flash

bewijs van betaling.exe

Status: finished
Submission Time: 17.01.2020 10:50:13
Malicious
Phishing
Trojan
Spyware
Evader
HawkEye

Comments

Tags

Details

  • Analysis ID:
    201706
  • API (Web) ID:
    301157
  • Analysis Started:
    17.01.2020 10:50:13
  • Analysis Finished:
    17.01.2020 10:58:13
  • MD5:
    4cf0a601d5addc6764b94d3fa758de13
  • SHA1:
    940a06f4bd2ec9922d2aabe25eb20571f641ad13
  • SHA256:
    dfd41f652dcbf6bef211d46893149fe4029bf749ca6f824cd902f754f099b9eb
  • Technologies:
Full Report Engine Info Verdict Score Reports

System: Windows 10 64 bit (version 1803) with Office 2016, Adobe Reader DC 19, Chrome 70, Firefox 63, Java 8.171, Flash 30.0.0.113

malicious
100/100

malicious
5/72

URLs

Name Detection
https://a.pomf.cat/
https://login.yahoo.com/config/login
http://pomf.cat/upload.php&https://a.pomf.cat/
Click to see the 6 hidden entries
http://www.nirsoft.net
http://pomf.cat/upload.php
http://www.nirsoft.net/
https://www.heise.de/javascript:try
http://bot.whatismyipaddress.com/
http://pomf.cat/upload.phpCContent-Disposition:

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Temp\4befbb05-3c16-8655-65fa-1a04ced6ae46
ASCII text, with no line terminators
#
C:\Users\user\AppData\Local\Temp\tmp9403.tmp
Little-endian UTF-16 Unicode text, with no line terminators
#