Register Login

sloganpng

top title background image

14data.txt.exe

Status: finished

Submission Time: 2019-09-21 06:01:51 +02:00

Malicious

Evader

Comments

Tags

Details

Analysis ID:
176449
API (Web) ID:
249639
Analysis Started:

2019-09-21 06:01:52 +02:00
Analysis Finished:

2019-09-21 06:08:51 +02:00
MD5:
fd085e62e5a4ce5f12b326fa57562d69
SHA1:
5e8153d753fe05261e797223584dd13efa0a5931
SHA256:
f9f73363fb2ab82ad7911990d7981b41daf1f462f8284a9d7fb725387237e529
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
		malicious
	Full Report Management Report IOC Report	malicious Score: 72	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

malicious

IPs

IP	Country	Detection
104.47.8.33	United States
67.195.228.106	United States
98.136.96.91	United States
Click to see the 4 hidden entries
104.47.59.161	United States
98.136.96.75	United States
193.166.255.171	Finland
67.195.228.111	United States

Domains

Name	IP	Detection
mta6.am0.yahoodns.net	67.195.228.106
mta7.am0.yahoodns.net	98.136.96.91
www3.cedesunjerinkas.com	193.166.255.171
Click to see the 7 hidden entries
mta5.am0.yahoodns.net	67.195.228.111
www4.cedesunjerinkas.com	193.166.255.171
hotmail-com.olc.protection.outlook.com	104.47.59.161
www2.cedesunjerinkas.com	193.166.255.171
hotmail.com	0.0.0.0
gmail.com	0.0.0.0
yahoo.com	0.0.0.0

Dropped files

Name	File Type	Hashes	Detection
C:\Users\user\Desktop\DAF6.tmp	data	#
C:\Windows\tserv.exe	PE32 executable (GUI) Intel 80386, for MS Windows	#
C:\Windows\tserv.exe:Zone.Identifier	ASCII text, with CRLF line terminators	#
Click to see the 2 hidden entries
C:\Users\user\AppData\Local\VirtualStore\Windows\tserv.wax	data	#
C:\Windows\tserv.wax	data	#