top title background image
flash

GlLHM7paoZ.exe

Status: finished
Submission Time: 2021-10-24 09:20:31 +02:00
Malicious
Ransomware
Evader
BLACKMatter

Comments

Tags

Details

  • Analysis ID:
    508200
  • API (Web) ID:
    875767
  • Analysis Started:
    2021-10-24 09:20:32 +02:00
  • Analysis Finished:
    2021-10-24 09:26:33 +02:00
  • MD5:
    598c53bfef81e489375f09792e487f1a
  • SHA1:
    80a29bd2c349a8588edf42653ed739054f9a10f5
  • SHA256:
    22d7d67c3af10b1a37f277ebabe2d1eb4fd25afbd6437d4377400e148bcc08d6
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
malicious
malicious
Score: 100
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
clean
0/100

Third Party Analysis Engines

malicious
Score: 59/68
malicious
Score: 27/35
malicious
Score: 26/28
malicious

IPs

IP Country Detection
103.224.212.222
Australia
199.59.242.153
United States

Domains

Name IP Detection
paymenthacks.com
103.224.212.222
mojobiden.com
0.0.0.0
ww25.paymenthacks.com
0.0.0.0
Click to see the 1 hidden entries
77026.bodis.com
199.59.242.153

URLs

Name Detection
http://ww25.paymenthacks.com/?ztYdx0Q=9Jh2L4nBPBJechaF7&aLz8nwiFC=fVBFCEdqrnS06Ab&ZaNSaGgG3=maO6bGG6LAg&mi3fju3=SkxeAp3EGyy3E&fGep=oo79la8IfpgF2Pf&Ktpuhpgn=2pQNXS3RarpD2S&lzLC=HEaimaSUBS3zw0nFsZL&MNg=HhbZ8eK&subid1=20211024-1821-244d-afd2-7f2406ac953a
http://ww25.paymenthacks.com/u
http://ww25.paymenthacks.com/?ztYdx0Q=9Jh2L4nBPBJechaF7&aLz8nwiFC=fVBFCEdqrnS06Ab&ZaNSaGgG3=maO6bGG6LAg&mi3fju3=SkxeAp3EGyy3E&fGep=oo79la8IfpgF2Pf&Ktpuhpgn=2pQNXS3RarpD2S&lzLC=HEaimaSUBS3zw0nFsZL&MNg=HhbZ8eK&subid1=20211024-1821-245b-b16a-e897805eb3ba
Click to see the 14 hidden entries
http://ww25.paymenthacks.com/?wFdsAo=m8SxzzJYA8Cye0ZuIp&IIu7qt4s=9vaqCkIU&P0rY85r3g=3yWBtmW9ThsVHLPv
http://paymenthacks.com/?wFdsAo=m8SxzzJYA8Cye0ZuIp&IIu7qt4s=9vaqCkIU&P0rY85r3g=3yWBtmW9ThsVHLPvT&NIz
http://paymenthacks.com/?ztYdx0Q=9Jh2L4nBPBJechaF7&aLz8nwiFC=fVBFCEdqrnS06Ab&ZaNSaGgG3=maO6bGG6LAg&m
https://paymenthacks.com/?ztYdx0Q=9Jh2L4nBPBJechaF7&aLz8nwiFC=fVBFCEdqrnS06Ab&ZaNSaGgG3=maO6bGG6LAg&mi3fju3=SkxeAp3EGyy3E&fGep=oo79la8IfpgF2Pf&Ktpuhpgn=2pQNXS3RarpD2S&lzLC=HEaimaSUBS3zw0nFsZL&MNg=HhbZ8eK
http://paymenthacks.com/?ztYdx0Q=9Jh2L4nBPBJechaF7&aLz8nwiFC=fVBFCEdqrnS06Ab&ZaNSaGgG3=maO6bGG6LAg&mi3fju3=SkxeAp3EGyy3E&fGep=oo79la8IfpgF2Pf&Ktpuhpgn=2pQNXS3RarpD2S&lzLC=HEaimaSUBS3zw0nFsZL&MNg=HhbZ8eK
http://ww25.paymenthacks.com/?ztYdx0Q=9Jh2L4nBPBJechaF7&aLz8nwiFC=fVBFCEdqrnS06Ab&ZaNSaGgG3=maO6bGG6
http://supp24yy6a66hwszu2piygicgwzdtbwftb76htfj7vnip3getgqnzxid.onion/7NT6LXKC1XQHW5039BLOV.
http://ww25.paymenthacks.com/
https://mojobiden.com/?ztYdx0Q=9Jh2L4nBPBJechaF7&aLz8nwiFC=fVBFCEdqrnS06Ab&ZaNSaGgG3=maO6bGG6LAg&mi3
https://mojobiden.com/
https://mojobiden.com/ments
https://www.torproject.org/).
http://mojobiden.com/?wFdsAo=m8SxzzJYA8Cye0ZuIp&IIu7qt4s=9vaqCkIU&P0rY85r3g=3yWBtmW9ThsVHLPvT&NIzLa=
http://mojobiden.com/?ztYdx0Q=9Jh2L4nBPBJechaF7&aLz8nwiFC=fVBFCEdqrnS06Ab&ZaNSaGgG3=maO6bGG6LAg&mi3f

Dropped files

Name File Type Hashes Detection
C:\ProgramData\kVuoJyeoW.bmp
PC bitmap, Windows 3.x format, 1280 x 1024 x 16
#
C:\Users\user\Contacts\kVuoJyeoW.README.txt
ASCII text, with CRLF line terminators
#
C:\Users\user\Desktop\BNAGMGSPLO\kVuoJyeoW.README.txt
ASCII text, with CRLF line terminators
#
Click to see the 5 hidden entries
C:\Users\user\Desktop\LSBIHQFDVT\kVuoJyeoW.README.txt
ASCII text, with CRLF line terminators
#
C:\Users\user\Desktop\QCFWYSKMHA\kVuoJyeoW.README.txt
ASCII text, with CRLF line terminators
#
C:\Users\user\Documents\DUUDTUBZFW\kVuoJyeoW.README.txt
ASCII text, with CRLF line terminators
#
C:\Users\user\Documents\GIGIYTFFYT\kVuoJyeoW.README.txt
ASCII text, with CRLF line terminators
#
C:\Users\user\Documents\PIVFAGEAAV\kVuoJyeoW.README.txt
ASCII text, with CRLF line terminators
#