flash

MAPO-PI.exe

Status: finished
Submission Time: 28.10.2021 07:39:12
Malicious
Trojan
Evader
FormBook

Comments

Tags

  • exe

Details

  • Analysis ID:
    510736
  • API (Web) ID:
    878308
  • Analysis Started:
    28.10.2021 07:39:13
  • Analysis Finished:
    28.10.2021 07:49:38
  • MD5:
    c619bbbe3c374c8fd3e9f2c26d087496
  • SHA1:
    a8f7e80f2c8e7687789f2267935610f81bc773d4
  • SHA256:
    260b61ddee5133e450110555cf0675ad6c015f51e6053c8fdc169db5e01bf993
  • Technologies:
Full Report Management Report IOC Report Engine Info Verdict Score Reports

System: Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211

malicious
100/100

clean
0/100

malicious
21/68

malicious
11/28

IPs

IP Country Detection
159.65.10.143
United States
109.232.217.55
Turkey
34.102.136.180
United States

Domains

Name IP Detection
www.transforming-leadership.com
159.65.10.143
diofis.com
109.232.217.55
www.diofis.com
0.0.0.0
Click to see the 2 hidden entries
www.lifeinformpodcast.com
0.0.0.0
lifeinformpodcast.com
34.102.136.180

URLs

Name Detection
http://www.transforming-leadership.com/rigx/?1btd7D=9134s0FnLt/OWarUedgABr9C/c4q5kSlc0KYi18j8Gti+B07oVRLIxAr1gTintGupYIr&8pr=9rQH8
http://www.diofis.com/rigx/?8pr=9rQH8&1btd7D=x7Tu96cHMgTmU7mY47TISrjDcbGhV6G9B99bVm0ZcSL4vblov6CXxXD4o82KDOntdPMV
www.diofis.com/rigx/
Click to see the 56 hidden entries
http://www.diofis.com/category/sporcu-beslenmesi/
http://www.diofis.com/wp-content/uploads/2020/09/cropped-diofis-logo-2.png
http://www.diofis.com/feed/
http://www.diofis.com/hizmetlerimiz/kurumsal-beslenme-danismanligi/
http://www.diofis.com/category/tarifler/
http://www.diofis.com?sccss=1&ver=5.5.6
http://www.diofis.com/2020/10/24/saglikli-ve-pratik-corba-tarifi/
https://api.w.org/
http://www.diofis.com/2020/11/01/ketojenik-beslenme/
http://www.diofis.com/comments/feed/
http://www.diofis.com/hizmetlerimiz/cocukluk-cagi-beslenme-danismanligi/
http://www.diofis.com/2020/10/24/sebze-corbasi-tarifi/
http://www.diofis.com/2020/10/24/yulafli-kahvalti/
https://schema.org
http://www.diofis.com/2020/10/24/meyve-cayi/
http://gmpg.org/xfn/11
http://www.diofis.com/bize-ulasin/
http://www.diofis.com/partnerlerimiz/
http://www.diofis.com/xmlrpc.php?rsd
http://www.diofis.com/2020/10/24/saglikli-ve-pratik-salata-tarifi/
http://www.lifeinformpodcast.com/rigx/?8pr=9rQH8&1btd7D=sXodP5plw2zuBk5jc17bfKeMRD93SLnVb+AwVzSLCtQvXrT73UIO1hDRl0kooUZyQ/sm
http://www.diofis.com/
http://www.diofis.com/?s=
http://www.diofis.com/2020/10/24/odem-cayi/
http://www.diofis.com/wp-includes/css/dist/block-library/style.min.css?ver=5.5.6
http://www.diofis.com/hizmetlerimiz/kilo-koruma-beslenme-danismanligi/
http://www.diofis.com/2020/11/27/sporcu-beslenmesinde-yeterli-ve-dengeli-beslenmenin-onemi/
http://www.diofis.com/hizmetlerimiz/online-beslenme-danismanligi/
http://www.diofis.com/#website
http://www.diofis.com/2020/10/24/rahatlatici-cay/
https://www.monsterinsights.com/
http://www.diofis.com/hakkimizda/
https://yoast.com/wordpress/plugins/seo/
http://www.diofis.com/wp-includes/wlwmanifest.xml
http://www.diofis.com/blog/
http://www.diofis.com/2020/10/24/kahvaltilik-tarifler/
http://www.diofis.com/hizmetlerimiz/hastaliklarda-beslenme-danismanligi/
http://www.diofis.com/wp-content/themes/neve/style.min.css?ver=2.8.3
http://www.diofis.com/hizmetlerimiz/bireysel-beslenme-danismanligi/
http://www.diofis.com/2020/10/24/saglikli-ve-pratik-roka-salatasi/
http://www.diofis.com/#logo
http://www.diofis.com/#organization
http://www.diofis.com/2020/11/19/aspir-yagi/
http://www.diofis.com/2020/10/24/maydanoz-cayi/
http://www.diofis.com/category/guncel-diyet-meseleleri/
http://www.collada.org/2005/11/COLLADASchema9Done
http://www.diofis.com/wp-content/uploads/2020/09/cropped-cropped-diofis-logo-2-3.png
http://www.diofis.com/2020/10/24/elma-cayi/
http://www.diofis.com/2020/11/01/cikolatali-toplar/
http://www.diofis.com/hizmetlerimiz/
http://www.diofis.com/2020/11/01/cennet-tatlisi/
http://www.diofis.com/wp-json/
http://www.diofis.com/2020/10/24/portakalli-meyve-cayi/
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
https://m0n.co/ga
http://www.diofis.com/2020/10/24/odem-cayi-2/

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\MAPO-PI.exe.log
ASCII text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
data
#
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_lhm0t1yh.nml.psm1
very short file (no magic)
#
Click to see the 2 hidden entries
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_p05gvjwq.ucq.ps1
very short file (no magic)
#
C:\Users\user\Documents\20211028\PowerShell_transcript.855271.6SnYDjtu.20211028074006.txt
UTF-8 Unicode (with BOM) text, with CRLF line terminators
#