flash

DWG.exe

Status: finished
Submission Time: 28.10.2021 07:38:10
Malicious
Trojan
Evader
FormBook

Comments

Tags

  • exe

Details

  • Analysis ID:
    510733
  • API (Web) ID:
    878303
  • Analysis Started:
    28.10.2021 07:38:11
  • Analysis Finished:
    28.10.2021 07:47:29
  • MD5:
    ff882802d113ed02fa070c496f89d797
  • SHA1:
    aad1eed1c53f1d33ab52e13442b036bfeee91f1b
  • SHA256:
    4216ff4fa7533209a6e50c6f05c5216b8afb456e6a3ab6b65ed9fcbdbd275096
  • Technologies:
Full Report Management Report IOC Report Engine Info Verdict Score Reports

malicious

System: Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211

malicious
100/100

clean
0/100

malicious
33/66

malicious
17/45

malicious

IPs

IP Country Detection
198.187.31.159
United States
154.216.113.38
Seychelles
5.157.87.204
Netherlands
Click to see the 1 hidden entries
198.54.117.215
United States

Domains

Name IP Detection
mylyk.net
198.54.116.195
thebrandstudiointernational.com
5.157.87.204
publiccoins.online
198.187.31.159
Click to see the 8 hidden entries
www.jntycy.com
154.216.113.38
www.theravewizards.com
0.0.0.0
www.hcbg.online
0.0.0.0
www.knowsyourdream.com
0.0.0.0
www.thebrandstudiointernational.com
0.0.0.0
www.mylyk.net
0.0.0.0
www.publiccoins.online
0.0.0.0
parkingpage.namecheap.com
198.54.117.215

URLs

Name Detection
http://www.theravewizards.com/xzes/?YTspi8lX=hsby6OIEBt/ghsMVYLSyJdZ7YeDc2IcIgsMuos52TKAPvq+RR5iGDOsuf8zypfzdpc18&MnaP7J=3fjTHZDPJpAt
http://www.jntycy.com/xzes/?MnaP7J=3fjTHZDPJpAt&YTspi8lX=o99pRogLOIyRAntfhtpVZytcMadcCvcEAGz2+SNM9lt1Q6oIsfbH3zhNe5B/+1jhL6CE
www.elsist.online/xzes/
Click to see the 6 hidden entries
http://www.publiccoins.online/xzes/?MnaP7J=3fjTHZDPJpAt&YTspi8lX=VW6AQLcl+2136037Dei1g2cODa3ue2eSFsBods08HsyRy7QSHzNYTvvdstC8PYxoWiaB
http://www.thebrandstudiointernational.com/xzes/?YTspi8lX=hHkh8CC3aQWSbWc+haxkrlzKrETBoK7eA41q+CP6m5nHXq5sq3R+TUUaF/2E5Ug81ukz&MnaP7J=3fjTHZDPJpAt
https://zz.bdstatic.com/linksubmit/push.js
https://www.yourhosting.nl/parkeerpagina.html
http://schemas.mi
http://push.zhanzhang.baidu.com/push.js