avaydna.exe

Status: finished

Submission Time: 2025-01-05 10:47:07 +01:00

Malicious

Phishing

Trojan

Evader

Njrat

Comments

Details

Analysis ID:
1584386
API (Web) ID:
1584386
Analysis Started:

2025-01-05 10:47:07 +01:00
Analysis Finished:

2025-01-05 10:57:20 +01:00
MD5:
63f511fef91ec6145ef47f17947f6d74
SHA1:
562dcc427d36d26c98279a53eefc7635f4950652
SHA256:
32208b799047de8f44aeea18a62c8ee4518026141e300ede79494b972c325cc8
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
		malicious
	Full Report Management Report IOC Report	malicious Score: 100	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

Open Full Report

malicious

Score: 55/72

malicious

Score: 32/38

malicious

IPs

IP	Country	Detection
147.185.221.24	United States
188.114.97.3	European Union
3.160.150.115	United States
Click to see the 18 hidden entries
104.17.25.14	United States
142.250.186.164	United States
188.114.96.3	European Union
94.242.247.24	Luxembourg
239.255.255.250	Reserved
65.9.66.81	United States
172.67.189.44	United States
104.18.11.207	United States
3.65.31.211	United States
104.17.248.203	United States
212.117.190.217	Luxembourg
94.242.207.132	Luxembourg
157.245.14.184	United States
143.204.98.56	United States
143.204.98.72	United States
104.21.20.211	United States
13.32.121.68	United States
13.32.121.95	United States

Domains

Name	IP	Detection
both-foundations.gl.at.ply.gg	147.185.221.24
meatspin.com	188.114.97.3
l.sharethis.com	0.0.0.0
Click to see the 20 hidden entries
d2znr2yi078d75.cloudfront.net	65.9.66.81
cdn.bncloudfl.com	0.0.0.0
platform-cdn.sharethis.com	0.0.0.0
buttons-config.sharethis.com	0.0.0.0
awardchirpingenunciate.com	94.242.207.132
coosync.com	212.117.190.217
unpkg.com	104.17.248.203
isolatedovercomepasted.com	94.242.247.24
zctyu.ujscdn.com	172.67.189.44
www.google.com	142.250.186.164
personaserver.com	157.245.14.184
count-server.sharethis.com	13.32.121.95
platform-api.sharethis.com	3.160.150.115
cdnjs.cloudflare.com	104.17.25.14
d3oiwf0xhhk8m1.cloudfront.net	143.204.98.72
zctyu.nxt-psh.com	104.21.20.211
httplogserver-lb.global.unified-prod.sharethis.net	3.65.31.211
lookmommynohands.com	188.114.96.3
shakingtacklingunpeeled.com	94.242.247.24
maxcdn.bootstrapcdn.com	104.18.11.207

URLs

Name	Detection
https://meatspin.com/js/bootstrap.min.js
http://sns.qzone.qq.com/cgi-bin/qzshare/cgi_qzshare_onekey?
https://github.com/twbs/bootstrap/blob/master/LICENSE)
Click to see the 97 hidden entries
https://github.com/ded/bonzo
https://www.linkedin.com/shareArticle?
https://unpkg.com/@ruffle-rs/ruffle/46bc048d2e630360c89e.wasm
https://meatspin.com/meatspin.swf
https://maxcdn.bootstrapcdn.com/font-awesome/4.1.0/fonts/fontawesome-webfont.woff?v=4.1.0
https://www.meatspin.com/best-vr-porn-sites/
http://www.plurk.com/?
https://gdpr-api.sharethis.com/cmp.js
http://widget.renren.com/dialog/share?
https://www.desktopstrippers.org/vr-strippers/
https://sync.sharethis.com/powr/hem?
https://www.weibo.com/
https://meatspin.com/js/cbpAnimatedHeader.js
https://meatspin.com/js/classie.js
https://meatspin.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
https://t.sharethis.com/1/k/t.dhj?
https://share.flipboard.com/bookmarklet/popout?
https://www.youtube.com/
https://t.me/share/url?
https://datasphere-sbsvc.sharethis.com?n=
https://isolatedovercomepasted.com/report/
https://www.meatspin.com/sex-finder/
https://www.meatspin.com/omegle-alternatives/
https://secure.actblue.com/donate/ms_blm_homepage_2019
https://personaserver.com/ad/www/delivery/asyncjs.php
https://web.whatsapp.com/send?
https://stackoverflow.com/a/9493060/2688027
https://www.meatspin.com/fuck-buddy/
https://mail.google.com/mail/?view=cm&
https://is.gd/IY7Ki9
https://adulttiktok.github.io/
https://docs.rs/getrandom#nodejs-es-module-support
https://discord.gg/
https://api.qrserver.com/v1/create-qr-code/?
https://dribbble.com/
https://www.twitter.com/meatspincom
https://unpkg.com/@ruffle-rs/ruffle@0.1.0-nightly.2025.1.5/46bc048d2e630360c89e.wasm
https://isolatedovercomepasted.com/lv/esnk/2044020/code.js
https://platform-cdn.sharethis.com/img/facebook.svg
https://www.reddit.com/r/ShockingMedia/
https://personaserver.com/ad/www/delivery/asyncspc.php
https://www.meatspin.com/chicktok/
https://www.meatspin.com/shock-sites/
https://twitter.com/intent/tweet?
https://oss.maxcdn.com/libs/respond.js/1.4.2/respond.min.js
https://www.meetup.com/members/
http://service.weibo.com/share/share.php?
https://pinboard.in/add?
https://trello.com/add-card?
https://sharethis.com/platform/share-buttons?
https://www.meatspin.com/instasex/
https://open.spotify.com/
https://isolatedovercomepasted.com/sn/ps/2044020?freq=1&im=0&pid=__clb-2044020_1&puid=7456366334588437709&so=1&wcks=1
https://www.tumblr.com/
http://www.douban.com/recommend/?
https://foursquare.com/v/
https://giphy.com/posts/how-to-embed-giphy-gifs-on-your-website
https://www.meatspin.com/ai-girlfriend/
http://www.opensource.org/licenses/mit-license.php
https://www.dexerto.com/entertainment/top-10-most-viewed-twitch-clips-of-all-time-2-310900
http://getbootstrap.com)
https://github.com/gfx-rs/wgpu/issues/5974
https://www.fark.com/submit?
https://meatspin.com/css/bootstrap.min.css
https://www.airbnb.com/rooms/
https://www.quora.com/
https://platform-api.sharethis.com/navistone.js
https://del.icio.us/save?
https://www.slideshare.net/
https://www.meatspin.com/adult-finder/
https://lookerstudio.google.com/reporting/b7906fea-989e-4891-9dc3-a6166b104eeb
https://stats.g.doubleclick.net/g/collect
https://count-server.sharethis.com/v2.0/get_counts?cb=window.__sharethis__.cb&url=https%3A%2F%2Fmeatspin.com%2F
https://developers.gfycat.com/iframe/#gfycat-iframe
https://meatspin.com/t
https://www.blogger.com/blog-this.g?
https://platform-api.sharethis.com
http://bootswatch.com
https://meatspin.com/k
https://ok.ru/
https://meatspin.com/m
https://www.meatspin.com/fucktok/
https://www.instagram.com/
https://vimeo.com/
https://meatspin.com/site.webmanifest
https://github.com/gfx-rs/naga/issues/2168
https://shakingtacklingunpeeled.com/lv/esnk/2043439/code.js
https://isolatedovercomepasted.com/get/2044020?zoneid=2044020&jp=_clt6jonftcds3fief3yx4t&nojs=0&abvar=0&febuild=1.0.448&t=0&wcks=1&wgl=1&cnvs=1&os=300&tz=America/New_York&ss=1&ls=1&bb=0&cti=0&fn=3&es=14&ge=2&th=dEarIce5OOaq9ca6FINCc5I-&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Win32&cd=24&vcv=Google%20Inc.%20(Google)&vcn=ANGLE%20(Google,%20Vulkan%201.3.0%20(SwiftShader%20Device%20(Subzero)%20(0x0000C0DE)),%20SwiftShader%20driver)&ix=0&x=1034&y=870&md=0&psu=UWbGZFPaHR0cHM6Ly9tZWF0c3Bpbi5jb20v&afid=7713599491176448&dl=4&rtt=200&eclog=0&snc=0&ssc=0&vp=0&im=0&cha=x86&chb=64&chbr=%22Google%20Chrome%22%3Bv%3D%22117%22%2C%20%22Not%3BA%3DBrand%22%3Bv%3D%228%22%2C%20%22Chromium%22%3Bv%3D%22117%22&chf=%22Google%20Chrome%22%3Bv%3D%22117.0.5938.132%22%2C%20%22Not%3BA%3DBrand%22%3Bv%3D%228.0.0.0%22%2C%20%22Chromium%22%3Bv%3D%22117.0.5938.132%22&chm=false&chmd=&chp=Windows&chv=10.0.0&de=0&cs=2&bp=1&pid=__clb-2044020_1&freq=0&uf=0
https://meatspin.com/Y
https://meatspin.com/favicon-32x32.png
https://shakingtacklingunpeeled.com/get/2043439?zoneid=2043439&jp=_clr15jxz0znx49e9walkhb&nojs=0&abvar=0&febuild=1.0.448&t=0&wcks=1&wgl=1&cnvs=1&os=300&tz=America/New_York&ss=1&ls=1&bb=0&cti=0&fn=3&es=14&ge=2&th=dEarIce5OOaq9ca6FINCc5I-&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Win32&cd=24&vcv=Google%20Inc.%20(Google)&vcn=ANGLE%20(Google,%20Vulkan%201.3.0%20(SwiftShader%20Device%20(Subzero)%20(0x0000C0DE)),%20SwiftShader%20driver)&ix=0&x=1034&y=870&md=0&psu=OXT1v4NaHR0cHM6Ly9tZWF0c3Bpbi5jb20v&afid=6869174561014272&dl=4&rtt=200&eclog=0&snc=0&ssc=0&vp=0&im=0&cha=x86&chb=64&chbr=%22Google%20Chrome%22%3Bv%3D%22117%22%2C%20%22Not%3BA%3DBrand%22%3Bv%3D%228%22%2C%20%22Chromium%22%3Bv%3D%22117%22&chf=%22Google%20Chrome%22%3Bv%3D%22117.0.5938.132%22%2C%20%22Not%3BA%3DBrand%22%3Bv%3D%228.0.0.0%22%2C%20%22Chromium%22%3Bv%3D%22117.0.5938.132%22&chm=false&chmd=&chp=Windows&chv=10.0.0&de=0&cs=2&bp=1&pid=__clb-2043439_1&freq=0&uf=0
https://maxcdn.bootstrapcdn.com/font-awesome/4.1.0/css/font-awesome.min.css
https://www.snapchat.com/
https://meatspin.com/js/freelancer.js
https://foursquare.com/intent/venue/
http://wordpress.com/wp-admin/press-this.php?
https://electricbikereview.com/gocycle/gs/

Dropped files

No malicious files found. See full and IOC report for all dropped files.

Deep Malware Analysis

avaydna.exe

Comments

Tags

Available tags:

Details

Joe Sandbox

Third Party Analysis Engines

IPs

Domains

URLs

Dropped files

Deep Malware Analysis

avaydna.exe Options

Comments

Tags

Available tags:

Details

Joe Sandbox

Third Party Analysis Engines

IPs

Domains

URLs

Dropped files

Search started

avaydna.exe