Joe Sandbox Cloud Basic

Want to search on specific fields?


Try our:

Advanced Search

Want to search in depth on all Cloud Basic reports?

Try: Joe Sandbox View

Register Login
sloganpng
top title background image
flash

DWG.exe

Status: finished
Submission Time: 2021-10-28 07:38:10 +02:00
Malicious
Trojan
Evader
FormBook

Comments

Tags

  • exe

Details

  • Analysis ID:
    510733
  • API (Web) ID:
    878303
  • Analysis Started:
    2021-10-28 07:38:11 +02:00
  • Analysis Finished:
    2021-10-28 07:47:29 +02:00
  • MD5:
    ff882802d113ed02fa070c496f89d797
  • SHA1:
    aad1eed1c53f1d33ab52e13442b036bfeee91f1b
  • SHA256:
    4216ff4fa7533209a6e50c6f05c5216b8afb456e6a3ab6b65ed9fcbdbd275096
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
malicious
Full Report Management Report IOC Report
malicious
Score: 100
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Full Report Management Report IOC Report
clean
0/100

Third Party Analysis Engines

Open Full Report
malicious
Score: 33/66
malicious
Score: 17/45
malicious

IPs

IP Country Detection
198.187.31.159
 United States
154.216.113.38
 Seychelles
5.157.87.204
 Netherlands
Click to see the 1 hidden entries
198.54.117.215
 United States

Domains

Name IP Detection
mylyk.net
 198.54.116.195
thebrandstudiointernational.com
 5.157.87.204
publiccoins.online
 198.187.31.159
Click to see the 8 hidden entries
www.jntycy.com
 154.216.113.38
www.theravewizards.com
 0.0.0.0
www.hcbg.online
 0.0.0.0
www.knowsyourdream.com
 0.0.0.0
www.thebrandstudiointernational.com
 0.0.0.0
www.mylyk.net
 0.0.0.0
www.publiccoins.online
 0.0.0.0
parkingpage.namecheap.com
 198.54.117.215

URLs

Name Detection
http://www.theravewizards.com/xzes/?YTspi8lX=hsby6OIEBt/ghsMVYLSyJdZ7YeDc2IcIgsMuos52TKAPvq+RR5iGDOsuf8zypfzdpc18&MnaP7J=3fjTHZDPJpAt
http://www.jntycy.com/xzes/?MnaP7J=3fjTHZDPJpAt&YTspi8lX=o99pRogLOIyRAntfhtpVZytcMadcCvcEAGz2+SNM9lt1Q6oIsfbH3zhNe5B/+1jhL6CE
www.elsist.online/xzes/
Click to see the 6 hidden entries
http://www.publiccoins.online/xzes/?MnaP7J=3fjTHZDPJpAt&YTspi8lX=VW6AQLcl+2136037Dei1g2cODa3ue2eSFsBods08HsyRy7QSHzNYTvvdstC8PYxoWiaB
http://www.thebrandstudiointernational.com/xzes/?YTspi8lX=hHkh8CC3aQWSbWc+haxkrlzKrETBoK7eA41q+CP6m5nHXq5sq3R+TUUaF/2E5Ug81ukz&MnaP7J=3fjTHZDPJpAt
https://zz.bdstatic.com/linksubmit/push.js
https://www.yourhosting.nl/parkeerpagina.html
http://schemas.mi
http://push.zhanzhang.baidu.com/push.js