JFVUUBPVUQ.exe

Status: finished

Submission Time: 2025-04-07 20:25:14 +02:00

Malicious

Evader

Comments

Details

Analysis ID:
1658650
API (Web) ID:
1658650
Original Filename:
d505bf12cc3faa562c9faa32d4deeb03.exe
Analysis Started:

2025-04-07 20:44:42 +02:00
Analysis Finished:

2025-04-07 20:54:26 +02:00
MD5:
d505bf12cc3faa562c9faa32d4deeb03
SHA1:
41b00141be1baf9761f82713ee835d4ee1d13581
SHA256:
63dd95de6834cc79ee57ce8060b624d6b3baa6456330e7b5c3634e866764277c
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
	Full Report Management Report IOC Report	malicious Score: 100	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

Open Full Report

malicious

Score: 18/72

malicious

Score: 13/36

malicious

IPs

IP	Country	Detection
104.21.112.1	United States
195.82.147.48	Russian Federation

Domains

Name	IP	Detection
ms-onedrive-updater1.com	104.21.112.1
bg.microsoft.map.fastly.net	199.232.210.172

URLs

Name	Detection
http://195.82.147.48/ab0001/0313/bdvnc/chairintroductory.zip
https://ms-onedrive-updater1.com/api/getFile?fn=bz.hta
https://ms-onedrive-updater1.com/api/getUpdates
Click to see the 65 hidden entries
https://ms-onedrive-updater1.com/api/getFile?fn=bz.exe
https://ms-onedrive-updater1.com/api/connect?hwid=AD0C2ACF47A280BB36FA3A5E07A6C130&buildId=bz&os=Windows%2010%20x64
https://ms-onedrive-updater1.com
https://ms-onedrive-updater1.com/
http://schemas.xmlsoap.org/soap/encoding/
http://pesterbdd.com/images/Pester.png
http://www.apache.org/licenses/LICENSE-2.0.html
https://ms-onedrive-updater1.com/api/getFile?fn=bz.htar
https://go.micro
https://ms-onedrive-updater$i.com/api/getFile?fn=x
http://crl.microsoftAR
http://crl.microsoftA
http://www.apache.org/licenses/LICENSE-2.0
https://contoso.com/Icon
https://ms-onedrive-updater1.com/api/connect?hwid=AD0C2ACF47A280BB36FA3A5E07A6C130&buildId=bz&os=Win
https://ms-onedrive-updater1.com/api/getFile?fn=bz.exeon
https://ms-onedrive-updater1.com/api/getFile?fn=bz.htaXR
https://github.com/Pester/Pester
http://ms-onedrive-updater1.com
http://crl.mi
http://crl.m
https://ms-onedrive-updater1.com/api/getFile?fn=bz.htabP
http://crl.micro
https://ms-onedrive-updater1.com/api/getFile?fn=bz.htaUsers
http://schemas.xmlsoap.org/wsdl/
http://195.82.14
https://aka.ms/pscore68
https://ms-onedrive-updater1.com/api/getFile?fn=bz.hta4P
https://ms-onedrive-updater1.com/api/getFile?fn=bz.hta8P
https://ms-onedrive-updater1.com/api/getFile?fn=bz.exeP
https://oneget.org
https://ms-onedrive-updater1.com/api/getFile?fn=bz.htatCookies
https://ms-onedrive-updater1.com/api/getFile?fn=bz.htaqdXVQ
https://ms-onedrive-updater1.com/api/getFile?fn=bz.htaxe
https://ms-onedrive-updater1.com/api/getFile?fn=bz.htaP
https://ms-onedrive-updater1.com/api/getFile?fn=bz.htaPPC:
https://ms-onedrive-updater1.com/api/getFile?fn=bz.htaja
https://ms-onedrive-updater1.com/api/getFile?fn=bz.htaF
http://195.82.147.81/body/040125-bdd/sourceprospect.zip
https://ms-onedrive-updater1.com/api/getFile?fn=bz.hta5P
https://ms-onedrive-updater1.com/$5
https://ms-onedrive-updater1.com/api/getFile?fn=bz.htat2ePQG
https://ms-onedrive-updater1.com/api/getFile?fn=bz.hta(f
https://ms-onedrive-updater1.com/api/getFile?fn=bz.htajWnr0G
https://ms-onedrive-updater1.com/api/getFile?fn=bz.hta=
https://ms-onedrive-updater$i.com/api/getFile?fn=
https://contoso.com/License
https://ms-onedrive-updater$s.com$ap
https://ms-onedrive-updater1.com/api/getFile?fn=bz.htaaLMEMp
http://nuget.org/NuGet.exe
https://aka.ms/pscore6lB
https://ms-onedrive-updater1.com/_
https://ms-onedrive-updater1.com/api/getFile?fn=bz.htack
https://ms-onedrive-updater1.com/api/getFile?fn=bz.htahttps://ms-onedrive-updater1.com/api/getFile?f
https://ms-onedrive-updater$i.com/api/getFile?fn=bz
https://contoso.com/
https://nuget.org/nuget.exe
https://oneget.orgX
https://ms-onedrive-updater$i.com/api/getFile?fn=bz.hta
https://ms-onedrive-updater1.com/api/getFile?fn=bz.htaLMEMp
https://ms-onedrive-updater1.com/api/getFile?fn=bz.htaC:
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
https://ms-onedrive-updater1.com/api/getFile?fn=bz.hta...%RI
https://ms-onedrive-updater1.com/api/getFile?fn=bz.htaHistory.IE5nt
http://195.82.147.48

Dropped files

No malicious files found. See full and IOC report for all dropped files.

Deep Malware Analysis

JFVUUBPVUQ.exe

Comments

Tags

Available tags:

Details

Joe Sandbox

Third Party Analysis Engines

IPs

Domains

URLs

Dropped files

Deep Malware Analysis

JFVUUBPVUQ.exe Options

Comments

Tags

Available tags:

Details

Joe Sandbox

Third Party Analysis Engines

IPs

Domains

URLs

Dropped files

Search started

JFVUUBPVUQ.exe