IOC Report
l9qmoY93Ed.exe

loading gif

Files

File Path
Type
Category
Malicious
l9qmoY93Ed.exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
initial sample
malicious
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\l9qmoY93Ed.exe.log
ASCII text, with CRLF line terminators
dropped
malicious

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\l9qmoY93Ed.exe
"C:\Users\user\Desktop\l9qmoY93Ed.exe"
malicious
C:\Users\user\Desktop\l9qmoY93Ed.exe
C:\Users\user\Desktop\l9qmoY93Ed.exe
malicious
C:\Users\user\Desktop\l9qmoY93Ed.exe
C:\Users\user\Desktop\l9qmoY93Ed.exe
malicious

URLs

Name
IP
Malicious
http://checkip.dyndns.org/
132.226.8.169
malicious
http://www.fontbureau.com/designersG
unknown
http://www.fontbureau.com/designers/?
unknown
http://www.founder.com.cn/cn/bThe
unknown
https://api.telegram.org/bot
unknown
http://www.fontbureau.com/designers?
unknown
http://www.fontbureau.comsiv
unknown
http://www.tiro.com
unknown
http://www.fontbureau.com/designers
unknown
http://www.fontbureau.comessed
unknown
http://www.goodfont.co.kr
unknown
http://www.jiyu-kobo.co.jp/~
unknown
http://www.sajatypeworks.com
unknown
http://checkip.dyndns.org4
unknown
http://www.typography.netD
unknown
http://www.founder.com.cn/cn/cThe
unknown
http://www.founder.com.cn/cnn
unknown
http://www.galapagosdesign.com/staff/dennis.htm
unknown
http://fontfabrik.com
unknown
http://www.fontbureau.comF6
unknown
http://www.jiyu-kobo.co.jp/6
unknown
http://www.jiyu-kobo.co.jp/sv-s?
unknown
http://www.galapagosdesign.com/u
unknown
http://checkip.dyndns.org/q
unknown
http://www.founder.com.cn/cnr
unknown
http://www.jiyu-kobo.co.jp/liqu
unknown
http://www.galapagosdesign.com/DPlease
unknown
http://www.ascendercorp.com/typedesigners.html
unknown
http://www.jiyu-kobo.co.jp/(
unknown
http://www.fonts.com
unknown
http://www.sandoll.co.kr
unknown
http://checkip.dyndns.com
unknown
http://www.urwpp.deDPlease
unknown
http://www.zhongyicts.com.cn
unknown
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
unknown
http://www.sakkal.com
unknown
http://www.jiyu-kobo.co.jp/jp/Z
unknown
http://www.fontbureau.comalsd
unknown
http://www.fontbureau.comdu
unknown
http://www.jiyu-kobo.co.jp/Z
unknown
http://www.apache.org/licenses/LICENSE-2.0
unknown
http://www.fontbureau.com
unknown
http://www.galapagosdesign.com/
unknown
http://www.fontbureau.com/designers/cabarga.htmll
unknown
http://www.jiyu-kobo.co.jp/X
unknown
http://www.agfamonotype.
unknown
http://www.fontbureau.comQ
unknown
http://www.fontbureau.comituo
unknown
http://checkip.dyndns.org
unknown
http://www.jiyu-kobo.co.jp/jp/u
unknown
http://www.jiyu-kobo.co.jp/jp/
unknown
http://www.fontbureau.comW.TTFZ
unknown
http://www.jiyu-kobo.co.jp/?
unknown
http://www.carterandcone.coml
unknown
http://www.fontbureau.com/designers/cabarga.htmlN
unknown
http://www.sakkal.com-s
unknown
http://www.founder.com.cn/cn
unknown
http://www.fontbureau.com/designers/frere-jones.html
unknown
http://www.jiyu-kobo.co.jp/u
unknown
http://www.fontbureau.com/designers/cabarga.html
unknown
http://www.fontbureau.comld
unknown
http://www.jiyu-kobo.co.jp/
unknown
http://www.fontbureau.com/designers8
unknown
http://www.fontbureau.comttco
unknown
http://www.fontbureau.comitud
unknown
There are 55 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
checkip.dyndns.com
132.226.8.169
malicious
checkip.dyndns.org
unknown
malicious

IPs

IP
Domain
Country
Malicious
132.226.8.169
checkip.dyndns.com
United States
malicious