Register Login

sloganpng

top title background image

PO#2081776 FA2003084 SAP S4 HANA MYC20028.exe

Status: finished

Submission Time: 2020-09-16 15:00:37 +02:00

Malicious

Trojan

Spyware

Evader

AgentTesla

Comments

Tags

Details

Analysis ID:
286346
API (Web) ID:
467861
Analysis Started:

2020-09-16 15:08:50 +02:00
Analysis Finished:

2020-09-16 15:18:32 +02:00
MD5:
52da5d6ab23109e68174667433a7f36a
SHA1:
7dc28eaeaa2d25a02678d1c2c05590863c4dd1df
SHA256:
ab1ee0b548744b3e7892af6517a41f37b462856e0b744bd9ad58af079771db33
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
		malicious
	Full Report Management Report IOC Report	malicious Score: 100	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

Open Full Report

malicious

Score: 14/68

malicious

Score: 9/48

URLs

Name	Detection
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name

Dropped files

Name	File Type	Hashes	Detection
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\PO#2081776 FA2003084 SAP S4 HANA MYC20028.exe.log	ASCII text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\tmp209E.tmp	XML 1.0 document, ASCII text, with CRLF line terminators	#
C:\Users\user\AppData\Roaming\FqAAmXG.exe	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows	#
Click to see the 1 hidden entries
C:\Users\user\AppData\Roaming\FqAAmXG.exe:Zone.Identifier	ASCII text, with CRLF line terminators	#