Register Login

sloganpng

top title background image

TRY.exe

Status: finished

Submission Time: 2020-07-31 21:07:30 +02:00

Malicious

Trojan

Evader

LimeRAT

Comments

Tags

Details

Analysis ID:
255487
API (Web) ID:
406470
Analysis Started:

2020-08-01 01:06:08 +02:00
Analysis Finished:

2020-08-01 01:15:00 +02:00
MD5:
ec828127c3d3d6037a22a729f410e079
SHA1:
d39f6c1cc851cb91b5f10f0004c20aca07578fdd
SHA256:
3dff78186451d97e6c3403b885ffb148cc7130b2b787b915041c7363feb74c68
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
		malicious
	Full Report Management Report IOC Report	malicious Score: 80	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

IPs

IP	Country	Detection
40.125.65.33	United States
104.23.98.190	United States

Domains

Name	IP	Detection
asf-ris-prod-neurope.northeurope.cloudapp.azure.com	168.63.67.155
pastebin.com	104.23.98.190
g.msn.com	0.0.0.0

URLs

Name	Detection
https://pastebin.com/raw/hUxcYmeR
https://pastebin.com
https://pastebin.comx&
Click to see the 1 hidden entries
https://pastebin.com/raw/hUxcYmeR4

Dropped files

Name	File Type	Hashes	Detection
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\TRY.exe.log	ASCII text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\Wservices.exe	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows	#
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\Wservices.exe.log	ASCII text, with CRLF line terminators	#