zloader 2_1.0.10.1.exe

Status: finished

Submission Time: 2020-07-19 21:46:54 +02:00

Malicious

Evader

Comments

Details

Analysis ID:
247517
API (Web) ID:
390588
Analysis Started:

2020-07-20 08:16:58 +02:00
Analysis Finished:

2020-07-20 08:23:53 +02:00
MD5:
d0c0ec815ff13f7e0836c11065147a65
SHA1:
ac5a992fdac08d1634d33319df2e4de68eb5e7d8
SHA256:
1233250fdba7a6a9af69091ba14ec5186c703714ff8c18c911087d16c22da64d
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
		malicious
	Full Report Management Report IOC Report	malicious Score: 100	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

Open Full Report

malicious

Score: 55/72

Open Full Report

malicious

Score: 16/39

malicious

Score: 25/31

malicious

IPs

IP	Country	Detection
185.236.203.134	Romania
1.0.10.1	China

Domains

Name	IP	Detection
fdsjfjdsfjdsjfdjsfh.com	185.236.203.134
jdafiasfjsafahhfs.com	0.0.0.0
kasfajfsafhasfhaf.com	0.0.0.0
Click to see the 3 hidden entries
kdsidsiadsakfsas.com	0.0.0.0
fdsjfjdsfjdsdsjajjs.com	0.0.0.0
dasifosafjasfhasf.com	0.0.0.0

URLs

Name	Detection
https://dsjdjsjdsadhasdas.com/gate.phpQo=-
https://fdsjfjdsfjdsjfdjsfh.com/gate.phpsz
https://kasfajfsafhasfhaf.com/gate.phpj
Click to see the 34 hidden entries
https://jdafiasfjsafahhfs.com/r
https://jdafiasfjsafahhfs.com/n9p
https://fdsjfjdsfjdsjfdjsfh.com/gate.phpH
https://kasfajfsafhasfhaf.com/p9b
https://jdafiasfjsafahhfs.com/gate.phpq
https://jdafiasfjsafahhfs.com/gate.phpC
https://kasfajfsafhasfhaf.com/gate.php%oQ-
https://jdafiasfjsafahhfs.com/gate.php
https://dsjdjsjdsadhasdas.com/gate.php
https://fdsjfjdsfjdsjfdjsfh.com/gate.php(
https://jdafiasfjsafahhfs.com/
https://jdafiasfjsafahhfs.com/l
https://kasfajfsafhasfhaf.com/gate.phpC
https://kasfajfsafhasfhaf.com/gate.phpD
https://fdsjfjdsfjdsjfdjsfh.com/gate.phpG
https://fdsjfjdsfjdsjfdjsfh.com/gate.php
https://jdafiasfjsafahhfs.com/gate.phpL
https://kasfajfsafhasfhaf.com/&9
https://fdsjfjdsfjdsjfdjsfh.com/gate.phpP
https://kasfajfsafhasfhaf.com/gate.php
https://fdsjfjdsfjdsdsjajjs.com/gate.php
https://dasifosafjasfhasf.com/gate.phpjasfhasf.com
https://dasifosafjasfhasf.com/gate.php
https://kdsidsiadsakfsas.com/
https://idisaudhasdhasdj.com/gate.phpho
https://dasifosafjasfhasf.com/gate.php%
https://idisaudhasdhasdj.com/gate.php
https://kdsidsiadsakfsas.com/gate.php.oh-
https://fdsjfjdsfjdsdsjajjs.com/gate.phpom
https://kdsidsiadsakfsas.com/gate.php
https://dsdjfhdsufudhjas.com/gate.php
https://dasifosafjasfhasf.com/
https://dasifosafjasfhasf.com/U9
https://fdsjfjdsfjdsdsjajjs.com/gate.php:

Dropped files

Name	File Type	Hashes	Detection
C:\Users\user\AppData\Roaming\Agdi\cegi.exe	PE32 executable (GUI) Intel 80386, for MS Windows	#

zloader 2_1.0.10.1.exe

Comments

Tags

Available tags:

Details

Joe Sandbox

Third Party Analysis Engines

IPs

Domains

URLs

Dropped files

zloader 2_1.0.10.1.exe Options

Comments

Tags

Available tags:

Details

Joe Sandbox

Third Party Analysis Engines

IPs

Domains

URLs

Dropped files

Search started

zloader 2_1.0.10.1.exe