rufus-3.12.exe

Status: finished

Submission Time: 2020-11-14 16:51:19 +01:00

Suspicious

Spreader

Evader

Comments

Details

Analysis ID:
316544
API (Web) ID:
534890
Analysis Started:

2020-11-14 16:51:20 +01:00
Analysis Finished:

2020-11-14 17:09:07 +01:00
MD5:
cd822912b4ff3c303a62d2538fa88d01
SHA1:
9bf6d9bbc06150a933b4171d55c7a8a297cd9cc5
SHA256:
f37771fbb9a9747c255bfed791c8d25b170a05390c07b977ceed83fda2930db0
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
	Full Report Management Report IOC Report	suspicious Score: 39	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
	Full Report Management Report IOC Report	suspicious Score: 39	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 Run Condition: Cmdline fuzzy

IPs

IP	Country	Detection
52.217.89.220	United States
140.82.121.4	United States
185.199.110.153	Netherlands

Domains

Name	IP	Detection
s3-1-w.amazonaws.com	52.217.89.220
github.com	140.82.121.4
rufus.ie	185.199.110.153
Click to see the 2 hidden entries
github-production-release-asset-2e65be.s3.amazonaws.com	0.0.0.0
cdn.onenote.net	0.0.0.0

URLs

Name	Detection
https://github-production-release-asset-2e65be.s3.amazonaws.com/165325376/202d2980-13ae-11eb-8dbc-6b
https://github.com/pbatard/bled
https://github-production-release-asset-2e65be.s
Click to see the 88 hidden entries
https://rufus.ie//Rufus_win.ver.sig
http://crl4.digicert.
https://www.freedos.org/
https://axialis.com/
https://goo.gl/QTobxX.;
http://ocsp.int-x3.letsencrypt.org0/
https://rufus.ie/files
http://cps.letsencrypt.org0
https://www.gnu.org/software/wget
https://github.com/pbatard/rufus/blob/master/res/loc/ChangeLog.txt
http://halamix2.pl
http://crl.identnj
https://rufus.ie/Rufus_win_x64_10.verRoot
https://rufus.ie
https://rufus.ie/
https://github.com/pbatard/rufus/wiki/FAQ#BSODs_with_Windows_To_Go_drives_created_from_Windows_10_18
https://rufus.ie/CheckForBetashttps://rufus.ieUsing
https://github.com/pbatard/Fido/releases/download/v1.17/Fido.ps1.lzma
http://cps.root-x1.letsencrypt.org0
https://www.7-zip.org
https://github.com/pbatard/uefi-ntfs.
https://www.gnu.org/software/libcdio
https://goo.gl/QTobxX.
https://github.com/pbatard/Fido/releases/download/v1.11/Fido.ps1
https://7-zip.org/
http://freedos.sourceforge.net/freecom
https://www.7-zip.orgopen2.04rufus_filescore.imggrub%s-%s/%srbWill
http://fsf.org/
https://rufus.ie/Fido.verz
https://github.com/Chocobo1
https://github.com/chenall/grub4dos
https://github.com/pbatard/Fido
https://rufus.ie/Rufus_win_x64.ver
https://github.com/pbatard/rufus/wiki/FAQ#Why_do_I_need_to_disable_Secure_Boot_to_use_UEFINTFS
https://github.com/pbatard/rufus/releases/download/v3.12/rufus-3.12.exe
https://rufus.ie321Failed
https://github.com/pbatard/rufus/releases/download/v3.12/rufus-3.12_arm.exedownload_url_arm64
https://rufus.ie/Rufus_win_x64_10.0.ver
http://ocsp.int-x3.let
https://www.codeguru.com/forum/showthread.php?p=1951973
https://rufus.ie/files%s/%s-%s/%sGrub2%s
http://ocsp.digicert.z(
https://syslinux.org/
https://www.busybox.net/
https://rufus.ie/Fido.verz1https://github.com/pbatard/FidoWARNING:
https://rufus.ie).
https://www.gnu.org/licenses/gpl-3.0.htmlF
https://svn.reactos.org/reactos/trunk/reactos/dll/win32/fmifs
https://rufus.ie/Rufus_win_x64_10.ver%
https://winscp.net/
https://rufus.ie/k
https://kolibrios.org/
https://tortoisegit.org/
https://rufus.ie/Rufus_win.verN%6c
https://processhacker.sourceforge.io/
https://rufus.ie/Rufus_win_x64_10.ver0
https://rufus.ie/Rufus_win_x64.verv
https://github.com/pbatard/rufus/releases/download/v3.12/rufus-3.12.exe0
https://svn.reactos.org/reactos/trunk
https://rufus.ie//Rufus_win.ver.sig=application%2Foctet-stream
https://rufus.ie//Rufus_win.ver.sigaws.com
https://www.gnu.org/software/grub
https://www.gnu.org/software/fdisk
http://apps.ident
https://tortoisesvn.net/
https://github.com/y
http://ms-sys.sourceforge.net/
https://github.com/pbatard/Fido/releases/download/v1.17/Fido.ps1.lzma1
https://github.com/pbatard/uefi-ntfs.MZ
https://rufus.ie/Rufus_win_x64.vercom0;
http://www.ridgecrop.demon.co.uk/index.htm?fat32format.htm
https://www.reactos.org/
https://github.com/pbatard/rufus/releases/download/v3.12/rufus-3.12_arm64.exe
https://rufus.ie/Fido.vergH
https://rufus.ie/Rufus_win.ver
https://rufus.ie/Fido.ver
http://cert.int-x3.letsencrypt.org/0
https://github.com/pbatard/rufus/wiki/FAQ#Why_do_I_need_to_disable_Secure_Boot_to_use_UEFINTFSSecure
https://github.com/
https://github.com/pbatard/rufus/releases/download/v3.12/rufus-3.12_arm.exe
https://www.gnupg.org/
https://github.com/pbatard/rufus/issues
http://e2fsprogs.sourceforge.net/
https://rufus.ie/Fido.verP
https://github.com/weidai11/cryptopp/
https://github.com/pbatard/rufus/releases/download/v3.12/rufus-3.12_arm64.exerelease_notes
https://rufus.ie//Rufus_win.ver.sigufus_win_x64.ver
https://sourceforge.net/projects/smartmontools

Dropped files

Name	File Type	Hashes
C:\Users\user\Desktop\rufus.com	PE32 executable (console) Intel 80386, for MS Windows	#
C:\Windows\System32\GroupPolicy\GPT.INI	ASCII text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\Fido[1].ver	ASCII text	#
Click to see the 6 hidden entries
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\Rufus_win.ver[1].sig	data	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\Rufus_win[1].ver	ASCII text	#
C:\Users\user\AppData\Local\Temp\Ruf3F0F.tmp	UTF-8 Unicode text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\Ruf419F.tmp	UTF-8 Unicode text, with very long lines, with CRLF line terminators	#
C:\Windows\SysWOW64\GroupPolicy\gpt.ini	ASCII text, with CRLF line terminators	#
C:\Windows\System32\GroupPolicy\Machine\Registry.pol	data	#

rufus-3.12.exe

Comments

Tags

Available tags:

Details

Joe Sandbox

IPs

Domains

URLs

Dropped files

rufus-3.12.exe Options

Comments

Tags

Available tags:

Details

Joe Sandbox

IPs

Domains

URLs

Dropped files

Search started

rufus-3.12.exe