Register Login

sloganpng

top title background image

JUSFT111.exe

Status: finished

Submission Time: 2020-05-28 17:40:24 +02:00

Malicious

Ransomware

Trojan

Spyware

Evader

AgentTesla GuLoader

Comments

Tags

Details

Analysis ID:
233922
API (Web) ID:
363995
Analysis Started:

2020-05-28 17:40:24 +02:00
Analysis Finished:

2020-05-28 17:46:34 +02:00
MD5:
0626ea263242426969f014c74a874e9d
SHA1:
d11905e2309874b8e7f73a1969e862b1ad5f6ec7
SHA256:
45f6903817fdceab4b9ce63e43d74418f20ccd92cd256ad67acc4bc2c5d88446
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
	Full Report Management Report IOC Report	malicious Score: 100	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

Open Full Report

malicious

Score: 36/72

malicious

Score: 27/48

IPs

IP	Country	Detection
77.88.21.158	Russian Federation

Domains

Name	IP	Detection
smtp.yandex.ru	77.88.21.158
95eeig.am.files.1drv.com	0.0.0.0
onedrive.live.com	0.0.0.0

URLs

Name	Detection
http://CzovwSoXk6.com
http://subca.ocsp-certum.com0.
http://repository.certum.pl/ca.cer09
Click to see the 12 hidden entries
http://repository.certum.pl/ctnca.cer09
http://crls.yandex.net/certum/ycasha2.crl0-
https://onedrive.live.com/download?cid=062A585E433EDCE3&resid=62A585E433EDCE3%211621&authkey=AAa4X7E
http://crl.certum.pl/ctnca.crl0k
http://subca.ocsp-certum.com01
http://yandex.crl.certum.pl/ycasha2.crl0q
http://crl.certum.pl/ca.crl0h
https://www.certum.pl/CPS0
http://www.certum.pl/CPS0
http://yandex.ocsp-responder.com03
http://CzovwSoXk6.comxW?
http://repository.certum.pl/ycasha2.cer0