flash

RFQ_TZDQP2110257921.exe

Status: finished
Submission Time: 25.11.2021 16:22:08
Malicious
Trojan
Evader
GuLoader

Comments

Tags

  • exe

Details

  • Analysis ID:
    528676
  • API (Web) ID:
    896198
  • Analysis Started:
    25.11.2021 16:22:09
  • Analysis Finished:
    25.11.2021 16:46:21
  • MD5:
    de5e1ca79f9bc16726e87f9e04529a33
  • SHA1:
    c688c1b2ea205aa37f7fe4a511d18f1bdead62a1
  • SHA256:
    9f1956145a9bdc606ad1463721f38ea1c31c6aeabfb028a0b134c0f3e881db47
  • Technologies:
Full Report Management Report IOC Report Engine Info Verdict Score Reports

System: Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211

malicious
72/100

System: Windows 10 64 bit 20H2 Native physical Machine for testing VM-aware malware (Office 2019, IE 11, Chrome 93, Firefox 91, Adobe Reader DC 21, Java 8 Update 301
Run Condition: Suspected Instruction Hammering

malicious
80/100

malicious
23/68

malicious
18/45

IPs

IP Country Detection
142.250.185.142
United States

Domains

Name IP Detection
drive.google.com
142.250.185.142

URLs

Name Detection
https://drive.google.com/ce.a
https://drive.google.com/;
https://drive.google.com/Xg
Click to see the 20 hidden entries
https://drive.google.com/
https://drive.google.com/V
https://drive.google.com/Dg
https://drive.google.com/ertificates
https://drive.google.com/3
https://drive.google.com/S
https://drive.google.com/s
https://drive.google.com/r
https://drive.google.com/.
https://drive.google.com/rK
https://drive.google.com/crosoft
https://drive.google.com/K
https://drive.google.com/&
https://drive.google.com/rC
https://drive.google.com/_1
https://drive.google.com/C
https://drive.google.com/c
https://drive.google.com/ificate
https://drive.google.com/a
https://csp.withgoogle.com/csp/report-to/gse_l9ocaq

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Temp\~DF5138B99E2C3F8BE8.TMP
Composite Document File V2 Document, Cannot read section info
#