Register Login

sloganpng

top title background image

supply us this product.exe

Status: finished

Submission Time: 2021-06-10 16:35:26 +02:00

Malicious

Trojan

Adware

Spyware

Evader

AgentTesla

Comments

Tags

Details

Analysis ID:
432673
API (Web) ID:
800274
Analysis Started:

2021-06-10 16:42:14 +02:00
Analysis Finished:

2021-06-10 16:53:09 +02:00
MD5:
958f243581dc2eda4e763086875e9a0b
SHA1:
cd163dd563fa0cda762ab9c5df8743f053fed612
SHA256:
ae44346a0297d8a9deab5419ff2b4679b83646abbed05b835c90fc33eb3ce2d5
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
	Full Report Management Report IOC Report	malicious Score: 100	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

IPs

IP	Country	Detection
50.87.146.199	United States

Domains

Name	IP	Detection
scottbyscott.com	50.87.146.199
mail.scottbyscott.com	0.0.0.0

URLs

Name	Detection
http://127.0.0.1:HTTP/1.1
http://DynDns.comDynDNS
http://scottbyscott.com
Click to see the 13 hidden entries
http://htwqxRSsZE4FT.org
http://mail.scottbyscott.com
http://cps.letsencrypt.org0
https://www.theonionrouter.com/dist.torproject.org/torbrowser/9.5.3/tor-win32-0.4.3.6.zip%tordir%%ha
http://x1.c.lencr.org/0
http://x1.i.lencr.org/0
http://r3.o.lencr.org0
http://vmyBzt.com
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
https://www.theonionrouter.com/dist.torproject.org/torbrowser/9.5.3/tor-win32-0.4.3.6.zip
https://stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/bootstrap.min.css
http://cps.root-x1.letsencrypt.org0
http://r3.i.lencr.org/0

Dropped files

Name	File Type	Hashes	Detection
C:\Windows\System32\drivers\etc\hosts	ASCII text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\supply us this product.exe.log	ASCII text, with CRLF line terminators	#