flash

ScaNovatech20040.exe

Status: finished
Submission Time: 06.04.2020 12:54:54
Malicious
Trojan
Spyware
Evader
Remcos

Comments

Tags

Details

  • Analysis ID:
    220446
  • API (Web) ID:
    337673
  • Analysis Started:
    06.04.2020 12:54:54
  • Analysis Finished:
    06.04.2020 13:03:29
  • MD5:
    64be0313c6bf2289171ee6a375f7b3f9
  • SHA1:
    627f90d02467e991d55cba34677d943d6ca4efaf
  • SHA256:
    b078093e9570d5e08a88573e484f21bc42c89d1825dc6643f5983fd6b0784b75
  • Technologies:
Full Report Engine Info Verdict Score Reports

System: w10x64 Windows 10 64 bit v1803 with Office Professional Plus 2016, IE 11, Adobe Reader DC 19, Java 8 Update 211

malicious
92/100

malicious
41/72

malicious
14/47

IPs

IP Country Detection
185.103.96.151
United Kingdom
95.154.210.72
United Kingdom
95.154.210.2
United Kingdom

Domains

Name IP Detection
remcozy.duckdns.org
185.103.96.151
www.tagmakers-trade.co.uk
0.0.0.0
smtp.zellico.com
0.0.0.0
Click to see the 4 hidden entries
www.tagmarket.co.uk
0.0.0.0
us2.smtp.mailhostbox.com
208.91.199.225
tagmakers-trade.co.uk
95.154.210.2
tagmarket.co.uk
95.154.210.72

URLs

Name Detection
https://www.tagmakers-trade.co.uk/Rainil7.exe
https://www.tagmakers-trade.co.uk/ALL9mode_encrypted_237CF20.bin

Dropped files

Name File Type Hashes Detection
C:\Users\user\Rainil7.exe
empty
#
C:\Users\user\endeballe\Scrawlers.exe
empty
#
C:\Users\user\endeballe\Scrawlers.vbs
empty
#