National Development Strategy.lnk

Status: finished

Submission Time: 2023-01-30 17:50:18 +01:00

Malicious

Ransomware

Trojan

Spyware

BazaLoader

Comments

Details

Analysis ID:
794563
API (Web) ID:
1161808
Analysis Started:

2023-01-30 17:50:19 +01:00
Analysis Finished:

2023-01-30 18:02:30 +01:00
MD5:
23c0523af70c2144cb3e29101039512d
SHA1:
b61ab26a38322ee466e18fa381d0ede106f39e57
SHA256:
176b336f425bc15651672f96f70149873b10a3badfa040c8943bfe54955e043d
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
	Full Report Management Report IOC Report	malicious Score: 100	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

Open Full Report

malicious

Score: 18/61

malicious

Score: 17/26

malicious

IPs

IP	Country	Detection
193.149.129.50	Denmark
172.64.193.26	United States

Domains

Name	IP	Detection
cloud.archive-downloader.com	193.149.129.50
cdn1.iconfinder.com	172.64.193.26

URLs

Name	Detection
https://cloud.archive-downloader.com/s.hta)
https://cloud.archive-downloader.com/lsacs.exe-OutFile
https://cloud.archive-downloader.com/
Click to see the 84 hidden entries
https://cloud.archive-downloader.com/s.hta...6
https://cloud.archive-downloader.comx
https://cloud.archive-downloader.com/s.htaLMEMX8U
https://cloud.archive-downloader.com/s.htaNNC:
https://cloud.archive-downloader.com/lsacs.exe0y
https://cloud.archive-downloader.com/s.htaowsINetCookies
https://cloud.archive-downloader.com/P
https://cloud.archive-downloader.com/lsacs.exeG
https://cloud.archive-downloader.com/s.htaC:
https://cloud.archive-downloader.com/s.hta...
https://cloud.archive-downloader.com/file.pdf0y
https://cloud.archive-downloader.com/s.hta
https://cloud.archive-downloader.com/s.hta=
https://cloud.archive-downloader.com
http://cloud.archive-downloader.com
https://cloud.archive-downloader.com/lsacs.exe
https://cloud.archive-downloader.com/file.pdf
https://cloud.archive-downloader.com/s.htaQ
https://cloud.archive-downloader.com/s.htaATH=
https://cloud.archive-downloader.com/file.pdf-OutFile
https://cloud.archive-downloader.com/L
https://go.micro
http://www.cl.cam.ac.uk/~mgk25/iso-time.html
https://cdn1.iconfinder.com/
https://httpbin.org/
http://csrc.nist.gov/publications/nistpubs/800-38C/SP800-38C.pdf
http://google.com/mail
https://urllib3.readthedocs.io/en/1.26.x/advanced-usage.html#ssl-warnings
https://contoso.com/Icon
http://www.phys.uu.nl/~vgent/calendar/isocalendar.htm
http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf
http://www.apache.org/licenses/LICENSE-2.0.html
http://google.com/
http://csrc.nist.gov/publications/nistpubs/800-38D/SP-800-38D.pdf
https://twitter.com/
http://www.rfc-editor.org/info/rfc7253
https://github.com/Pester/Pester
https://cdn1.iconfinder.com/y
http://hg.python.org/cpython/file/603b4d593758/Lib/socket.py#l535
https://www.ibm.com/support/knowledgecenter/en/ssw_aix_61/com.ibm.aix.basetrf1/load.htm
http://crl.m
http://google.com/mail/
http://wwwsearch.sf.net/):
https://tools.ietf.org/html/rfc5297
https://packaging.python.org/specifications/entry-points/
http://web.cs.ucdavis.edu/~rogaway/ocb/license.htm
https://www.ietf.org/rfc/rfc2898.txt
https://contoso.com/License
https://nuget.org/nuget.exe
https://contoso.com/
https://www.ibm.com/
http://www.iana.org/assignments/tls-parameters/tls-parameters.xml#tls-parameters-6
http://yahoo.com/
https://tools.ietf.org/html/rfc2388#section-4.4
https://api.telegram.org/bot5885840251:AAG8HoCjrI1QANXkA4oqnJ60lgPP7w86Clg/sendMessage?chat_id=56833
https://github.com/Ousret/charset_normalizer
https://cdn1.iconfinder.com/data/icons/google_jfk_icons_by_carlosjj/512/chrome.pngr
https://cdn1.iconfinder.com/data/icons/google_jfk_icons_by_carlosjj/512/chrome.pngC:
https://httpbin.org/post
https://github.com/mhammond/pywin32
http://www.python.org/
http://blog.cryptographyengineering.com/2012/05/how-to-choose-authenticated-encryption.html
https://cloud.google.com/appengine/docs/standard/runtimes
https://cdn1.iconfinder.com/data/icons/google_jfk_icons_by_carlosjj/512/chrome.pngl
http://tools.ietf.org/html/rfc5869
https://mahler:8092/site-updates.py
http://json.org
https://cdn1.iconfinder.com/I
http://pesterbdd.com/images/Pester.png
https://www.python.org
http://httpbin.org/
http://nuget.org/NuGet.exe
https://httpbin.org/get
http://www.cs.ucdavis.edu/~rogaway/papers/keywrap.pdf
https://cdn1.iconfinder.com/data/icons/google_jfk_icons_by_carlosjj/512/chrome.png
http://www.tarsnap.com/scrypt/scrypt-slides.pdf
https://cdn1.iconfinder.com/;
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
http://speleotrove.com/decimal/decarith.html
https://tools.ietf.org/html/rfc3610
https://requests.readthedocs.io
https://urllib3.readthedocs.io/en/1.26.x/advanced-usage.html#ssl-warningsp
http://tools.ietf.org/html/rfc5297
http://www.iana.org/time-zones/repository/tz-link.html

Dropped files

Name	File Type	Hashes
C:\ProgramData\lsacs.exe	PE32+ executable (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\Cryptodome\Cipher\_Salsa20.pyd	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\Cryptodome\Cipher\_raw_aes.pyd	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
Click to see the 105 hidden entries
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\Cryptodome\Cipher\_raw_aesni.pyd	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\Cryptodome\Cipher\_raw_cbc.pyd	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\Cryptodome\Cipher\_raw_cfb.pyd	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\Cryptodome\Cipher\_raw_ctr.pyd	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\Cryptodome\Cipher\_raw_ecb.pyd	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\Cryptodome\Cipher\_raw_eksblowfish.pyd	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\Cryptodome\Cipher\_raw_ocb.pyd	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\Cryptodome\Cipher\_raw_ofb.pyd	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\Cryptodome\Hash\_BLAKE2s.pyd	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\Cryptodome\Hash\_MD5.pyd	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\Cryptodome\Hash\_SHA1.pyd	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\Cryptodome\Hash\_SHA256.pyd	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\Cryptodome\Hash\_ghash_clmul.pyd	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\Cryptodome\Hash\_ghash_portable.pyd	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\Cryptodome\Protocol\_scrypt.pyd	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\Cryptodome\Util\_cpuid_c.pyd	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\Cryptodome\Util\_strxor.pyd	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\_bz2.pyd	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\_ctypes.pyd	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\_decimal.pyd	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\_elementtree.pyd	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\_hashlib.pyd	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\_lzma.pyd	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\_queue.pyd	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\_socket.pyd	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\_sqlite3.pyd	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\_ssl.pyd	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\_uuid.pyd	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\pyexpat.pyd	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\python39.dll	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\pythoncom39.dll	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\pywintypes39.dll	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\select.pyd	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\sqlite3.dll	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\steal.exe	PE32+ executable (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\unicodedata.pyd	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\win32crypt.pyd	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\ProgramData\file.pdf	PDF document, version 1.7, 1 pages	#
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\05349744be1ad4ad_0	data	#
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\0786087c3c360803_0	data	#
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\0998db3a32ab3f41_0	data	#
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\0ace9ee3d914a5c0_0	data	#
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\0f25049d69125b1e_0	data	#
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\230e5fe3e6f82b2c_0	data	#
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\2798067b152b83c7_0	data	#
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\2a426f11fd8ebe18_0	data	#
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\39c14c1f4b086971_0	data	#
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\3a4ae3940784292a_0	data	#
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\4a0e94571d979b3c_0	data	#
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\560e9c8bff5008d8_0	data	#
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\56c4cd218555ae2b_0	data	#
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\6267ed4d4a13f54b_0	data	#
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\6fb6d030c4ebbc21_0	data	#
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\7120c35b509b0fae_0	data	#
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\71febec55d5c75cd_0	data	#
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\86b8040b7132b608_0	data	#
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\8c159cc5880890bc_0	data	#
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\8c84d92a9dbce3e0_0	data	#
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\8e417e79df3bf0e9_0	data	#
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\91cec06bb2836fa5_0	data	#
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\927a1596c37ebe5e_0	data	#
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\92c56fa2a6c4d5ba_0	data	#
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\946896ee27df7947_0	data	#
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\983b7a3da8f39a46_0	data	#
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\aba6710fde0876af_0	data	#
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\b6d5deb4812ac6e9_0	data	#
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\bba29d2e6197e2f4_0	data	#
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\bf0ac66ae1eb4a7f_0	data	#
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\cf3e34002cde7e9c_0	data	#
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\d449e58cb15daaf1_0	data	#
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\d88192ac53852604_0	data	#
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\de789e80edd740d6_0	data	#
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\f0cf6dfa8a1afa3d_0	data	#
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\f4a0d4ca2f3b95da_0	data	#
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\f941376b2efdd6e6_0	data	#
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\f971b7eda7fa05c3_0	data	#
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\fd17b2d8331c91e8_0	data	#
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\fdd733564de6fbcb_0	data	#
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\febb41df4ea2b63a_0	data	#
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\index-dir\temp-index	data	#
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\index-dir\the-real-index (copy)	data	#
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\index-dir\the-real-index~RF67bdbd.TMP (copy)	data	#
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG	ASCII text	#
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG.old (copy)	ASCII text	#
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG.old~RF671596.TMP (copy)	ASCII text	#
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Visited Links	data	#
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons\icon-230131015135Z-242.bmp	PC bitmap, Windows 3.x format, 107 x -152 x 32, cbSize 65110, bits offset 54	#
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages	SQLite 3.x database, last written using SQLite version 3024000, file counter 12, database pages 15, cookie 0x5, schema 4, UTF-8, version-valid-for 12	#
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages-journal	SQLite Rollback Journal	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\189397[1].png	PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\s[1].hta	HTML document, ASCII text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache	data	#
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive	data	#
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_a3vxi3je.uda.ps1	very short file (no magic)	#
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_cjchyufc.z4k.psm1	very short file (no magic)	#
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_dapxgbjs.b5j.ps1	very short file (no magic)	#
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_jvlelz22.etj.psm1	very short file (no magic)	#
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_pbjyotax.xfw.psm1	very short file (no magic)	#
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_slrsabnf.e3p.ps1	very short file (no magic)	#
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\certifi\cacert.pem	ASCII text	#
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\libcrypto-1_1.dll	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\libffi-7.dll	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\libssl-1_1.dll	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\vcruntime140.dll	PE32+ executable (DLL) (console) x86-64, for MS Windows	#
C:\Users\user\Desktop\Loginvault.db	SQLite 3.x database, last written using SQLite version 3038005, page size 2048, file counter 2, database pages 23, cookie 0x19, schema 4, UTF-8, version-valid-for 2	#

National Development Strategy.lnk

Comments

Tags

Available tags:

Details

Joe Sandbox

Third Party Analysis Engines

IPs

Domains

URLs

Dropped files

National Development Strategy.lnk Options

Comments

Tags

Available tags:

Details

Joe Sandbox

Third Party Analysis Engines

IPs

Domains

URLs

Dropped files

Search started

National Development Strategy.lnk