Register Login

sloganpng

top title background image

commercial invoice_010202201.exe

Status: finished

Submission Time: 2022-01-14 10:19:32 +01:00

Malicious

Trojan

Evader

FormBook

Comments

Tags

Details

Analysis ID:
553094
API (Web) ID:
920616
Analysis Started:

2022-01-14 10:19:33 +01:00
Analysis Finished:

2022-01-14 10:31:26 +01:00
MD5:
acbc7357e4fb7d8d4874ecbeb0c5bd0f
SHA1:
f423fed0f335e5c31d7b799aba25469420fb6009
SHA256:
73f458d7e38ab748b7b7d3b3e680db9eb08d845c1b1b7c935a6ee453d8f03358
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
		malicious
	Full Report Management Report IOC Report	malicious Score: 100	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

malicious

Score: 16/43

malicious

IPs

IP	Country	Detection
118.67.131.217	Korea Republic of
23.227.38.74	Canada
199.59.243.200	United States
Click to see the 4 hidden entries
2.57.90.16	Lithuania
109.106.254.15	Serbia
89.17.204.228	Spain
198.54.117.211	United States

Domains

Name	IP	Detection
www.toposales.com	0.0.0.0
www.stardomfrokch.xyz	0.0.0.0
www.answertitles.com	0.0.0.0
Click to see the 14 hidden entries
www.controle-fiscal.com	0.0.0.0
www.rxvendorpills.online	0.0.0.0
www.laraful.com	0.0.0.0
www.moldluck.com	0.0.0.0
www.cloudtotaal.com	0.0.0.0
www.ludowinners.online	0.0.0.0
www.friendschance.com	118.67.131.217
ludowinners.online	109.106.254.15
rxvendorpills.online	2.57.90.16
shops.myshopify.com	23.227.38.74
laraful.com	34.102.136.180
www.survival-hunter.com	89.17.204.228
www.sfcshavedice.com	199.59.243.200
parkingpage.namecheap.com	198.54.117.211

URLs

Name	Detection
http://www.sfcshavedice.com/igwa/?JXRL2Htp=iLZ1RFWiw0U4S9E0pDZlJcjoptUhYXlNWk90HzYHcuVmRCYph1Gowzt+bYvcpjSVMV+b&2dyD8R=k0GL
http://www.toposales.com/igwa/?JXRL2Htp=ma6dGeieA/uMuLPHhGmEMO0MhvgJCSwWTtOunmNNbuA50fkYJarGKThxl5bT79VqZFZn&2dyD8R=k0GL
http://www.friendschance.com/igwa/?JXRL2Htp=kcJK5GFpDKPtevBg1nN4AS2uwE6IDbqQL9Esa69lHd4fhlo3nfdugBZ3P+KHWdbb77iO&2dyD8R=k0GL
Click to see the 9 hidden entries
http://www.ludowinners.online/igwa/?JXRL2Htp=P7cOGMhGan+iOds35nuUwcQL6AiWu3hpp80V2Eae8ndsAihNyn6owzlv0a79YI8S4Mj0&2dyD8R=k0GL
http://www.survival-hunter.com/igwa/?JXRL2Htp=XkWoyKtjfo1nTXOdSlOCxSRnTVDbDlQTsKZVtKCHx1ue89AIkDfi+mwVckT9NwCZj6NC&2dyD8R=k0GL
http://www.stardomfrokch.xyz/igwa/?JXRL2Htp=fxfNgp9ZS8bh2/dcez9r/a5fPpTZli2HVK4HIQKX3jCJ31NosuhFm2CAaUmyjrkPXZG7&2dyD8R=k0GL
www.toposales.com/igwa/
http://www.answertitles.com/igwa/?JXRL2Htp=zipQeNKESZPqCbLQlDCLj4zpqFgOpmaVmA6du1Oyf7pRL9Y+oEdiiyDWqjEEpcoXahJo&2dyD8R=k0GL
http://www.rxvendorpills.online/igwa/?JXRL2Htp=pt5DjHHXKdbYY+ulYudT7OdutHPMSBHvoYqZ/+0K/RDZ4aBmJwtpu5HKuc6CLarugF7n&2dyD8R=k0GL
https://www.survival-hunter.com/igwa/?JXRL2Htp=XkWoyKtjfo1nTXOdSlOCxSRnTVDbDlQTsKZVtKCHx1ue89AIkDfi
http://nsis.sf.net/NSIS_Error
http://nsis.sf.net/NSIS_ErrorError

Dropped files

Name	File Type	Hashes	Detection
C:\Users\user\AppData\Local\Temp\nshDF13.tmp\uajs.dll	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows	#
C:\Users\user\AppData\Local\Temp\5kowm48kjaiw3ht	data	#
C:\Users\user\AppData\Local\Temp\jfxtaknu	data	#
Click to see the 1 hidden entries
C:\Users\user\AppData\Local\Temp\nshDF12.tmp	data	#