Smart.Switch.PC_Setup.exe

Status: finished

Submission Time: 2025-04-04 18:33:02 +02:00

Suspicious

Evader

Comments

Details

Analysis ID:
1656850
API (Web) ID:
1656850
Analysis Started:

2025-04-04 18:33:04 +02:00
Analysis Finished:

2025-04-04 18:53:57 +02:00
MD5:
c42b3957f667c1ce0d8c26601a8f58b9
SHA1:
6b8c3e42a9cd1c85f9987cce1033e87c3c5636d3
SHA256:
9d4146d3d9b8e8c557cf9386de7434d8574681d5d54a2970d14915be6f9e67e6
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
	Full Report Management Report IOC Report	suspicious Score: 28	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
	Full Report Management Report IOC Report	clean Score: 5	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 Run Condition: Run with higher sleep bypass

IPs

IP	Country	Detection
18.238.80.11	United States
54.200.79.163	United States

Domains

Name	IP	Detection
ccr.sec-smartswitch.com	54.200.79.163
sspc.sec-smartswitch.com	18.238.80.11

URLs

Name	Detection
https://g.live.com/odclientsettings/ProdV2?OneDriveUpdate=f359a5df14f97b6802371976c96
http://crl.ver)
https://dev.virtualearth.net/webservices/v1/LoggingService/LoggingService.svc/Log?
Click to see the 53 hidden entries
http://nsis.sf.net/NSIS_ErrorError
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gd?pv=1&r=
https://ecn.dev.virtualearth.net/REST/V1/MapControlConfiguration/native/
http://www.samsung.com/smartswitch
http://www.symauth.com/cps0(
https://dev.virtualearth.net/REST/v1/Locations
https://dev.ditu.live.com/REST/V1/MapControlConfiguration/native/
https://dev.virtualearth.net/mapcontrol/logging.ashx
https://ccr.sec-smartswitch.com/upload_pc/rsContent-Type:
https://dynamic.api.tiles.ditu.live.com/odvs/gdi?pv=1&r=
https://dynamic.t
https://dynamic.api.tiles.ditu.live.com/odvs/gri?pv=1&r=
http://www.symauth.com/rpa00
http://www.samsung.com/smartswitch4
http://www.samsung.com/
https://dev.virtualearth.net/REST/v1/Routes/Transit
https://t0.ssl.ak.tiles.virtualearth.net/tiles/gen
http://www.samsung.com/smartswitchK
https://tiles.virtualearth.net/tiles/cmd/StreetSideBubbleMetaData?north=
https://dynamic.api.tiles.ditu.live.com/odvs/gdv?pv=1&r=
http://www.samsung.com/smartswitchC
https://dev.ditu.live.com/REST/v1/Locations
http://msupdate.emodio.comKRUpdateModeA%s/PluginHostServlet?sdk_version=2.0.4.10142_17&region=%s&mod
https://dev.ditu.live.com/REST/v1/JsonFilter/VenueMaps/data/
https://dynamic.api.tiles.ditu.live.com/odvs/gd?pv=1&r=
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gri?pv=1&r=
https://dev.virtualearth.net/REST/v1/Routes/Driving
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/comp/gen.ashx
https://ccr.sec-smartswitch.com/upload_pc/
https://dev.virtualearth.net/REST/v1/Routes/Walking
https://g.live.com/odclientsettings/ProdV2.C:
http://www.installshield.com/isetup/ProErrorCentral.asp?ErrorCode=%d
https://neofussvr.sslcs.cdngc.net/pp_SmartSwitch.htmopenl
https://sspc.sec-smartswitch.com/smartswitchpc/file/SAMSUNG_USB_Driver_for_Mobile_Phones.exe
http://saturn.installshield.com/is/prerequisites/microsoft
https://dev.ditu.live.com/mapcontrol/logging.ashx
https://sspc.sec-smartswitch.com/smartswitchpc/file/xDl.dll
https://dev.ditu.live.com/REST/v1/Imagery/Copyright/
https://g.live.com/odclientsettings/Prod.C:
https://dev.ditu.live.com/REST/v1/Routes/
https://g.live.com/odclientsettings/ProdV2
https://dev.virtualearth.net/REST/v1/Transit/Schedules/
http://www.bingmapsportal.com
https://dev.virtualearth.net/REST/v1/Imagery/Copyright/
https://g.live.com/1rewlive5skydrive/OneDriveProductionV2?OneDriveUpdate=9c123752e31a927b78dc96231b6
https://ecn.dev.virtualearth.net/REST/v1/Imagery/Copyright/
https://sspc.sec-smartswitch.com/smartswitchpc/file/90udll
https://dynamic.t0.tiles.ditu.live.com/comp/gen.ashx
https://dev.ditu.live.com/REST/v1/Transit/Stops/
https://ccr.sec-smartswitch.com/upload_pc/A
https://dev.virtualearth.net/REST/v1/Routes/
https://dev.virtualearth.net/REST/v1/Traffic/Incidents/
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gdi?pv=1&r=

Dropped files

Name	File Type	Hashes	Detection
C:\Program Files (x86)\Samsung\SmartSwitchSupportFiles\Setup1.exe	PE32 executable (GUI) Intel 80386, for MS Windows	#

Deep Malware Analysis

Smart.Switch.PC_Setup.exe

Comments

Tags

Available tags:

Details

Joe Sandbox

IPs

Domains

URLs

Dropped files

Deep Malware Analysis

Smart.Switch.PC_Setup.exe Options

Comments

Tags

Available tags:

Details

Joe Sandbox

IPs

Domains

URLs

Dropped files

Search started

Smart.Switch.PC_Setup.exe