flash

AWB# 9284730932.exe

Status: finished
Submission Time: 19.11.2020 10:05:44
Malicious
Ransomware
Trojan
Spyware
Evader
FormBook GuLoader

Comments

Tags

  • DHL
  • exe
  • GuLoader

Details

  • Analysis ID:
    320390
  • API (Web) ID:
    542583
  • Analysis Started:
    19.11.2020 10:14:10
  • Analysis Finished:
    19.11.2020 10:24:27
  • MD5:
    e69d0c42f97a007fb131b35cb8a4d7b8
  • SHA1:
    43ca208070bb88754a1d8626ea0ef596a6db1f72
  • SHA256:
    6e8b2b06ac2b8447aec7075c5c58edbe5a5377d74c9443e5caf9f379f53a8b6d
  • Technologies:
Full Report Management Report Engine Info Verdict Score Reports

System: Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211

malicious
100/100

malicious
20/71

malicious
11/48

malicious

IPs

IP Country Detection
103.53.126.132
China
192.185.170.106
United States

Domains

Name IP Detection
www.baizhan180.xyz
103.53.126.132
www.algulmotors.com
0.0.0.0
lifeandhealth.com.mx
192.185.170.106
Click to see the 1 hidden entries
algulmotors.com
94.237.90.68

URLs

Name Detection
https://lifeandhealth.com.mx/graceofgod/floow_tAAkniYUly238.bin
http://www.carterandcone.coml
http://www.sajatypeworks.com
Click to see the 24 hidden entries
http://www.typography.netD
http://www.fontbureau.com/designers/cabarga.htmlN
http://www.founder.com.cn/cn/cThe
http://www.galapagosdesign.com/staff/dennis.htm
http://fontfabrik.com
http://www.founder.com.cn/cn
http://www.fontbureau.com/designers/frere-jones.html
http://www.jiyu-kobo.co.jp/
http://www.galapagosdesign.com/DPlease
http://www.fontbureau.com/designers8
http://www.fonts.com
http://www.sandoll.co.kr
http://www.urwpp.deDPlease
http://www.zhongyicts.com.cn
http://www.sakkal.com
http://www.apache.org/licenses/LICENSE-2.0
http://www.fontbureau.com
http://www.fontbureau.com/designersG
http://www.fontbureau.com/designers/?
http://www.founder.com.cn/cn/bThe
http://www.fontbureau.com/designers?
http://www.tiro.com
http://www.fontbureau.com/designers
http://www.goodfont.co.kr