flash

SecuriteInfo.com.Variant.Razy.980776.5008.dll

Status: finished
Submission Time: 28.10.2021 05:02:11
Malicious
E-Banking Trojan
Trojan
Evader
Dridex

Comments

Tags

  • dll

Details

  • Analysis ID:
    510696
  • API (Web) ID:
    878263
  • Analysis Started:
    28.10.2021 05:05:01
  • Analysis Finished:
    28.10.2021 05:16:44
  • MD5:
    7f1dd5795783f0793caec052daae5b4e
  • SHA1:
    7ffda23921e29ba6ecd911cfe4ccaaba6b8832ca
  • SHA256:
    ef94fa9978503a9a126e4f15296c130e039e67636a55acb5b10778e09ee0d1d3
  • Technologies:
Full Report Management Report IOC Report Engine Info Verdict Score Reports

System: Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211

malicious
84/100

clean
0/100

malicious
9/44

IPs

IP Country Detection
45.77.0.96
United States
185.56.219.47
Italy
192.46.210.220
United States
Click to see the 1 hidden entries
143.244.140.214
United States

URLs

Name Detection
https://192.46.210.220/
https://143.244.140.214:808/hy
https://192.46.210.220/Google
Click to see the 61 hidden entries
https://143.244.140.214:808/0
https://143.244.140.214:808/1
https://192.46.210.220/aenh.dll
https://185.56.219.47:8116/
https://192.46.210.220/Certification
https://45.77.0.96:6891/.0.96:6891/
https://185.56.219.47:8116/&
https://45.77.0.96/
https://185.56.219.47:8116/%
https://185.56.219.47:8116/oft
https://143.244.140.214/c
https://143.244.140.214:808/%
https://143.244.140.214:808/oft
https://192.46.210.220/#
https://192.46.210.220/$
https://143.244.140.214:808/P
https://192.46.210.220/coro8
https://143.244.140.214:808/S
https://143.244.140.214:808/ll
https://192.46.210.220/)
https://45.77.0.96:6891/h.dlln
https://185.56.219.47:8116/ES
https://185.56.219.47:8116/soft
https://192.46.210.220/1
https://192.46.210.220/GlobalSign
https://192.46.210.220/-
https://143.244.140.214:808/v
https://143.244.140.214:808/w
https://185.56.219.47/F
https://192.46.210.220/9
https://143.244.140.214/
https://143.244.140.214:808/My
https://185.56.219.47/
https://185.56.219.47:8116/P
https://192.46.210.220/5
https://45.77.0.96:6891/1$
https://143.244.140.214:808/.140.214:808/hy
https://185.56.219.47:8116/4.140.214:808/
https://192.46.210.220/L
https://143.244.140.214:808/em32
https://143.244.140.214:808/l
https://192.46.210.220/E
https://192.46.210.220/aenh.dllz
https://185.56.219.47/N
https://192.46.210.220/O
https://45.77.0.96:6891/graphy
https://143.244.140.214:808/
https://192.46.210.220/N
https://45.77.0.96:6891/
https://192.46.210.220/W
https://185.56.219.47:8116/0
https://185.56.219.47:8116/853
https://143.244.140.214:808/ll1
https://192.46.210.220/i
https://185.56.219.47:8116/C
https://192.46.210.220/ography
https://45.77.0.96:6891/C
https://185.56.219.47:8116/D
https://185.56.219.47:8116/Ps%
https://192.46.210.220/r
https://45.77.0.96:6891/Microsoft

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
Microsoft Cabinet archive data, 61157 bytes, 1 file
#
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
data
#