top title background image
flash

EP2E1yYJyT.exe

Status: finished
Submission Time: 2024-10-16 13:57:08 +02:00
Malicious
Trojan
Evader

Comments

Tags

  • 114-114-114-114
  • exe

Details

  • Analysis ID:
    1535022
  • API (Web) ID:
    1535022
  • Original Filename:
    59cc39c5af4d48bd23daf9c000dc3c794d1748253c31b16a8a6a9482c9b7f067.exe
  • Analysis Started:
    2024-10-16 13:57:09 +02:00
  • Analysis Finished:
    2024-10-16 14:03:59 +02:00
  • MD5:
    0083b5be4a600a4529ac5ee153cc03b4
  • SHA1:
    1787fd910bf388fc68f6b2ed677eae52e12a1bfb
  • SHA256:
    59cc39c5af4d48bd23daf9c000dc3c794d1748253c31b16a8a6a9482c9b7f067
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
malicious
malicious
Score: 92
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

malicious
Score: 30/38
malicious

IPs

IP Country Detection
154.216.40.175
Seychelles
223.6.6.6
China

Domains

Name IP Detection
down.nugong.asia
0.0.0.0
yzzcommon.tyui54345.xyz
0.0.0.0
5d77815913ef34de.tyui54345.xyz
0.0.0.0
Click to see the 2 hidden entries
dns.alidns.com
223.6.6.6
down.zhangyaping.top
154.216.40.175

URLs

Name Detection
http://223.5.5.5/resolve?name=down.nugong.asia&type=1j
http://223.5.5.5/resolve?name=spi1.tyui54345.xyz&type=16O
https://223.5.5.5/4
Click to see the 97 hidden entries
http://dns.alidns.com/resolve?name=spi2.zxcv56745.xyz&type=16=
http://223.5.5.5/resolve?name=5d77815913ef34de.tyui54345.xyz&type=58;
https://down.nugong.asia/pgm/mpr/c995ec7fd4f57c0d/5d77815913ef34de.zipCi
https://dns.alidns.com/resolve?name=spi2.tyui54345.xyz&type=16=
https://223.5.5.5/resolve?name=spi1.tyui54345.xyz&type=16H
http://223.5.5.5/resolve?name=spi1.zxcv56745.xyz&type=16pe=16e
https://dns.alidns.com/resolve?name=spi2.tyui54345.xyz&type=16$
https://223.5.5.5/resolve?name=spi1.tyui54345.xyz&type=16F
https://223.5.5.5/resolve?name=%s&type=%d
https://223.5.5.5/resolve?name=spi1.tyui54345.xyz&type=16e=16
http://dns.alidns.com/resolve?name=yzzcommon.tyui54345.xyz&type=5p
http://223.5.5.5/resolve?name=spi1.tyui54345.xyz&type=16o
http://dns.alidns.com/resolve?name=spi3.tyui54345.xyz&type=161TJ
https://dns.alidns.com/ography
http://223.5.5.5/resolve?name=down.nugong.asia&type=1c
https://223.5.5.5/resolve?name=spi2.tyui54345.xyz&type=16e=16c
https://dns.alidns.com/resolve?name=spi2.tyui54345.xyz&type=165$
http://223.5.5.5/resolve?name=spi1.zxcv56745.xyz&type=16P
https://223.5.5.5/resolve?name=yzzcommon.tyui54345.xyz&type=5e=5=5
http://223.5.5.5/resolve?name=5d77815913ef34de.tyui54345.xyz&type=5u
http://dns.alidns.com/resolve?name=yzzcommon.tyui54345.xyz&type=50
http://223.5.5.5/resolve?name=spi1.zxcv56745.xyz&type=16
http://223.5.5.5/resolve?name=yzzcommon.tyui54345.xyz&type=545.xyz&type=5
http://223.5.5.5/resolve?name=spi1.tyui54345.xyz&type=16pe=16
https://223.5.5.5/resolve?name=spi1.tyui54345.xyz&type=16k
https://%s/report.php?type=client&data=%sHost:
http://223.5.5.5/resolve?name=down.nugong.asia&type=1ny
https://dns.alidns.com/resolve?name=spi2.tyui54345.xyz&type=16d
https://dns.alidns.com/resolve?name=spi2.tyui54345.xyz&type=16g
http://223.5.5.5/resolve?name=spi1.tyui54345.xyz&type=160
http://223.5.5.5/resolve?name=spi1.tyui54345.xyz&type=161
https://dns.alidns.com/resolve?name=spi2.tyui54345.xyz&type=16o
https://223.5.5.5/resolve?name=spi1.tyui54345.xyz&type=16z
http://dns.alidns.com/resolve?name=spi2.zxcv56745.xyz&type=16C
http://dns.alidns.com/resolve?name=yzzcommon.tyui54345.xyz&type=5h
http://dns.alidns.com/resolve?name=yzzcommon.tyui54345.xyz&type=55
http://223.5.5.5/resolve?name=spi1.zxcv56745.xyz&type=16e=165$
http://223.5.5.5/resolve?name=spi1.tyui54345.xyz&type=16_
http://dns.alidns.com/resolve?name=spi2.zxcv56745.xyz&type=16N
http://223.5.5.5/resolve?name=spi2.tyui54345.xyz&type=16e=16
https://dns.alidns.com/resolve?name=spi1.tyui54345.xyz&type=16
http://223.5.5.5/resolve?name=spi1.tyui54345.xyz&type=16F
https://223.5.5.5/&
http://223.5.5.5/resolve?name=spi1.zxcv56745.xyz&type=16/
http://223.5.5.5/resolve?name=spi1.tyui54345.xyz&type=16P
https://223.5.5.5/resolve?name=spi2.tyui54345.xyz&type=16=16
https://223.5.5.5//
https://%s/report.php?type=client&data=%s
https://dns.alidns.com/resolve?name=yzzcommon.tyui54345.xyz&type=5i54345.xyz&type=5
https://dns.alidns.com/resolve?name=spi2.zxcv56745.xyz&type=16c
http://dns.alidns.com/5
https://dns.alidns.com/resolve?name=spi3.tyui54345.xyz&type=16oI
http://223.5.5.5/resolve?name=5d77815913ef34de.tyui54345.xyz&type=5
http://223.5.5.5/
http://dns.alidns.com/resolve?name=spi3.tyui54345.xyz&type=16C
http://223.5.5.5/resolve?name=spi1.zxcv56745.xyz&type=16p
http://dns.alidns.com/resolve?name=spi1.zxcv56745.xyz&type=16&I
http://dns.alidns.com/resolve?name=spi3.tyui54345.xyz&type=16=
http://ds.com/
http://223.5.5.5/resolve?name=spi3.tyui54345.xyz&type=16=16
https://down.nugong.asia/pgm/mpr/c995ec7fd4f57c0d/5d77815913ef34de.zip
http://dns.alidns.com/resolve?name=spi3.tyui54345.xyz&type=161
https://dns.alidns.com/resolve?name=spi2.zxcv56745.xyz&type=16=
https://223.5.5.5/resolve?name=spi2.tyui54345.xyz&type=16e=16t
http://dns.alidns.com/resolve?name=spi3.tyui54345.xyz&type=165
https://dns.alidns.com/resolve?name=spi1.zxcv56745.xyz&type=16
https://223.5.5.5/d=#
http://223.5.5.5/resolve?name=spi1.zxcv56745.xyz&type=16=16=
http://dns.alidns.com/resolve?name=spi3.zxcv56745.xyz&type=16
http://223.5.5.5/resolve?name=&type=1
https://dns.alidns.com/resolve?name=spi2.zxcv56745.xyz&type=16E
http://223.5.5.5/resolve?name=spi1.zxcv56745.xyz&type=16pe=16
http://223.5.5.5/resolve?name=spi1.zxcv56745.xyz&type=16F
https://dns.alidns.com/resolve?name=spi2.zxcv56745.xyz&type=16q
http://dns.alidns.com/resolve?name=yzzcommon.tyui54345.xyz&type=5H
https://down.zhangyaping.top/pgm/mpr/c995ec7fd4f57c0d/5d77815913ef34de.zip~
https://dns.alidns.com/resolve?name=spi2.zxcv56745.xyz&type=16n
https://dns.alidns.com/icies
http://223.5.5.5/resolve?name=5d77815913ef34de.tyui54345.xyz&type=5H
https://dns.alidns.com/resolve?name=yzzcommon.tyui54345.xyz&type=5i54345.xyz&type=5$
https://dns.alidns.com/resolve?name=spi2.zxcv56745.xyz&type=16o
https://223.5.5.5/:
http://223.5.5.5/resolve?name=spi1.zxcv56745.xyz&type=160
http://223.5.5.5/resolve?name=spi1.zxcv56745.xyz&type=16?
http://223.5.5.5/resolve?name=5d77815913ef34de.tyui54345.xyz&type=5R
http://223.5.5.5/resolve?name=spi3.tyui54345.xyz&type=16e=16
http://dns.alidns.com/resolve?name=spi3.zxcv56745.xyz&type=16t
https://dns.alidns.com/resolve?name=spi2.zxcv56745.xyz&type=16~
https://223.5.5.5/resolve?name=spi1.zxcv56745.xyz&type=16e=165$
http://223.5.5.5/resolve?name=spi1.zxcv56745.xyz&type=16O
https://223.5.5.5/N
http://dns.alidns.com/resolve?name=yzzcommon.tyui54345.xyz&type=5V
http://223.5.5.5/resolve?name=yzzcommon.tyui54345.xyz&type=5;Z
https://dns.alidns.com/resolve?name=down.zhangyaping.top&type=1UI
http://223.5.5.5/resolve?name=down.nugong.asia&type=1(
https://223.5.5.5/resolve?name=spi2.zxcv56745.xyz&type=16=165913ef34de.zip7F
https://dns.alidns.com/resolve?name=spi2.zxcv56745.xyz&type=16U

Dropped files

Name File Type Hashes Detection
C:\Windows\SysWOW64\93ab9c14
PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, UPX compressed
#