flash

JUSFT111.exe

Status: finished
Submission Time: 28.05.2020 17:40:24
Malicious
Ransomware
Trojan
Spyware
Evader
AgentTesla GuLoader

Comments

Tags

Details

  • Analysis ID:
    233922
  • API (Web) ID:
    363995
  • Analysis Started:
    28.05.2020 17:40:24
  • Analysis Finished:
    28.05.2020 17:46:34
  • MD5:
    0626ea263242426969f014c74a874e9d
  • SHA1:
    d11905e2309874b8e7f73a1969e862b1ad5f6ec7
  • SHA256:
    45f6903817fdceab4b9ce63e43d74418f20ccd92cd256ad67acc4bc2c5d88446
  • Technologies:
Full Report Engine Info Verdict Score Reports

System: Windows 10 64 bit (version 1803) with Office 2016, Adobe Reader DC 19, Chrome 70, Firefox 63, Java 8.171, Flash 30.0.0.113

malicious
100/100

malicious
36/72

malicious
27/48

IPs

IP Country Detection
77.88.21.158
Russian Federation

Domains

Name IP Detection
smtp.yandex.ru
77.88.21.158
95eeig.am.files.1drv.com
0.0.0.0
onedrive.live.com
0.0.0.0

URLs

Name Detection
http://CzovwSoXk6.com
http://subca.ocsp-certum.com0.
http://repository.certum.pl/ca.cer09
Click to see the 12 hidden entries
http://repository.certum.pl/ctnca.cer09
http://crls.yandex.net/certum/ycasha2.crl0-
https://onedrive.live.com/download?cid=062A585E433EDCE3&resid=62A585E433EDCE3%211621&authkey=AAa4X7E
http://crl.certum.pl/ctnca.crl0k
http://subca.ocsp-certum.com01
http://yandex.crl.certum.pl/ycasha2.crl0q
http://crl.certum.pl/ca.crl0h
https://www.certum.pl/CPS0
http://www.certum.pl/CPS0
http://yandex.ocsp-responder.com03
http://CzovwSoXk6.comxW?
http://repository.certum.pl/ycasha2.cer0