Register Login

sloganpng

top title background image

DHL AWB SHIPPING DOCS_AWB_0009123.exe

Status: finished

Submission Time: 2023-02-07 18:00:27 +01:00

Malicious

Trojan

Spyware

Evader

Snake Keylogger

Comments

Tags

Details

Analysis ID:
800700
API (Web) ID:
1167903
Analysis Started:

2023-02-07 18:23:13 +01:00
Analysis Finished:

2023-02-07 18:34:45 +01:00
MD5:
cf98f42b9d4bbdc20e54e7e0ca7543c0
SHA1:
2543080386230d110b18e1b653c14d1d640998da
SHA256:
f7b57c7265e87bee11e652eba90afe3e0c34f691cd8faf3b79fe8def96044831
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
	Full Report Management Report IOC Report	malicious Score: 100	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

Open Full Report

malicious

Score: 26/70

malicious

Score: 17/39

IPs

IP	Country	Detection
193.122.6.168	United States

Domains

Name	IP	Detection
checkip.dyndns.com	193.122.6.168
checkip.dyndns.org	0.0.0.0

URLs

Name	Detection
http://checkip.dyndns.org/
http://checkip.dyndns.org4
http://checkip.dyndns.org
Click to see the 6 hidden entries
http://schemas.m
http://checkip.dyndns.com
http://nsis.sf.net/NSIS_ErrorError
https://api.telegram.org/bot
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
http://checkip.dyndns.org/q

Dropped files

Name	File Type	Hashes	Detection
C:\Users\user\AppData\Local\Temp\tdbwdaltxz.exe	PE32 executable (GUI) Intel 80386, for MS Windows	#
C:\Users\user\AppData\Local\Temp\nsq9965.tmp	data	#
C:\Users\user\AppData\Local\Temp\rjnyysvx.m	data	#
Click to see the 2 hidden entries
C:\Users\user\AppData\Local\Temp\wfpxt.ubj	data	#
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\MpCmdRun.log	Unicode text, UTF-16, little-endian text, with CRLF line terminators	#