ET6D.tmp\bg_finished.png
 PNG image data, 710 x 400, 8-bit/color RGB, non-interlaced
 #
C:\Users\user\AppData\Local\Temp\is-5ET6D.tmp\bg_installing.png
 PNG image data, 710 x 400, 8-bit/color RGB, interlaced
 #
C:\Users\user\AppData\Local\Temp\is-5ET6D.tmp\bg_welcome.png
 PNG image data, 710 x 400, 8-bit/color RGB, non-interlaced
 #
C:\Users\user\AppData\Local\Temp\is-5ET6D.tmp\bg_welcome_expand.png
 PNG image data, 710 x 530, 8-bit/color RGB, non-interlaced
 #
C:\Users\user\AppData\Local\Temp\is-5ET6D.tmp\btn_setup.png
 PNG image data, 220 x 192, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Temp\is-TKDSD.tmp\evony_install.tmp
 PE32 executable (GUI) Intel 80386, for MS Windows
 #
C:\Users\user\AppData\Local\Temp\topgamesinc\Evony_ The King's Return\DownloadTemp\abtest_9351_snowstorm_1058262842.brotli
 OpenPGP Public Key
 #
C:\Users\user\AppData\Local\Temp\topgamesinc\Evony_ The King's Return\DownloadTemp\abtest_9501_marchingqueue_896672413.brotli
 data
 #
C:\Users\user\AppData\Local\Temp\topgamesinc\Evony_ The King's Return\DownloadTemp\abtest_9501_wosmarchqueueoptimization_3505500930.brotli
 data
 #
C:\Users\user\AppData\Local\Temp\topgamesinc\Evony_ The King's Return\DownloadTemp\anim-army-common-age1_1377571287.brotli
 data
 #
C:\Users\user\AppData\Local\Temp\topgamesinc\Evony_ The King's Return\DownloadTemp\anim-army-evony1-age1_2648517498.brotli
 data
 #
C:\Users\user\AppData\Local\Temp\topgamesinc\Evony_ The King's Return\DownloadTemp\anim-army-evony1-age2_905865394.brotli
 OpenPGP Public Key
 #
C:\Users\user\AppData\Local\Temp\topgamesinc\Evony_ The King's Return\DownloadTemp\anim-army-evony1-general_1320653600.brotli
 data
 #
C:\Program Files (x86)\Evony\evony.exe (copy)
 PE32+ executable (GUI) x86-64, for MS Windows
 #
C:\Users\user\AppData\Local\Temp\topgamesinc\Evony_ The King's Return\DownloadTemp\anim-army-evony2-general_932571768.brotli
 OpenPGP Public Key
 #
C:\Users\user\AppData\Local\Temp\topgamesinc\Evony_ The King's Return\DownloadTemp\anim-army-evony3-age1_252493909.brotli
 OpenPGP Public Key
 #
C:\Users\user\AppData\Local\Temp\topgamesinc\Evony_ The King's Return\DownloadTemp\anim-army-evony3-general_2835875096.brotli
 OpenPGP Public Key
 #
C:\Users\user\AppData\Local\Temp\topgamesinc\Evony_ The King's Return\DownloadTemp\anim-army-evony4-age1_4004955229.brotli
 OpenPGP Public Key
 #
C:\Users\user\AppData\Local\Temp\topgamesinc\Evony_ The King's Return\DownloadTemp\anim-army-evony4-general_3803691962.brotli
 OpenPGP Public Key
 #
C:\Users\user\AppData\Local\Temp\topgamesinc\Evony_ The King's Return\DownloadTemp\anim-army-evony5-age1_147666316.brotli
 OpenPGP Public Key
 #
C:\Users\user\AppData\Local\Temp\topgamesinc\Evony_ The King's Return\DownloadTemp\anim-army-evony5-general_2031309966.brotli
 OpenPGP Public Key
 #
C:\Users\user\AppData\Local\Temp\topgamesinc\Evony_ The King's Return\DownloadTemp\anim-army-evony6-age1_2499610442.brotli
 OpenPGP Public Key
 #
C:\Users\user\AppData\Local\Temp\topgamesinc\Evony_ The King's Return\DownloadTemp\anim-army-evony7-age1_2880652014.brotli
 OpenPGP Public Key
 #
C:\Users\user\AppData\Local\Temp\topgamesinc\Evony_ The King's Return\DownloadTemp\anim-boss-bimeng_1265000540.brotli
 OpenPGP Public Key
 #
C:\Users\user\AppData\Local\Temp\topgamesinc\Evony_ The King's Return\DownloadTemp\army-ui-art-evony5_3653675160.brotli
 data
 #
C:\Users\user\AppData\Local\Temp\topgamesinc\Evony_ The King's Return\DownloadTemp\building-model-in-evony5_2568264251.brotli
 data
 #
C:\Users\user\AppData\Local\Temp\topgamesinc\Evony_ The King's Return\DownloadTemp\building-model-out-evony5_2854177203.brotli
 data
 #
C:\Users\user\AppData\Local\Temp\topgamesinc\Evony_ The King's Return\DownloadTemp\city-wall-crash-evony5_3209756256.brotli
 OpenPGP Public Key
 #