flash

Original Shipment Document.exe

Status: finished
Submission Time: 19.11.2020 08:25:33
Malicious
Trojan
Spyware
Evader
AgentTesla GuLoader

Comments

Tags

  • DHL
  • exe

Details

  • Analysis ID:
    320278
  • API (Web) ID:
    542368
  • Analysis Started:
    19.11.2020 08:25:57
  • Analysis Finished:
    19.11.2020 08:36:39
  • MD5:
    857d9deaf0fad01a7ec5dd82834d43be
  • SHA1:
    82bf78bc3a8e29a5522c675b4d31e31283e5fd80
  • SHA256:
    db40431cb3b2ca4524e58a97e2bdb1853a8adf866a2b2f43ea05a2b65b34ae72
  • Technologies:
Full Report Management Report Engine Info Verdict Score Reports

malicious

System: Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211

malicious
100/100

malicious
22/70

IPs

IP Country Detection
110.4.45.145
Malaysia
216.58.215.225
United States

Domains

Name IP Detection
enmark.com.my
110.4.45.145
mail.enmark.com.my
0.0.0.0
checkip.us-east-1.prod.check-ip.aws.a2z.com
52.206.184.85
Click to see the 3 hidden entries
googlehosted.l.googleusercontent.com
216.58.215.225
checkip.amazonaws.com
0.0.0.0
doc-0c-3k-docs.googleusercontent.com
0.0.0.0

URLs

Name Detection
https://sectigo.com/CPS0
https://2542116.fls.doubleclick.net/activityi;src=2542116;type=chrom322;cat=chrom01g;ord=58648497779
https://contextual.media.net/medianet.php
Click to see the 26 hidden entries
https://contextual.media.net/medianet.phpH
http://pC7mVPB6Y4Irl4x.org
https://contextual.media.net/medianet.php?cid=8CU157172&crid=858412214&size=306x271&https=1
https://adservice.google.co.uk/ddm/fls/i/src=2542116;type=chrom322;cat=chrom01g;ord=5864849777998;gt
http://www.msn.com/de-ch/H
http://checkip.amazonaws.comx&
https://contextual.media.net/medianet.php?cid=8CU157172&crid=858412214&size=306x271&https=1P3G
http://www.msn.com/
http://www.msn.com/de-ch/?ocid=iehp
https://contextual.media.net/checksync.phpH
http://www.msn.com/?ocid=iehpP3G
https://login.microsoftonline.com/common/oauth2/authorize?client_id=9ea1ad79-fdb6-4f9a-8bc3-2b70f96e
https://2542116.fls.doubleclick.net/activityi;src=2542116;type=clien612;cat=chromx;ord=1;num=3931852
https://2542116.fls.doubleclick.net/activityi;src=2542116;type=2542116;cat=chom0;ord=4842492154761;g
https://contextual.media.net/checksync.php?&vsSync=1&cs=1&hb=1&cv=37&ndec=1&cid=8HBI57XIG&prvid=77%2
http://checkip.amazonaws.com
http://www.msn.com/de-ch/
http://www.msn.com/?ocid=iehp
http://www.msn.com/H
https://contextual.media.net/medianet.php?cid=8CU157172&crid=722878611&size=306x271&https=1
http://checkip.amazonaws.com/
https://contextual.media.net/medianet.php?cid=8CU157172&crid=722878611&size=306x271&https=1P3G
https://contextual.media.net/checksync.php
http://pC7mVPB6Y4Irl4x.orgh_G
https://login.microsoftonline.com/common/oauth2/authorizeH
https://login.microsoftonline.com/common/oauth2/authorize