top title background image
flash

Tranf111.exe

Status: finished
Submission Time: 2020-06-08 01:02:39 +02:00
Malicious
Trojan
Evader
NetWire GuLoader

Comments

Tags

Details

  • Analysis ID:
    236344
  • API (Web) ID:
    368749
  • Analysis Started:
    2020-06-08 01:02:39 +02:00
  • Analysis Finished:
    2020-06-08 01:08:13 +02:00
  • MD5:
    ff429ca7815826081dcfc73e48b3afa1
  • SHA1:
    b5c7cdf2635bb1be0d9703c5fb11e699f39a75f1
  • SHA256:
    828754781079f808a0def249c960490fdba73680442940cf5d1d669406d4de38
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
malicious
Score: 100
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

malicious
Score: 6/49
malicious

IPs

IP Country Detection
91.193.75.228
Serbia

Domains

Name IP Detection
grace38.duckdns.org
91.193.75.228
znsxra.am.files.1drv.com
0.0.0.0
onedrive.live.com
0.0.0.0

URLs

Name Detection
https://znsxra.am.files.1drv.com/y4mVAQQl6Sd3P1OczukrNdIP0e9E7vfIWADCKwvUX9A-tSXIXmFZMDUrz_OgVwZ28KK
https://znsxra.am.files.1drv.com/y4mbj0T0WVKBrd5-2NlyxQKUAVxkSJtL1-E_cUs8GlzE-b8fjQkIXtzY8U-umEmlpRA
https://znsxra.am.files.1drv.com/6x
Click to see the 8 hidden entries
https://znsxra.am.files.1drv.com/y4mjcdbJ3QRfuUnZCDH1_ob-E5xgYWc0xgURurNPRCN_8kTInvGQVCy_MQIJrR9IW_h
https://znsxra.am.files.1drv.com/
http://crl.microsoft.c8
https://onedrive.live.com/
https://znsxra.am.files.1drv.com/y4mTV4THJ20L_JIEWubssfmWQK0SyfcSdaL34V7DqZPjQXb7jhJxDtpVTLvC6UPh6gJ
https://znsxra.am.files.1drv.com/y4mw2X1MHaU4Cj4ZzQZlESIRrkgURTSIS8CPmZ3JQxDYupTjBIRVHhMzOtqfn8rJXFh
https://onedrive.live.com/download?cid=030A9BC8FCC283CB&resid=30A9BC8FCC283CB%21485&authkey=ACP2x7be
https://onedrive.live.com/8

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Roaming\Install\Host.exe
PE32 executable (GUI) Intel 80386, for MS Windows
#