flash

Fu94e0b1TR.exe

Status: finished
Submission Time: 13.10.2021 20:49:12
Malicious
Trojan
Evader
FormBook

Comments

Tags

  • 32
  • exe
  • trojan

Details

  • Analysis ID:
    502374
  • API (Web) ID:
    869946
  • Analysis Started:
    13.10.2021 20:56:10
  • Analysis Finished:
    13.10.2021 21:10:15
  • MD5:
    6429aa83e4bc083b4f0b3f44b0d7950f
  • SHA1:
    0ead59881f054284f611accb61451ed1ffc818fc
  • SHA256:
    96c57ae661562e958e01bb0b490c09a0a51bb367931620223174963de88bdfcb
  • Technologies:
Full Report Management Report IOC Report Engine Info Verdict Score Reports

System: Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211

malicious
100/100

IPs

IP Country Detection
64.190.62.111
United States
172.65.227.72
United States

Domains

Name IP Detection
fbc7888164e64afca05b80bb89630439.pacloudflare.com
172.65.227.72
www.shacksolid.com
64.190.62.111
fis.photos
192.0.78.24
Click to see the 5 hidden entries
www.apricitee.com
0.0.0.0
www.fis.photos
0.0.0.0
www.instatechnovelz.com
0.0.0.0
www.brondairy.com
0.0.0.0
www.rjtherealest.com
74.208.236.145

URLs

Name Detection
http://www.shacksolid.com/ef6c/?yrTlglv8=JeohSOzXiZYIapiQlSWyFy7AWxQU0a2IMxMIOt5NBtSaZYcWimwRehmIZ/KtIrBMaY3r&BJB=7nO80D
www.fis.photos/ef6c/
http://www.apricitee.com/ef6c/?BJB=7nO80D&yrTlglv8=KSHN/72DEJPyd/OuGOIXNFBSZoOhZSSqcZP1Rqc2bg8KEPsXLZdPsQK+HlsXn3Jp1PaC
Click to see the 75 hidden entries
http://www.fontbureau.comD
http://www.fontbureau.comR.TTF
http://www.fontbureau.comtuta
http://www.galapagosdesign.com/staff/dennis.htmS
http://www.galapagosdesign.com/k
http://www.fontbureau.com/designers/%
http://www.apache.org/licenses/LICENSE-2.0
http://www.fontbureau.com
http://www.galapagosdesign.com/
http://www.jiyu-kobo.co.jp/nt
http://www.fontbureau.comF
http://www.fontbureau.com/designers/cabarga.htmlr
http://www.jiyu-kobo.co.jp//lpk
http://www.tiro.coma-e
http://www.jiyu-kobo.co.jp/Y0ro
http://www.jiyu-kobo.co.jp/D
http://www.jiyu-kobo.co.jp/jp/
http://www.fontbureau.comd
http://www.urwpp.deMT
http://www.carterandcone.coml
http://www.founder.com.cn/cn/
http://www.galapagosdesign.com/staff/denQ
http://www.jiyu-kobo.co.jp/y
http://www.fontbureau.com/designers/cabarga.htmlN
http://www.fontbureau.comk
http://www.founder.com.cn/cn
http://www.jiyu-kobo.co.jp/ms
http://www.fontbureau.com/designers/frere-jones.html
http://www.jiyu-kobo.co.jp/v
http://www.jiyu-kobo.co.jp/t
http://www.fontbureau.com/designers/cabarga.html
http://www.fontbureau.comt
http://www.jiyu-kobo.co.jp/
http://www.jiyu-kobo.co.jp/k
http://www.fontbureau.com/designers8
http://www.fontbureau.com/designers/frere-jones.htmlx
http://www.jiyu-kobo.co.jp/nly
http://www.fontbureau.com/designers5
http://www.fontbureau.comFk
https://sedo.com/search/details/?partnerid=324561&language=e&domain=shacksolid.com&origin=sales_land
https://flow.page/rjdarealest/ef6c/?BJB=7nO80D&yrTlglv8=yyRuLH34I
http://www.fontbureau.com/designersG
http://www.galapagosdesign.com/staff/dennis.htmNormaldk
http://www.fontbureau.comI.TTF
http://www.fontbureau.com/designers/?
http://www.fontbureau.comdito
http://www.fontbureau.com/designersK
http://www.fontbureau.comalicu
http://www.founder.com.cn/cn/bThe
http://www.jiyu-kobo.co.jp/jp/D
http://www.fontbureau.com/designers?
http://www.tiro.com
http://www.fontbureau.com/designers
http://www.fontbureau.comessed
http://www.goodfont.co.kr
http://www.fontbureau.com/designersiva
http://www.fontbureau.com/designersP
http://www.collada.org/2005/11/COLLADASchema9Done
http://www.sajatypeworks.com
http://www.typography.netD
http://www.founder.com.cn/cn/cThe
http://www.galapagosdesign.com/staff/dennis.htm
http://www.jiyu-kobo.co.jp/7
http://www.jiyu-kobo.co.jp/ch
http://fontfabrik.com
http://www.galapagosdesign.com/DPlease
http://www.jiyu-kobo.co.jp/)
http://www.jiyu-kobo.co.jp/(
http://www.fonts.com
http://www.sandoll.co.kr
http://www.urwpp.deDPlease
http://www.fontbureau.com7
http://www.urwpp.de
http://www.zhongyicts.com.cn
http://www.sakkal.com

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\Fu94e0b1TR.exe.log
ASCII text, with CRLF line terminators
#