SGTool.exe

Status: finished

Submission Time: 2020-10-15 08:34:51 +02:00

Clean

Comments

Details

Analysis ID:
298446
API (Web) ID:
492000
Analysis Started:

2020-10-15 08:34:53 +02:00
Analysis Finished:

2020-10-15 08:46:58 +02:00
MD5:
6fe234a8d0ca5074b31e82d25cbee369
SHA1:
fbc1520af613eadf8da6fd5b4b132d069ca67ae5
SHA256:
b91408bf2ec3913cb3c3b75d92f68d6524959cf43fee2d4c72d8805d50b97998
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
	Full Report Management Report IOC Report	clean Score: 4	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
	Full Report Management Report IOC Report	clean Score: 1	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 Run Condition: Cmdline fuzzy

URLs

Name	Detection
http://pinyin.sogou.com/skins
http://config.pinyin.sogou.com/api/indexshare/http://config.pinyin.sogou.com/api/medalshare/http://c
http://pinyin.sogou.com/proxy/inputclient?t=help&p=terms&f=aboutsQ
Click to see the 97 hidden entries
http://pinyin.sogou.com/bbs/forum.php?mod=forumdisplay&fid=8
http://pinyin.sogou.com/bbs/?gid=3
http://pinyin.sogou.com
http://www.sczh.comhttp://tieba.baidu.com/f?kw=%CA%AB%B4%CA&fr=ala0
http://ime.sogou.com/pyup.gif?&qtip=1&qtipn=%d
http://www.symauth.com/rpa00
http://pinyin.sogou.com/proxy/inputclient?t=bbs&f=youjian
http://pinyin.sogou.com/proxy/inputclient?t=help&f=shuxinghttp://pinyin.sogou.com/proxy/inputclient?
http://10.11.207.131/test/wangfeng/typewriting6.6/charpainting.php
http://pinyin.sogou.com/proxy/inputclient?t=advice&f=youjian%ld
http://luoj.pinyin.sogou.com/imebox/poem_index.htmlhttp://config.pinyin.sogou.com/richinputapp.gifLo
http://www.sosyao.comhttp://www.cmt.com.cnhttp://www.nmec.org.cnhttp://www.medkaoyan.nethttp://www.m
http://pinyin.sogou.com/user/?f=imehttp://pinyin.sogou.com/help.php?list=11%26q=1%26f=imehttp://piny
http://pinyin.sogou.com/proxy/inputclient?t=sogou&f=youjian
http://get.sogou.com/q&p=&u=&v=k=&g=Resource.dllSb_
http://config.pinyin.sogou.com/api/app90/left.phpsQ
http://pinyin.sogou.com/user/signup.php?f=imehttp://pinyin.sogou.com/proxy/inputclient?t=recover
http://www.symauth.com/cps0(
http://dnf.qq.comhttp://dnf.17173.comhttp://dnf.52pk.comhttp://dnf.uuu9.comhttp://tieba.baidu.com/f?
http://api.pinyin.sogou.com/v1/individual/config?&b_ver=&m_ver=&i_o_count=&i_o_size=&p_o_count=&p_o_
http://game.sohu.com10441022relaxgame
http://pinyin.sogou.com/feedback.html?sgrepair=1$
http://ping.pinyin.sogou.com/config.giftotals%d%s_%d_%d
http://popkart.tiancity.comhttp://popkart.17173.comhttp://wangyou.pcgames.com.cn/zhuanti/popkarthttp
http://pinyin.sogou.comW
http://10.11.207.131/test/wangfeng/typewriting6.6/mathunit.phpspenumhttp://10.11.207.131/test/wangfe
http://ping.pinyin.sogou.com/useskin.gifhttp://ping.pinyin.sogou.com/updateskin.gifhttp://dl.pinyin.
http://xyq.163.comhttp://xyq.17173.comhttp://xyq.yezizhu.comhttp://xyq.netease.comhttp://tieba.baidu
http://pinyin.sogou.com/skins/?f=youjian
http://pinyin.sogou.com/user/signup.php?f=ime
http://ping.pinyin.sogou.com/companybox.gif?
http://sogou.com%s?first=%s&show=%d&allow=%d&check=%d&mgr=%d&exclude=%dpinyinup.exeImeHinthttp://pin
http://ping.pinyin.sogou.com/medal.gifentrygtallclkseclksmtclkswpclk
http://info.pinyin.sogou.com/bubble/getconf.php?id=0
http://pinyin.sogou.com/proxy/inputclient?t=official&f=youjian
http://ping.pinyin.sogou.com/imechecksig2.gifri
http://info.pinyin.sogou.com/bubble/getconf.php?id=1
http://pst.ping.pinyin.sogou.com/wifiinfo.gif
http://pinyin.sogou.com/help.php?p=celldict&f=xiangdaohttp://pinyin.sogou.com/dict/index.php?f=xiang
http://info.pinyin.sogou.com/bubble/getconf.php?id=3
http://info.pinyin.sogou.com/bubble/getconf.php?id=4
http://info.pinyin.sogou.com/bubble/getconf.php?id=5
http://vip.sohu.com1035rpggameRPG8n
http://www.hxlsw.comhttp://www.wenbao.nethttp://www.zglsrw.cnhttp://history.huanqiu.comhttp://tieba.
http://pinyin.sogou.com/proxy/inputclient?t=official&p=shareskin&md5=&f=&skin_id=versionReg
http://pinyin.sogou.com/proxy/inputclient?t=help&f=youjian.
http://api.pinyin.sogou.com/v1/config/netswitch_pcnetswitchhttp://ping.pinyin.sogou.com/lotus_netswi
http://10.11.207.131/test/wangfeng/typewriting6.6/punctuation.phpnumsympeW
http://xy2.163.comhttp://xy3.163.comhttp://xy.17173.comhttp://xy3.17173.comhttp://xy2.netease.comhtt
http://s.sogou.com1021music
http://profile.pinyin.sogou.com/
http://au.9you.comhttp://au.52pk.comhttp://ddr.17173.comhttp://jw2.9you.comhttp://tieba.baidu.com/f?
http://%s?uid=%sconfig.pinyin.sogou.com/api/user/nickname.phpCookie:http://ping.pinyin.sogou.com/ATI
http://ping.pinyin.sogou.com/help.gif
http://config.pinyin.sogou.com/skins/rand.ssf
http://ping.pinyin.sogou.com/big5stat.gif?&big5shortcut=%d&swtichtoBig5=%dSogouIMEMiniSetup_Sgbig5
http://www.co188.comhttp://www.sjzu.edu.cnhttp://www.xauat.edu.cn/jdzy-N;S-No
http://pinyin.sogou.com/proxy/inputclient?t=feedback&p=appbox&f=appboxhttp://pinyin.sogou.com/proxy/
http://ping.pinyin.sogou.com/pyrepair.gif?&sgrepair=1&SgRpr_OpProc=%d&SgRpr_OpRlt=%d&sgrepair=1&SgRp
http://config.pinyin.sogou.com/api/commshare/uploadPic.phphttp://pinyin.sogou.com/skins/sharecomm.ph
http://pinyin.sogou.com/proxy/popup.php?url=http%3A%2F%2Fwww.ifont.cn%2F%3Fsrc%3Dsogou&r=clientIl
http://pinyin.sogou.com/skins/ime_updateavatar.phphttp://pinyin.sogou.com/passport/ime_updateavatar6
http://pinyin.sogou.com/proxy/inputclient?t=feedback&addon=AnnexVersion:
http://config.pinyin.sogou.com/skins/skinAd.php
http://config.pinyin.sogou.com/api/qqfastlogin/single_login3.phpSgImeUniqueApphttp://config.pinyin.s
http://ping.pinyin.sogou.com/skinuse_pop_font.giffn
http://www.wowchina.comhttp://wow.17173.comhttp://www.wowar.comhttp://www.worldofwarcraft.comhttp://
http://pinyin.sogou.com/biaoqing.php?f=biaoqing
http://luoj.pinyin.sogou.com/imebox/sogoucool.htmlpoem8
http://pinyin.sogou.com/skins/
http://bbs.17173.com1013vipvip
http://pinyin.sogou.com/skins/ime_setupwizard.php?version=%s%08d%06d
http://ime.sogou.com/up.giffaildlvhttp://ime.sogou.com/version.txt
http://w2i.wanmei.comhttp://bbs.w2i.wanmei.comhttp://w2i.17173.comhttp://bbs.17173.com/list.php?id=3
http://dl.pinyin.sogou.com/components/packages/SogouFlash_1.0.0.48.scpf
http://config.pinyin.sogou.com/skins/skin_bubble.phpZO
http://ping.pinyin.sogou.com/individual.gif?&usr=
http://config.pinyin.sogou.com/skins/getskinmd5.phpSogouIMEMiniSetup_skinrecommend&listid=&id=idoldi
http://config.pinyin.sogou.com/skins/download.php?SkinReg.exe-install
http://ping.pinyin.sogou.com/stat.gif?kw1=&kw2=&kw3=&pl1=&pl2=&pl3=
http://info.pinyin.sogou.com/bubble/getconf.php?id=2popupendhtmlsizeerrinstallinstallfaildownloadfai
http://api.pinyin.sogou.com/rpa?&type=0
http://game.sohu.com/index2.htm$
http://get.sogou.com/q
http://st.pinyin.sogou.com/st/list2.phpver2domainsSpeedTest/0.4/st/st.php?time=%dOKSpeedReport/0.4st
http://pinyin.sogou.com/zifuhua.php?rinw=1qQ~b0R
http://ping.pinyin.sogou.com/signcheck.gif%d
http://config.pinyin.sogou.com/api/app/ini/update.inihttp://ping.pinyin.sogou.com/appbox.gifhttp://p
http://www.hanyi.com.cnBrandScdConfig.downloadid%dBrandScdConfig.iniscdicond
http://ping.pinyin.sogou.com/skinlistup.gifhttp://ping.pinyin.sogou.com/skinlistuse.gifhttp://config
http://curl.haxx.se/rfc/cookie_spec.html
http://sports.sohu.com/nba.shtmlhttp://sports.qq.com/nbahttp://sports.sina.com.cn/nba
http://psg.pinyin.sogou.com/psgusage.phpproduct0
http://pinyin.sogou.com/help.php?list=11&q=1jsp/personalcenter/pcmerge.jspjsp/personalcenter/pcupdow
http://xiaonei.chinaren.com1010say
http://config.pinyin.sogou.com/components/time.php?usr=SetLoginMain::UpdateContinueLoginDays::GetPCC
http://pp.sohu.com/1001club

Dropped files

No malicious files found. See full and IOC report for all dropped files.

Deep Malware Analysis

SGTool.exe

Comments

Tags

Available tags:

Details

Joe Sandbox

URLs

Dropped files

Deep Malware Analysis

SGTool.exe Options

Comments

Tags

Available tags:

Details

Joe Sandbox

URLs

Dropped files

Search started

SGTool.exe