flash

grabbot_0.1.6.3.exe

Status: finished
Submission Time: 19.07.2020 20:16:56
Malicious
Evader

Comments

Tags

  • grabbot
  • ZeuS

Details

  • Analysis ID:
    247079
  • API (Web) ID:
    389810
  • Analysis Started:
    19.07.2020 20:32:02
  • Analysis Finished:
    19.07.2020 20:39:16
  • MD5:
    7f99fdb03f82aa3235a24833a9e3d70a
  • SHA1:
    86e4114602a51d08e0d00021ff73312a3d54432b
  • SHA256:
    0dc4dbf92417c9701a2ffd8c3446bed02811bb18d245e0bf372ce0b2db92172d
  • Technologies:
Full Report Engine Info Verdict Score Reports

malicious

System: w10x64 Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211

malicious
100/100

malicious
53/71

malicious
18/40

malicious
24/31

malicious

IPs

IP Country Detection
0.1.6.3
unknown
5.39.222.185
Netherlands

URLs

Name Detection
http://www.typography.netD
http://www.founder.com.cn/cn/cThe
http://www.apache.org/licenses/LICENSE-2.0
Click to see the 15 hidden entries
http://fontfabrik.com
http://www.founder.com.cn/cn
http://www.founder.com.cn/cn/bThe
http://www.ibsensoftware.com/
http://www.jiyu-kobo.co.jp/
http://95.163
http://www.tiro.com
http://www.%s.comPA
http://www.fonts.com
http://www.sandoll.co.kr
http://www.goodfont.co.kr
http://www.zhongyicts.com.cn
http://www.sakkal.com
http://www.carterandcone.coml
http://www.sajatypeworks.com

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Roaming\{224F0BA0-3300-E800-C000-C4C600413C}\7m9QaYO5
data
#
C:\Users\user\AppData\Roaming\{224F0BA0-3300-E800-C000-C4C600413C}\CcUy713U.dat
data
#
C:\Users\user\AppData\Roaming\{224F0BA0-3300-E800-C000-C4C600413C}\iIMuaYoE.dat
data
#