flash

HHGHJJUILn.exe

Status: finished
Submission Time: 2022-12-09 10:56:09 +01:00
Malicious
Trojan
Spyware
Evader
DarkCloud

Comments

Tags

  • exe

Details

  • Analysis ID:
    764040
  • API (Web) ID:
    1131316
  • Analysis Started:
    2022-12-09 10:56:11 +01:00
  • Analysis Finished:
    2022-12-09 11:03:46 +01:00
  • MD5:
    103f2ca898f5c7285a3651f23d926218
  • SHA1:
    aded75bc932ddb0c9b17f257f82a5be822cab8e6
  • SHA256:
    10633d83edea2308a01d9bcbd507737bf66e93550be49239cd801257f79c7d37
  • Technologies:
Full Report Management Report IOC Report Engine Info Verdict Score Reports

malicious

System: Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 104, IE 11, Adobe Reader DC 19, Java 8 Update 211

malicious
100/100

IPs

IP Country Detection
162.55.60.2
United States

Domains

Name IP Detection
showip.net
162.55.60.2

URLs

Name Detection
https://unpkg.com/leaflet
http://showip.net/
https://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas_sfp&command=
Click to see the 15 hidden entries
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
https://showip.net/?checkip=
http://www.maxmind.com
https://search.yahoo.com/favicon.icohttps://search.yahoo.com/search
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
https://search.yahoo.com?fr=crmas_sfpf
https://ac.ecosia.org/autocomplete?q=
https://www.openstreetmap.org/copyright
https://showip.net/
https://api.telegram.org/bot
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
https://duckduckgo.com/ac/?q=
http://schema.org
https://duckduckgo.com/chrome_newtab
https://search.yahoo.com?fr=crmas_sfp

Dropped files

Name File Type Hashes Detection
C:\Users\Public\vbsqlite3.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, UPX compressed
#
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\HHGHJJUILn.exe.log
CSV text
#
C:\Users\user\AppData\Roaming\A8EC33334FD0FF0355\LogvangVfuSkfsNcHkxYKVGcfUjjBLLTgabama
SQLite 3.x database, last written using SQLite version 3038005, page size 2048, file counter 3, database pages 45, cookie 0x3d, schema 4, UTF-8, version-valid-for 3
#