top title background image
flash

Anfrage_244384.exe

Status: finished
Submission Time: 2024-11-06 15:35:11 +01:00
Malicious
Trojan
Spyware
Evader
FormBook, GuLoader

Comments

Tags

  • exe

Details

  • Analysis ID:
    1550253
  • API (Web) ID:
    1550253
  • Analysis Started:
    2024-11-06 16:09:43 +01:00
  • Analysis Finished:
    2024-11-06 16:19:50 +01:00
  • MD5:
    b03f23199ae987a7bce0ff1a0d742e3e
  • SHA1:
    f454c8de72926ee9f98db7056fa89f0c3ada9666
  • SHA256:
    eda014e3b658bfbbfd141c1459a3414d9ee8b7c139a3976fe732141fa9cf3f80
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
malicious
Score: 100
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

malicious

IPs

IP Country Detection
188.40.95.144
Germany
194.58.112.174
Russian Federation

Domains

Name IP Detection
familytherapycenter.rs
188.40.95.144
www.svarus.online
194.58.112.174

URLs

Name Detection
https://www.reg.ru/whois/?check=&dname=www.svarus.online&reg_source=parking_auto
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
https://www.reg.ru/hosting/?utm_source=www.svarus.online&utm_medium=parking&utm_campaign=s_land_host
Click to see the 27 hidden entries
http://www.svarus.online/sa87/?LJ=0zbXYrx&6X64=UqcT3NX6Xc6Oa5c5HtJN6Sm3jRGrdUDSppl2CYCGZerglEzU6CQj7u00+cYUshbCTVWQ/5Gc6Lshk9bP6yg8AmPqwLiPHc0f1bybms24K+7m7zNAaNQIZa1j2XstdwJ+GTV4HpA=
http://www.w3c.org/TR/1999/REC-html401-19991224/loose.dtd
https://www.reg.ru/sozdanie-saita/
https://inference.location.live.net/inferenceservice/v21/Pox/GetLocationUsingFingerprinte1e71f6b-214
https://parking.reg.ru/script/get_domain_data?domain_name=www.svarus.online&rand=
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
http://nsis.sf.net/NSIS_Error
http://www.w3c.org/TR/1999/REC-html401-19991224/frameset.dtd
https://familytherapycenter.rs/LxuQG254.binA
https://ac.ecosia.org/autocomplete?q=
https://familytherapycenter.rs/LxuQG254.binl
https://familytherapycenter.rs/LxuQG254.bink
https://duckduckgo.com/chrome_newtab
https://www.ecosia.org/newtab/
https://help.reg.ru/support/ssl-sertifikaty/1-etap-zakaz-ssl-sertifikata/kak-zakazat-besplatnyy-ssl-
https://familytherapycenter.rs/LxuQG254.bin
http://nsis.sf.net/NSIS_ErrorError
https://familytherapycenter.rs/LxuQG254.bins
https://familytherapycenter.rs/LxuQG254.bin2
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
http://www.ftp.ftp://ftp.gopher.
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
https://www.reg.ru/domain/new/?utm_source=www.svarus.online&utm_medium=parking&utm_campaign=s_land_n
https://www.reg.ru/dedicated/?utm_source=www.svarus.online&utm_medium=parking&utm_campaign=s_land_se
https://familytherapycenter.rs/
https://reg.ru
https://duckduckgo.com/ac/?q=

Dropped files

No malicious files found. See full and IOC report for all dropped files.