flash

REVGKXx6Ns.exe

Status: finished
Submission Time: 24.11.2021 15:05:14
Malicious
Trojan
Evader
AgentTesla GuLoader

Comments

Tags

Details

  • Analysis ID:
    527899
  • API (Web) ID:
    895421
  • Analysis Started:
    24.11.2021 15:05:14
  • Analysis Finished:
    24.11.2021 15:34:13
  • MD5:
    7c91db57c98a1f0e38ba65ed651b4779
  • SHA1:
    28cb0d40a73c1a421a9720808d49da010f9ff4ef
  • SHA256:
    12992fe3f998693d92625c53bf5aa6723e87c8c3fb7057dbba4b334742cab376
  • Technologies:
Full Report Management Report IOC Report Engine Info Verdict Score Reports

System: Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211

malicious
76/100

System: Windows 10 64 bit 20H2 Native physical Machine for testing VM-aware malware (Office 2019, IE 11, Chrome 93, Firefox 91, Adobe Reader DC 21, Java 8 Update 301
Run Condition: Suspected Instruction Hammering

malicious
92/100

malicious
100/100

malicious
42/67

malicious
12/35

malicious
20/28

IPs

IP Country Detection
142.250.186.174
United States

Domains

Name IP Detection
drive.google.com
142.250.186.174

URLs

Name Detection
https://drive.google.com/0Y
https://drive.google.com/obal
https://drive.google.com/A-
Click to see the 16 hidden entries
https://drive.google.com/a-
http://www.topqualityfreeware.com/
https://drive.google.com/
https://drive.google.com/)-
https://drive.google.com/3
https://drive.google.com/crosoft
https://drive.google.com/1-
https://drive.google.com/q-
http://topqualityfreeware.com
https://drive.google.com/rA-
https://drive.google.com/Aq
https://drive.google.com/_1
https://drive.google.com/y-
https://drive.google.com/a
https://csp.withgoogle.com/csp/report-to/gse_l9ocaq
https://drive.google.com/20000Z

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Temp\~DF0E195A349794F694.TMP
Composite Document File V2 Document, Cannot read section info
#