Joe Sandbox Cloud Basic

Want to search on specific fields?


Try our:

Advanced Search

Want to search in depth on all Cloud Basic reports?

Try: Joe Sandbox View

Register Login
sloganpng
top title background image
flash

https://cdn.discordapp.com/attachments/755518735111946330/904812165368774656/NitroGenV0.5.exe

Status: finished
Submission Time: 2021-11-07 08:39:11 +01:00
Malicious
Trojan
Spyware
Evader
MercurialGrabber

Comments

Tags

Details

  • Analysis ID:
    517177
  • API (Web) ID:
    884719
  • Analysis Started:
    2021-11-07 08:39:12 +01:00
  • Analysis Finished:
    2021-11-07 08:45:56 +01:00
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
Full Report Management Report IOC Report
malicious
Score: 100
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Full Report Management Report IOC Report
clean
0/100

Third Party Analysis Engines

malicious

IPs

IP Country Detection
162.159.136.232
 United States
208.95.112.1
 United States
162.159.129.233
 United States
Click to see the 2 hidden entries
23.128.64.141
 United States
162.159.135.232
 United States

Domains

Name IP Detection
discord.com
 162.159.136.232
cdn.discordapp.com
 162.159.129.233
ip-api.com
 208.95.112.1
Click to see the 1 hidden entries
ip4.seeip.org
 23.128.64.141

URLs

Name Detection
https://discord.com
https://discord.com/api/webhooks/903671676842164224/hgVlAW5LCUzPj7SU-155WPmokQU8kGZJo2PMKC5I1ao5YwOw
https://discord.com/api/webhooks/903671676842164224/hgVlAW5LCUzPj7SU-155WPmokQU8kGZJo2PMKC5I1ao5YwOw7U4zsmJgE8WpgziY0apY
Click to see the 42 hidden entries
https://cdn.discordapp.com/attachments/903671493853077534/906810260252164166/Capture.jpg
https://discord.comx
https://cdn.discordapp.com/attachments/755518735111946330/904812165368774656/NitroGenV0.5.exe$
https://cdn.discordapp.com/attachments/903671493853077534/906810248877211688/cookies.txt
https://support.google.com/chrome/?p=plugin_shockwave
https://cdn.discordapp.com/attachments/755518735111946330/904812165368774656/NitroGenV0.5.exe0
http://ip-api.com
http://ip-api.com//json/84.17.52.68
https://media.discordapp.net/attachments/903671493853077534/906810248877211688/cookies.txt
https://support.google.com/chrome/?p=plugin_divx
http://fpdownload.macromedia.com/get/shockwave/default/english/win95nt/latest/Shockwave_Installer_Sl
https://cdn.discordapp.com/attachments/755518735111946330/904812165368774656/NitroGenV0.5.exe9
http://ip-api.com//json/
https://cdn.discordapp.com/attachments/903671493853077534/906810341642612736/passwords.txt
https://media.discordapp.net/attachments/903671493853077534/906810251381211176/passwords.txt
https://cdn.discordapp.com/avatars/
https://i.imgur.com/vgxBhmx.png
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
https://cdn.discordapp.com/attachments/755518735111946330/904812165368774656/NitroGenV0.5.exe
https://cdn.discordapp.com/attachments/755518735111946330/904812165368774656/NitroGenV0.5.exe;
http://ip4.seeip.org
https://support.google.com/chrome/?p=plugin_flash
https://discordapp.com/api/v8/users/
https://i.imgur.com/vgxBhmx.pngultipart/form-data
http://download.divx.com/player/divxdotcom/DivXWebPlayerInstaller.exe
https://media.discordapp.net/attachments/903671493853077534/906810260252164166/Capture.jpg
https://www.countryflags.io/CH/flat/48.png
https://cdn.discordapp.com/attachments/755518735111946330/904812165368774656/Ni
https://support.google.com/chrome/answer/6258784
https://ip4.seeip.org
https://cdn.discordapp.com/attachments/903671493853077534/906810251381211176/passwords.txt
https://media.discordapp.net/attachments/903671493853077534/906810339021168680/cookies.txt
https://discord.com8
https://media.discordapp.net/attachments/903671493853077534/906810341642612736/passwords.txt
http://discord.com
https://cdn.discordapp.com/attachments/903671493853077534/906810352568766474/Capture.jpg
https://ip4.seeip.orgx
https://media.discordapp.net/attachments/903671493853077534/906810352568766474/Capture.jpg
https://www.countryflags.io/
http://ip-api.comx
https://cdn.discordapp.com/attachments/903671493853077534/906810339021168680/cookies.txt
https://ip4.seeip.org/

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Temp\NitroGenV0.5.exe
 PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
 #
C:\Users\user\AppData\Local\Temp\NitroGenV0.5.exe:Zone.Identifier
 ASCII text, with CRLF line terminators
 #
C:\Users\user\Desktop\download\NitroGenV0.5.exe
 PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
 #
Click to see the 7 hidden entries
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\NitroGenV0.5.exe.log
 ASCII text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Temp\Capture.jpg
 JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1280x1024, frames 3
 #
C:\Users\user\AppData\Local\Temp\cookies.db
 SQLite 3.x database, last written using SQLite version 3032001
 #
C:\Users\user\AppData\Local\Temp\cookies.txt
 ASCII text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Temp\login.db
 SQLite 3.x database, last written using SQLite version 3032001
 #
C:\Users\user\Desktop\cmdline.out
 ASCII text, with CRLF line terminators
 #
\Device\ConDrv
 ASCII text, with very long lines, with CRLF line terminators
 #