Joe Sandbox Cloud Basic

Want to search on specific fields?


Try our:

Advanced Search
Register Login
sloganpng
flash

love.exe

Status: finished
Submission Time: 2022-06-23 18:18:08 +02:00
Malicious
Trojan
Spyware
Evader
AgentTesla

Comments

Tags

  • exe

Details

  • Analysis ID:
    651266
  • API (Web) ID:
    1018770
  • Analysis Started:
    2022-06-23 18:18:09 +02:00
  • Analysis Finished:
    2022-06-23 18:30:04 +02:00
  • MD5:
    f3c4ce7dd49e5728b3dd941ef7e95313
  • SHA1:
    2c833a4195815f3fdeddc7996e10b17fc2abb3e8
  • SHA256:
    139da5e39dff492d6163311fdcba5daaf916877cc8575e120ffba9b2bda65536
  • Technologies:
Full Report Management Report IOC Report Engine Info Verdict Score Reports

malicious

System: Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 104, IE 11, Adobe Reader DC 19, Java 8 Update 211

malicious
100/100

malicious
21/66

malicious
13/41

IPs

IP Country Detection
162.240.68.177
 United States
149.154.167.220
 United Kingdom
151.101.65.69
 United States
Click to see the 3 hidden entries
151.101.193.69
 United States
151.101.129.69
 United States
151.101.1.69
 United States

Domains

Name IP Detection
stackoverflow.com
 151.101.193.69
api.telegram.org
 149.154.167.220
kolim.tk
 162.240.68.177

URLs

Name Detection
http://www.carterandcone.coml
http://www.fonts.com
http://www.sandoll.co.kr
Click to see the 47 hidden entries
http://www.urwpp.deDPlease
http://www.zhongyicts.com.cn
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
http://www.sakkal.com
http://www.apache.org/licenses/LICENSE-2.0
http://www.fontbureau.com
https://api.telegram.org/bot5310370668:AAEdB2nfvvFj53YoaxJ-AleA2m93WUxxyM0/sendDocumentdocument-----
https://stackoverflow.com/q/14436606/23354
https://www.theonionrouter.com/dist.torproject.org/torbrowser/9.5.3/tor-win32-0.4.3.6.ziphttps://www
https://github.com/mgravell/protobuf-net
http://www.galapagosdesign.com/DPlease
http://www.fontbureau.com/designers/cabarga.htmlN
http://www.founder.com.cn/cn
http://YWkHBx.com
http://www.fontbureau.com/designers/frere-jones.html
https://zw7GRnzerS8zhijeZhLI.org
https://api.telegram.org/bot5310370668:AAEdB2nfvvFj53YoaxJ-AleA2m93WUxxyM0/sendDocument
https://stackoverflow.com/q/2152978/23354
http://www.jiyu-kobo.co.jp/
http://www.fontbureau.com/designers8
https://kolim.tk/love_Wvkjhzse.pngSDnppmojgavldoappabt.Egcapxbcwuzzqnfkwwpyg
http://api.telegram.org
http://www.sajatypeworks.com
http://www.fontbureau.com/designersG
https://kolim.tk/love_Wvkjhzse.png
http://www.fontbureau.com/designers/?
http://www.founder.com.cn/cn/bThe
https://api.telegram.org
https://github.com/mgravell/protobuf-netJ
https://api.telegram.org/bot5310370668:AAEdB2nfvvFj53YoaxJ-AleA2m93WUxxyM0/
http://www.fontbureau.com/designers?
http://www.microsoft.co
http://www.tiro.com
http://www.fontbureau.com/designers
http://www.goodfont.co.kr
http://127.0.0.1:HTTP/1.1
http://www.typography.netD
http://www.founder.com.cn/cn/cThe
http://www.galapagosdesign.com/staff/dennis.htm
http://fontfabrik.com
https://api.telegram.org4
https://github.com/mgravell/protobuf-neti
http://crl.veris
https://kolim.tk
https://stackoverflow.com/q/11564914/23354;
http://DynDns.comDynDNSnamejidpasswordPsi/Psi
http://en.wk5b

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\love.exe.log
 ASCII text, with CRLF line terminators
 #
C:\Users\user\AppData\Roaming\Mgfknof\Grjwvl.exe:Zone.Identifier
 ASCII text, with CRLF line terminators
 #
C:\Users\user\AppData\Roaming\Mgfknof\Grjwvl.exe
 PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
 #
Click to see the 25 hidden entries
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\AC\BackgroundTransferApi\7e696cb3-0cfd-4f21-ab53-c71d1e437ea4.up_meta
 data
 #
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\Grjwvl.exe.log
 ASCII text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\AC\BackgroundTransferApi\0c319fcd-164f-43f5-b568-bddd202ba12d.acb309b0-acb2-458c-b26d-efdacdb577f4.down_meta
 data
 #
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\AC\BackgroundTransferApi\ec96012e-13df-4743-afab-8633c6def4a4.up_meta
 data
 #
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\AC\BackgroundTransferApi\ec96012e-13df-4743-afab-8633c6def4a4.1816c152-22b6-479b-9224-4bb133e865b6.down_meta
 data
 #
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\AC\BackgroundTransferApi\cf6606b1-caf4-4a34-809c-4ea9b905a23f.down_data
 JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 21.1 (Windows), datetime=2021:08:05 13:42:25]
 #
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\AC\BackgroundTransferApi\cf6606b1-caf4-4a34-809c-4ea9b905a23f.cf472a07-1571-440b-ba5b-5d9bc392dca1.down_meta
 data
 #
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\AC\BackgroundTransferApi\c3408038-693e-4317-9a77-dcdd2bc66326.down_data
 JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 21.1 (Windows), datetime=2021:08:05 13:40:50]
 #
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\AC\BackgroundTransferApi\c3408038-693e-4317-9a77-dcdd2bc66326.697aebbe-a821-43f2-a21c-ef6616216e51.down_meta
 data
 #
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\AC\BackgroundTransferApi\a849727c-2c4c-4332-bbdc-bc91897b6e49.down_data
 JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1080x1920, frames 3
 #
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\AC\BackgroundTransferApi\a849727c-2c4c-4332-bbdc-bc91897b6e49.acb309b0-acb2-458c-b26d-efdacdb577f4.down_meta
 data
 #
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\AC\BackgroundTransferApi\989c555b-4bd2-4b2a-899f-852684d8d727.fbbbb2e4-b451-44f5-a8b9-b8f8907b6cc3.down_meta
 data
 #
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\AC\BackgroundTransferApi\989c555b-4bd2-4b2a-899f-852684d8d727.down_data
 JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1920x1080, frames 3
 #
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\AC\BackgroundTransferApi\0c319fcd-164f-43f5-b568-bddd202ba12d.up_meta
 data
 #
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\AC\BackgroundTransferApi\7e696cb3-0cfd-4f21-ab53-c71d1e437ea4.cf472a07-1571-440b-ba5b-5d9bc392dca1.down_meta
 data
 #
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\AC\BackgroundTransferApi\6486abc6-524b-40c1-9f00-142b9ef8a300.up_meta
 data
 #
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\AC\BackgroundTransferApi\6486abc6-524b-40c1-9f00-142b9ef8a300.1434b2ac-40d2-4c42-ad75-b6336bbaea77.down_meta
 data
 #
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\AC\BackgroundTransferApi\430a4b29-2651-477a-902b-258ae5794d94.up_meta
 data
 #
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\AC\BackgroundTransferApi\430a4b29-2651-477a-902b-258ae5794d94.fbbbb2e4-b451-44f5-a8b9-b8f8907b6cc3.down_meta
 data
 #
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\AC\BackgroundTransferApi\2232075c-2080-423f-a051-232211108210.down_data
 JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 21.1 (Windows), datetime=2022:03:02 13:23:15]
 #
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\AC\BackgroundTransferApi\2232075c-2080-423f-a051-232211108210.1434b2ac-40d2-4c42-ad75-b6336bbaea77.down_meta
 data
 #
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\AC\BackgroundTransferApi\17853855-43d6-470c-896b-304a6b88afff.down_data
 JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 21.1 (Windows), datetime=2022:03:02 13:22:10]
 #
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\AC\BackgroundTransferApi\17853855-43d6-470c-896b-304a6b88afff.1816c152-22b6-479b-9224-4bb133e865b6.down_meta
 data
 #
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\AC\BackgroundTransferApi\1202cf45-361f-4e06-9984-df08f0b19094.up_meta
 data
 #
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\AC\BackgroundTransferApi\1202cf45-361f-4e06-9984-df08f0b19094.697aebbe-a821-43f2-a21c-ef6616216e51.down_meta
 data
 #