Register Login

sloganpng

top title background image

BV10013 (Rev A).exe

Status: finished

Submission Time: 2020-07-31 09:11:42 +02:00

Malicious

Trojan

Evader

GuLoader

Comments

Tags

Details

Analysis ID:
254593
API (Web) ID:
404707
Analysis Started:

2020-07-31 10:01:38 +02:00
Analysis Finished:

2020-07-31 10:11:58 +02:00
MD5:
11d648a9d7958bef6921898e130f483d
SHA1:
c5541a30011d42999fdc795f59d7f985c21b40e9
SHA256:
eb5b36b887116b5aa12cb5609d9d2e132829e325b2c3e16133299696460a0e92
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
	Full Report Management Report IOC Report	malicious Score: 64	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Domains

Name	IP	Detection
seedwellresources.xyz	0.0.0.0

URLs

Name	Detection
http://seedwellresources.xyz/oke2_EHusZY26.bina
http://seedwellresources.xyz/oke2_EHusZY26.binb
http://seedwellresources.xyz/oke2_EHusZY26.bin-
Click to see the 5 hidden entries
http://seedwellresources.xyz/oke2_EHusZY26.binn
http://seedwellresources.xyz/oke2_EHusZY26.bin;
http://seedwellresources.xyz/oke2_EHusZY26.binT&
http://seedwellresources.xyz/oke2_EHusZY26.binG
http://seedwellresources.xyz/oke2_EHusZY26.bin

Dropped files

Name	File Type	Hashes	Detection
C:\Users\user\AppData\Local\Temp\subfolder1\fil.scr	PE32 executable (GUI) Intel 80386, for MS Windows	#
C:\Users\user\AppData\Local\Temp\subfolder1\fil.vbs	ASCII text, with CRLF line terminators	#