top title background image
flash

Factura comercial.pdf.exe

Status: finished
Submission Time: 2020-07-31 10:26:01 +02:00
Malicious
Trojan
Spyware
Evader
AgentTesla

Comments

Tags

  • AgentTesla
  • DHL
  • exe

Details

  • Analysis ID:
    255233
  • API (Web) ID:
    405765
  • Analysis Started:
    2020-07-31 20:17:52 +02:00
  • Analysis Finished:
    2020-07-31 20:25:46 +02:00
  • MD5:
    a59b44139671e2b250c42165ac42b4f7
  • SHA1:
    16955753238aa20fa74a24f6348f9ed292a5d50f
  • SHA256:
    878f02103f87751030fff82340596c9ca4385a2e715b2221724897528bf5d864
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
malicious
malicious
Score: 100
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

IPs

IP Country Detection
67.222.142.39
United States

Domains

Name IP Detection
mail.trademaxperu.com
67.222.142.39
asf-ris-prod-neurope.northeurope.cloudapp.azure.com
168.63.67.155
g.msn.com
0.0.0.0

URLs

Name Detection
https://ZpJE03P19gC8f.com
http://cps.letsencrypt.org0
http://cert.int-x3.letsencrypt.org/0
Click to see the 2 hidden entries
http://ocsp.int-x3.letsencrypt.org0/
http://cps.root-x1.letsencrypt.org0

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\Factura comercial.pdf.exe.log
ASCII text, with CRLF line terminators
#