Analysis Report New Text Document.exe

Overview

General Information

Sample Name: New Text Document.exe
Analysis ID: 383843
MD5: 4e79b531f4f6813cc8e21894a13c5537
SHA1: addcb0a2aac14befcb9f8c9185e365c47a86b40c
SHA256: 9445838c51449888abaeac1c5d1953212a0205a6b4038e6a404ca752cbda3f2f
Infos:
Errors
  • Setup command "_JBInstrumentAPK" failed: Invalid APK

Detection

Score: 48
Range: 0 - 100
Whitelisted: false
Confidence: 100%

Signatures

Multi AV Scanner detection for submitted file
Tries to connect to HTTP servers, but all servers are down (expired dropper behavior)

Classification

AV Detection:

barindex
Multi AV Scanner detection for submitted file
Source: New Text Document.exe Virustotal: Detection: 14% Perma Link

Networking:

barindex
Tries to connect to HTTP servers, but all servers are down (expired dropper behavior)
Source: global traffic TCP traffic: 192.168.2.30:39602 -> 142.250.186.163:443
Source: unknown TCP traffic detected without corresponding DNS query: 142.250.186.163
Source: unknown Network traffic detected: HTTP traffic on port 39602 -> 443
Source: classification engine Classification label: mal48.andEXE@0/0@0/0

No Screenshots

  • No. of IPs < 25%
  • 25% < No. of IPs < 50%
  • 50% < No. of IPs < 75%
  • 75% < No. of IPs

Contacted Public IPs

IP Domain Country Flag ASN ASN Name Malicious
142.250.186.163
unknown United States
15169 GOOGLEUS false