flash

vbc.exe

Status: finished
Submission Time: 16.09.2020 15:00:12
Malicious
Trojan
Spyware
Evader
AgentTesla

Comments

Tags

  • exe

Details

  • Analysis ID:
    286343
  • API (Web) ID:
    467856
  • Analysis Started:
    16.09.2020 15:06:26
  • Analysis Finished:
    16.09.2020 15:14:11
  • MD5:
    b94fc43994550c2c3f922b0f9367a3d4
  • SHA1:
    64d557d909bbc57902e2d4b1f8e08ee0f2b16c7e
  • SHA256:
    a1164f44afc2ceee90a833e950f23a3bb69c4557331cadb35e4f95bf335f1b27
  • Technologies:
Full Report Engine Info Verdict Score Reports

malicious

System: w10x64 Windows 10 64 bit v1803 with Office Professional Plus 2016, IE 11, Adobe Reader DC 19, Java 8 Update 211

malicious
100/100

malicious
15/68

malicious
12/48

URLs

Name Detection
http://127.0.0.1:HTTP/1.1
http://DynDns.comDynDNS
https://www.theonionrouter.com/dist.torproject.org/torbrowser/9.5.3/tor-win32-0.4.3.6.zip%tordir%%ha
Click to see the 5 hidden entries
http://qszRBM.com
https://api.telegram.org/bot%telegramapi%/
https://api.telegram.org/bot%telegramapi%/sendDocumentdocument---------------------------x
https://www.theonionrouter.com/dist.torproject.org/torbrowser/9.5.3/tor-win32-0.4.3.6.zip
https://api.ipify.orgGETMozilla/5.0

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\vbc.exe.log
ASCII text, with CRLF line terminators
#