Register Login

sloganpng

top title background image

DHL Waybill receipt.exe

Status: finished

Submission Time: 2021-12-02 18:37:28 +01:00

Malicious

Trojan

Spyware

Evader

AgentTesla

Comments

Tags

Details

Analysis ID:
532850
API (Web) ID:
900365
Analysis Started:

2021-12-02 18:49:38 +01:00
Analysis Finished:

2021-12-02 19:00:58 +01:00
MD5:
fccf07d7a10aff74cedc0e93fbe77f90
SHA1:
8e7d667885cdc3646d46c3a72ee13451c86cbd4d
SHA256:
854fdbaa39b3da5ed2d094c57511d14dc97c392358da47e42fbbd7b2d03101d2
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
	Full Report Management Report IOC Report	malicious Score: 100	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

malicious

Score: 14/45

IPs

IP	Country	Detection
208.91.199.223	United States

Domains

Name	IP	Detection
smtp.unitedappliencesgroup.com	0.0.0.0
us2.smtp.mailhostbox.com	208.91.199.223

URLs

Name	Detection
https://YDMv4fA4ajY4A2Rc.net
http://127.0.0.1:HTTP/1.1
http://KjvtHQ.com
Click to see the 5 hidden entries
http://DynDns.comDynDNS
http://smtp.unitedappliencesgroup.com
http://us2.smtp.mailhostbox.com
https://www.theonionrouter.com/dist.torproject.org/torbrowser/9.5.3/tor-win32-0.4.3.6.zip%tordir%%ha
https://www.theonionrouter.com/dist.torproject.org/torbrowser/9.5.3/tor-win32-0.4.3.6.zip

Dropped files

Name	File Type	Hashes	Detection
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\DHL Waybill receipt.exe.log	ASCII text, with CRLF line terminators	#