Register Login

sloganpng

top title background image

T-T Swift Copy.exe

Status: finished

Submission Time: 2021-10-27 17:11:13 +02:00

Malicious

Trojan

Evader

DBatLoader FormBook

Comments

Tags

Details

Analysis ID:
510295
API (Web) ID:
877858
Analysis Started:

2021-10-27 17:20:15 +02:00
Analysis Finished:

2021-10-27 17:41:17 +02:00
MD5:
a3127d76c37d53a8ecaab821ce5d99a6
SHA1:
fe6529ff55514634d6cde730e4c4c5b664b02ccf
SHA256:
d9ca56d191efaa8ac5beee52f508082d6e8efb29045bb61c23851537982fa6bf
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
	Full Report Management Report IOC Report	malicious Score: 100	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
	Full Report Management Report IOC Report	clean 0/100

Third Party Analysis Engines

malicious

Score: 17/44

Domains

Name	IP	Detection
onedrive.live.com	0.0.0.0
vhpf4g.bn.files.1drv.com	0.0.0.0

URLs

Name	Detection
www.ehawkstech.com/s4mt/

Dropped files

Name	File Type	Hashes	Detection
C:\Users\Public\Libraries\Bukgwo\Bukgwo.exe	PE32 executable (GUI) Intel 80386, for MS Windows	#
C:\Users\Public\Libraries\owgkuB.url	MS Windows 95 Internet shortcut text (URL=<file:"C:\\Users\\Public\\Libraries\\\\Bukgwo\\Bukgwo.exe">), ASCII text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\Bukgwonqgngtrpkjastfgihmnxlmffz[2]	data	#