Register Login

sloganpng

top title background image

VIETAZ TRADING CO - ITEMS LIST.exe

Status: finished

Submission Time: 2020-08-01 09:27:11 +02:00

Malicious

Trojan

Evader

Nanocore

Comments

Tags

Details

Analysis ID:
255508
API (Web) ID:
406554
Analysis Started:

2020-08-01 09:27:12 +02:00
Analysis Finished:

2020-08-01 09:34:47 +02:00
MD5:
a296a20f034e1bbb8a7def685cff14ba
SHA1:
ea1607d91c15e395b1f815010b91c3e607e55721
SHA256:
43978c54ae195f6985cd3170246f6bd6214e36ab14aadb8e753488bee36beef3
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
	Full Report Management Report IOC Report	malicious Score: 100	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

IPs

IP	Country	Detection
91.192.100.25	Switzerland

Domains

Name	IP	Detection
billion1920.duckdns.org	91.192.100.25
asf-ris-prod-neurope.northeurope.cloudapp.azure.com	168.63.67.155

Dropped files

Name	File Type	Hashes	Detection
C:\Users\user\AppData\Local\Temp\tmpFE1C.tmp	XML 1.0 document, ASCII text, with CRLF line terminators	#
C:\Users\user\AppData\Roaming\D06ED635-68F6-4E9A-955C-4899F5F57B9A\run.dat	data	#
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\VIETAZ TRADING CO - ITEMS LIST.exe.log	ASCII text, with CRLF line terminators	#
Click to see the 3 hidden entries
C:\Users\user\AppData\Local\Temp\&startupname&.exe	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows	#
C:\Users\user\AppData\Local\Temp\&startupname&.exe:Zone.Identifier	ASCII text, with CRLF line terminators	#
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\MpCmdRun.log	data	#