We are hiring! Windows Kernel Developer (Remote), apply here!
flash

AM PROJECT PDF.exe

Status: finished
Submission Time: 2022-09-23 07:55:15 +02:00
Malicious
Trojan
Spyware
Evader
FormBook

Comments

Tags

  • exe

Details

  • Analysis ID:
    708243
  • API (Web) ID:
    1075701
  • Analysis Started:
    2022-09-23 07:59:00 +02:00
  • Analysis Finished:
    2022-09-23 08:09:27 +02:00
  • MD5:
    05069262cd099b2e37afb5afe629d12d
  • SHA1:
    5abfb565897213b0f747fa1843822e4b8b201f7d
  • SHA256:
    ba162d7df1cd1beb851a29a69054491959d8ee6ad27f18b3e9dc57a3f6df1122
  • Technologies:
Full Report Management Report IOC Report Engine Info Verdict Score Reports

malicious

System: Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 104, IE 11, Adobe Reader DC 19, Java 8 Update 211

malicious
100/100

malicious
8/18

malicious
20/26

IPs

IP Country Detection
162.241.194.111
United States
34.102.136.180
United States

Domains

Name IP Detection
fellyhub.com
162.241.194.111
www.fellyhub.com
0.0.0.0
www.soraligne.com
0.0.0.0
Click to see the 1 hidden entries
soraligne.com
34.102.136.180

URLs

Name Detection
http://www.fellyhub.com/rdny/?7n-=6lYX&A0G=dZ8Ayr2drPdNVPVmuvzgGnZ5EDtn0CBwsWjIF75G8uy0K/UwgFE8TCCkfo+4feZhoJ7iWr04K24a/vrIrcJXcRwwE/YP1kXGBw==
www.texasfirsthonda.com/rdny/
https://search.yahoo.com/favicon.icohttps://search.yahoo.com/search
Click to see the 78 hidden entries
http://www.fellyhub.com/bbs
http://www.fellyhub.com/bbs/board.php?bo_table=photo&wr_id=5
https://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas_sfp&command=
http://www.fellyhub.com/bbs/board.php?bo_table=photo&wr_id=2
http://www.fellyhub.com/bbs/board.php?bo_table=photo&wr_id=1
http://www.fellyhub.com/bbs/gallery.php
http://www.soraligne.com/rdny/?A0G=nirRoMghSnbgIhB91EMNSfP7/7ht0QeVg0GeLwyPWvopBgzqt2G+p533L6eaW6GeyJy3z9ND4nEybKooy0llY69rAo//5MT1xA==&7n-=6lYX
http://www.fellyhub.com/bbs/login_check.php
http://www.fellyhub.com/bbs/board.php?bo_table=photo&wr_id=6
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
http://www.fellyhub.com/theme/tailwind0.3/js/swiper.min.css?ver=220620
http://www.fellyhub.com/js/jquery-migrate-1.4.1.min.js?ver=220620
http://www.fellyhub.com/theme/tailwind0.3/js/common.js?ver=220620
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
http://www.fellyhub.com/js/wrest.js?ver=220620
http://www.fellyhub.com/theme/tailwind0.3/js/jquery.menu.js?ver=220620
http://www.fontbureau.com
http://www.apache.org/licenses/LICENSE-2.0
http://www.fellyhub.com/bbs/register.php
http://www.fellyhub.com/theme/tailwind0.3/img/main_bn.jpg
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
http://www.fellyhub.com/theme/tailwind0.3/css/balloon.css?ver=220620
http://www.fellyhub.com/theme/tailwind0.3/css/dark.css?ver=220620
http://www.fontbureau.com/designers8
http://www.fellyhub.com/theme/tailwind0.3/skin/latest/pic_list/style.css?ver=220620
http://www.jiyu-kobo.co.jp/
http://github.com/CJxD/CoreView
http://www.fellyhub.com/bbs/content.php?co_id=provision
http://www.fontbureau.com/designers/frere-jones.html
http://www.fellyhub.com/theme/tailwind0.3/js/sweetalert2.min.js?ver=220620
http://www.founder.com.cn/cn
http://www.fellyhub.com/theme/tailwind0.3
http://www.fontbureau.com/designers/cabarga.htmlN
https://search.yahoo.com?fr=crmas_sfp
https://ac.ecosia.org/autocomplete?q=
http://www.fellyhub.com/bbs/board.php?bo_table=photo&wr_id=4
http://www.fellyhub.com/bbs/board.php?bo_table=photo&wr_id=3
http://www.carterandcone.coml
http://www.fellyhub.com/theme/tailwind0.3/js/swiper.min.js?ver=220620
http://vlovemeiwonv.cafe24.com/js/jquery-1.12.4.min.js?ver=191202
http://www.fellyhub.com/js/jquery-1.12.4.min.js?ver=220620
http://www.fellyhub.com/bbs/free.php
https://use.fontawesome.com/releases/v5.3.1/css/all.css
http://www.goodfont.co.kr
http://www.fellyhub.com/bbs/content.php?co_id=privacy
http://www.fontbureau.com/designers
http://www.tiro.com
https://search.yahoo.com?fr=crmas_sfpf
http://www.soraligne.com/rdny/
http://www.sajatypeworks.com
http://www.fontbureau.com/designers?
http://www.founder.com.cn/cn/bThe
http://www.fontbureau.com/designers/?
http://www.fellyhub.com/js/html5.js
https://duckduckgo.com/ac/?q=
http://www.fellyhub.com/bbs/notice.php
http://www.fontbureau.com/designersG
https://duckduckgo.com/chrome_newtab
http://www.fellyhub.com/plugin/pwa/images/icons/icon-72x72.png
http://www.fellyhub.com/theme/tailwind0.3/css/tailwind.min.css?ver=220620
http://www.fellyhub.com/js/common.js?ver=220620
http://www.fellyhub.com/bbs/content.php?co_id=company
http://www.sakkal.com
http://www.fellyhub.com/js/placeholders.min.js?ver=220620
http://www.zhongyicts.com.cn
http://www.urwpp.deDPlease
http://www.fellyhub.com/bbs/board.php?bo_table=photo
http://www.sandoll.co.kr
http://www.fonts.com
http://www.fellyhub.com/bbs/password_lost.php
http://vlovemeiwonv.cafe24.com/js/jquery-migrate-1.4.1.min.js?ver=191202
http://www.galapagosdesign.com/DPlease
http://www.fellyhub.com
http://fontfabrik.com
http://www.galapagosdesign.com/staff/dennis.htm
http://www.founder.com.cn/cn/cThe
http://www.fellyhub.com/bbs/qa.php
http://www.typography.netD

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\AM PROJECT PDF.exe.log
ASCII text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Temp\262I-Au
SQLite 3.x database, last written using SQLite version 3038005
#