Register Login

sloganpng

top title background image

itVg5XA6eK.exe

Status: finished

Submission Time: 2022-11-24 19:41:08 +01:00

Malicious

Trojan

Adware

Spyware

Evader

njRat

Comments

Tags

Details

Analysis ID:
753416
API (Web) ID:
1120699
Analysis Started:

2022-11-24 19:41:09 +01:00
Analysis Finished:

2022-11-24 19:47:28 +01:00
MD5:
8533ef6f79e259e9e5fe7c28f1fcd372
SHA1:
48c1f9b2a798a374b6e8c2e5fb655c19e5fa2ed3
SHA256:
bbc8cabc1ba4f81d1ee316d3869ed8e61c91840cb533abee708a3099ab196470
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
		malicious
	Full Report Management Report IOC Report	malicious Score: 100	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

Open Full Report

malicious

Score: 55/72

malicious

Score: 26/26

malicious

malicious

IPs

IP	Country	Detection
41.109.68.239	Algeria

Domains

Name	IP	Detection
h43vipforyou.ddns.net	41.109.68.239

URLs

Name	Detection
h43vipforyou.ddns.net

Dropped files

Name	File Type	Hashes	Detection
C:\ProgramData\rejdit_free_fire.exe	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows	#
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\itVg5XA6eK.exe.log	ASCII text, with CRLF line terminators	#
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\869b16e2825dce24066aba38ee1a9add.exe	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows	#
Click to see the 2 hidden entries
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\rejdit_free_fire.exe.log	ASCII text, with CRLF line terminators	#
\Device\ConDrv	ASCII text, with CRLF line terminators	#