xsh.exe

Status: finished

Submission Time: 2025-04-11 09:18:17 +02:00

Malicious

Comments

Details

Analysis ID:
1662890
API (Web) ID:
1662890
Analysis Started:

2025-04-11 09:24:34 +02:00
Analysis Finished:

2025-04-11 09:28:51 +02:00
MD5:
e807d13da45da4fc38a9a0e78c5bc84d
SHA1:
e30e0ea8043e126f7da811936a754aad7584ebae
SHA256:
b03874e8de30fea7fa6361a319b61ee9ffa3399bdca1a4d98ea9dabeaa53af0e
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
	Full Report Management Report IOC Report	malicious Score: 48	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

Open Full Report

malicious

Score: 10/72

malicious

Score: 7/36

URLs

Name	Detection
http://www.hqshixian.com/jlmt/snycOrder.do
https://api.hqshixian.com/docking/platform/orderDetail
https://waimaiopen.meituan.com/api/v1/retailCat/list
Click to see the 32 hidden entries
http://www.hqshixian.com/jlmt/shopInfo.do
https://waimaiopen.meituan.com/api/v1/retail/sellStatus
https://waimaiopen.meituan.com/api/v1/retail/updateAppFoodCodeByNameAndSpec
https://api.hqshixian.com/docking/platform/orderDeliveryhqSend
http://101.126.11.168/xsh/update.exe
http://www.hqshixian.com//jlmt/toUpdateMtwmPeisongStatus.do
https://waimaiopen.meituan.com/api/v1/shipping/list
https://waimaiopen.meituan.com/api/v1/poi/mget
https://waimaiopen.meituan.com/api/v1/retail/sku/save
https://waimaiopen.meituan.com/api/v1/retail/sku/priceCommand34Check1:
http://www.hqshixian.com//jlmt/cancelMtSendByOrderId.doLabel108
http://www.hqshixian.com/jlmt/clearRule.do
http://www.hqshixian.com/eb/cancelMtSendByOrderId.do
https://waimaiopen.meituan.com/api/v1/shipping/delete$app_shipping_code=
https://api.hqshixian.com/docking/platform/eborderDetail
https://waimaiopen.meituan.com/api/v1/retail/sku/price
http://www.hqshixian.com//jlmt/cancelMtSendByOrderId.do
http://www.hqshixian.com/eb/MT2EBUpdateArea.do
https://waimaiopen.meituan.com/api/v1/shipping/batchsave
https://api.hqshixian.com/docking/platform/orderBill
https://waimaiopen.meituan.com/api/v1/retail/list
https://waimaiopen.meituan.com/api/v1/retail/sellStatusl
https://waimaiopen.meituan.com/api/v1/retail/batchinitdata
http://p0.meituan.net/scproduct/59db334080662bf7e910d8289c19d8e431297.jpg
https://api.hqshixian.com/docking/platform/refundorderDetail
http://p1.meituan.net/scproduct/8348fec1a041b4b5b801b63
http://www.hqshixian.com/eb/toUpdateEbPeisongStatus.do
https://waimaiopen.meituan.com
https://waimaiopen.meituan.com/api/v1/shipping/delete
http://p1.meituan.net/scproduct/8348fec1a041b4b5b801b63536169b71124808.jpg.
https://api.hqshixian.com/admin/system/meituan/api
http://p1.meituan.net/scproduct/8348fec1a041b4b5b801b63536169b71124808.jpg

Dropped files

No malicious files found. See full and IOC report for all dropped files.

Deep Malware Analysis

xsh.exe

Comments

Tags

Available tags:

Details

Joe Sandbox

Third Party Analysis Engines

URLs

Dropped files

Deep Malware Analysis

xsh.exe Options

Comments

Tags

Available tags:

Details

Joe Sandbox

Third Party Analysis Engines

URLs

Dropped files

Search started

xsh.exe