AM PROJECT PDF.exe

Status: finished

Submission Time: 2022-09-23 07:55:15 +02:00

Malicious

Trojan

Spyware

Evader

FormBook

Comments

Details

Analysis ID:
708243
API (Web) ID:
1075701
Analysis Started:

2022-09-23 07:59:00 +02:00
Analysis Finished:

2022-09-23 08:09:27 +02:00
MD5:
05069262cd099b2e37afb5afe629d12d
SHA1:
5abfb565897213b0f747fa1843822e4b8b201f7d
SHA256:
ba162d7df1cd1beb851a29a69054491959d8ee6ad27f18b3e9dc57a3f6df1122
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
		malicious
	Full Report Management Report IOC Report	malicious Score: 100	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

Open Full Report

malicious

Score: 8/18

malicious

Score: 20/26

IPs

IP	Country	Detection
162.241.194.111	United States
34.102.136.180	United States

Domains

Name	IP	Detection
fellyhub.com	162.241.194.111
www.fellyhub.com	0.0.0.0
www.soraligne.com	0.0.0.0
Click to see the 1 hidden entries
soraligne.com	34.102.136.180

URLs

Name	Detection
http://www.fellyhub.com/rdny/?7n-=6lYX&A0G=dZ8Ayr2drPdNVPVmuvzgGnZ5EDtn0CBwsWjIF75G8uy0K/UwgFE8TCCkfo+4feZhoJ7iWr04K24a/vrIrcJXcRwwE/YP1kXGBw==
www.texasfirsthonda.com/rdny/
https://search.yahoo.com/favicon.icohttps://search.yahoo.com/search
Click to see the 78 hidden entries
http://www.fellyhub.com/bbs
http://www.fellyhub.com/bbs/board.php?bo_table=photo&wr_id=5
https://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas_sfp&command=
http://www.fellyhub.com/bbs/board.php?bo_table=photo&wr_id=2
http://www.fellyhub.com/bbs/board.php?bo_table=photo&wr_id=1
http://www.fellyhub.com/bbs/gallery.php
http://www.soraligne.com/rdny/?A0G=nirRoMghSnbgIhB91EMNSfP7/7ht0QeVg0GeLwyPWvopBgzqt2G+p533L6eaW6GeyJy3z9ND4nEybKooy0llY69rAo//5MT1xA==&7n-=6lYX
http://www.fellyhub.com/bbs/login_check.php
http://www.fellyhub.com/bbs/board.php?bo_table=photo&wr_id=6
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
http://www.fellyhub.com/theme/tailwind0.3/js/swiper.min.css?ver=220620
http://www.fellyhub.com/js/jquery-migrate-1.4.1.min.js?ver=220620
http://www.fellyhub.com/theme/tailwind0.3/js/common.js?ver=220620
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
http://www.fellyhub.com/js/wrest.js?ver=220620
http://www.fellyhub.com/theme/tailwind0.3/js/jquery.menu.js?ver=220620
http://www.fontbureau.com
http://www.apache.org/licenses/LICENSE-2.0
http://www.fellyhub.com/bbs/register.php
http://www.fellyhub.com/theme/tailwind0.3/img/main_bn.jpg
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
http://www.fellyhub.com/theme/tailwind0.3/css/balloon.css?ver=220620
http://www.fellyhub.com/theme/tailwind0.3/css/dark.css?ver=220620
http://www.fontbureau.com/designers8
http://www.fellyhub.com/theme/tailwind0.3/skin/latest/pic_list/style.css?ver=220620
http://www.jiyu-kobo.co.jp/
http://github.com/CJxD/CoreView
http://www.fellyhub.com/bbs/content.php?co_id=provision
http://www.fontbureau.com/designers/frere-jones.html
http://www.fellyhub.com/theme/tailwind0.3/js/sweetalert2.min.js?ver=220620
http://www.founder.com.cn/cn
http://www.fellyhub.com/theme/tailwind0.3
http://www.fontbureau.com/designers/cabarga.htmlN
https://search.yahoo.com?fr=crmas_sfp
https://ac.ecosia.org/autocomplete?q=
http://www.fellyhub.com/bbs/board.php?bo_table=photo&wr_id=4
http://www.fellyhub.com/bbs/board.php?bo_table=photo&wr_id=3
http://www.carterandcone.coml
http://www.fellyhub.com/theme/tailwind0.3/js/swiper.min.js?ver=220620
http://vlovemeiwonv.cafe24.com/js/jquery-1.12.4.min.js?ver=191202
http://www.fellyhub.com/js/jquery-1.12.4.min.js?ver=220620
http://www.fellyhub.com/bbs/free.php
https://use.fontawesome.com/releases/v5.3.1/css/all.css
http://www.goodfont.co.kr
http://www.fellyhub.com/bbs/content.php?co_id=privacy
http://www.fontbureau.com/designers
http://www.tiro.com
https://search.yahoo.com?fr=crmas_sfpf
http://www.soraligne.com/rdny/
http://www.sajatypeworks.com
http://www.fontbureau.com/designers?
http://www.founder.com.cn/cn/bThe
http://www.fontbureau.com/designers/?
http://www.fellyhub.com/js/html5.js
https://duckduckgo.com/ac/?q=
http://www.fellyhub.com/bbs/notice.php
http://www.fontbureau.com/designersG
https://duckduckgo.com/chrome_newtab
http://www.fellyhub.com/plugin/pwa/images/icons/icon-72x72.png
http://www.fellyhub.com/theme/tailwind0.3/css/tailwind.min.css?ver=220620
http://www.fellyhub.com/js/common.js?ver=220620
http://www.fellyhub.com/bbs/content.php?co_id=company
http://www.sakkal.com
http://www.fellyhub.com/js/placeholders.min.js?ver=220620
http://www.zhongyicts.com.cn
http://www.urwpp.deDPlease
http://www.fellyhub.com/bbs/board.php?bo_table=photo
http://www.sandoll.co.kr
http://www.fonts.com
http://www.fellyhub.com/bbs/password_lost.php
http://vlovemeiwonv.cafe24.com/js/jquery-migrate-1.4.1.min.js?ver=191202
http://www.galapagosdesign.com/DPlease
http://www.fellyhub.com
http://fontfabrik.com
http://www.galapagosdesign.com/staff/dennis.htm
http://www.founder.com.cn/cn/cThe
http://www.fellyhub.com/bbs/qa.php
http://www.typography.netD

Dropped files

Name	File Type	Hashes	Detection
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\AM PROJECT PDF.exe.log	ASCII text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\262I-Au	SQLite 3.x database, last written using SQLite version 3038005	#

AM PROJECT PDF.exe

Comments

Tags

Available tags:

Details

Joe Sandbox

Third Party Analysis Engines

IPs

Domains

URLs

Dropped files

AM PROJECT PDF.exe Options

Comments

Tags

Available tags:

Details

Joe Sandbox

Third Party Analysis Engines

IPs

Domains

URLs

Dropped files

Search started

AM PROJECT PDF.exe