1nJGU59JPU.exe

Status: finished

Submission Time: 2022-01-14 17:58:15 +01:00

Malicious

Trojan

Evader

Comments

Details

Analysis ID:
553343
API (Web) ID:
920865
Analysis Started:

2022-01-14 17:58:15 +01:00
Analysis Finished:

2022-01-14 18:15:54 +01:00
MD5:
aea21ab88cca720a34ec1c9c4794f82a
SHA1:
5241d6fd4013ec8251df46e231665471a8ca70db
SHA256:
498421bc4c78ba9bf7c9d669bd9958cf2c0c1cc89e94288800fe004400821ef3
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
		malicious
	Full Report Management Report IOC Report	malicious Score: 100	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

Open Full Report

malicious

Score: 17/68

Open Full Report

malicious

Score: 12/35

malicious

Score: 22/28

malicious

IPs

IP	Country	Detection
151.101.1.195	United States
148.251.234.83	Germany
34.138.230.116	United States
Click to see the 73 hidden entries
142.250.185.164	United States
13.224.96.58	United States
13.224.96.122	United States
136.244.117.138	United States
157.240.17.15	United States
52.173.139.125	United States
104.16.227.72	United States
185.26.99.58	Germany
139.45.197.251	Netherlands
23.50.98.104	United States
23.227.38.74	Canada
139.45.195.8	Netherlands
162.0.210.44	Canada
35.169.187.184	United States
212.82.100.181	United Kingdom
172.67.138.139	United States
94.126.16.223	Switzerland
54.174.190.185	United States
142.250.181.225	United States
151.115.10.1	United Kingdom
139.45.197.236	Netherlands
139.45.197.238	Netherlands
87.248.118.23	United Kingdom
139.45.197.240	Netherlands
13.224.96.29	United States
104.26.5.175	United States
34.196.60.195	United States
35.157.179.180	United States
52.38.191.23	United States
104.18.28.218	United States
104.19.168.102	United States
142.250.186.99	United States
142.250.186.136	United States
13.224.96.124	United States
142.250.184.205	United States
172.67.39.148	United States
104.16.18.94	United States
13.224.96.72	United States
104.26.4.235	United States
104.18.72.113	United States
142.250.184.227	United States
142.250.186.110	United States
142.250.154.127	United States
37.230.138.66	Russian Federation
93.158.134.119	Russian Federation
13.224.96.103	United States
13.224.96.30	United States
51.159.62.6	France
151.101.1.12	United States
157.240.17.35	United States
172.67.131.171	United States
142.250.185.226	United States
18.136.177.10	United States
35.201.70.46	United States
172.67.215.223	United States
13.224.96.45	United States
192.243.59.12	Dominica
104.18.70.113	United States
239.255.255.250	Reserved
163.172.208.8	United Kingdom
104.22.20.108	United States
18.184.39.239	United States
104.22.25.116	United States
13.224.96.86	United States
108.177.15.154	United States
139.45.197.139	Netherlands
13.224.96.4	United States
104.26.1.133	United States
37.48.68.71	Netherlands
104.22.21.108	United States
104.21.51.248	United States
172.67.148.61	United States
172.217.16.142	United States

Domains

Name	IP	Detection
cdnjs.cloudflare.com	104.16.18.94
dr35amawwlvaz.cloudfront.net	13.224.96.15
source3.boys4dayz.com	172.67.148.61
Click to see the 97 hidden entries
tpx.tesseradigital.com	35.157.179.180
connectini.net	162.0.210.44
static.addtoany.com	172.67.39.148
dyjtibcz3b48v.cloudfront.net	13.224.96.86
stats.l.doubleclick.net	108.177.15.154
www.ojrq.net	34.95.127.121
star-mini.c10r.facebook.com	157.240.17.35
b.dxyzgame.com	172.67.164.165
datatechone.com	37.48.68.71
d2393mmhak2ysp.cloudfront.net	13.224.96.116
shops.myshopify.com	23.227.38.74
static.zdassets.com	104.18.72.113
sdks.am-static.com	104.18.28.218
d3lp7swsejht2u.cloudfront.net	13.224.96.124
www.profitabletrustednetwork.com	192.243.59.12
messengerview.1talking.net	52.38.191.23
curtainshare.su	172.67.133.243
yonhelioliskor.com	139.45.197.251
dxozrhxfn9bwf.cloudfront.net	13.224.96.4
c.xyzgamec.com	172.67.143.225
edge.gycpi.b.yahoodns.net	87.248.118.23
d21fnsp1pg8r6b.cloudfront.net	13.224.96.58
fonts.shopifycdn.com	151.101.1.12
glsdk.logsss.com	0.0.0.0
monorail-edge.shopifysvc.com	0.0.0.0
xhr.invl.co	18.136.177.10
widget-mediator.zopim.com	3.120.252.147
dashboard.wheelio-app.com	52.173.139.125
d1h4d6cj0c830c.cloudfront.net	13.224.96.30
s3.fr-par.scw.cloud	51.159.62.6
d155tv9w8vktl.cloudfront.net	13.224.96.88
my.rtmark.net	139.45.195.8
360devtracking.com	37.230.138.66
gp.gamebuy768.com	172.67.143.210
ad.admitad.com	185.26.99.58
widgets.automizely.com	104.19.168.102
www-googletagmanager.l.google.com	142.250.186.136
www-google-analytics.l.google.com	142.250.186.110
d2pbcviywxotf2.cloudfront.net	13.224.96.72
product-labels-pro.bsscommerce.com	104.26.1.133
shopify.privy.com	104.22.21.108
s3.pl-waw.scw.cloud	151.115.10.1
p-chzh00.kxcdn.com	94.126.16.223
ztedevices.zendesk.com	104.16.51.111
spdc-global.pbp.gysm.yahoodns.net	212.82.100.181
d1lytq8w52fohg.cloudfront.net	13.224.96.29
d8bc12a0-pushowlbackend-pu-0f8c-1616299444.us-east-1.elb.amazonaws.com	34.196.60.195
nginx.1cros.net	18.184.39.239
www.google.co.uk	142.250.186.99
chimpstatic.com	23.50.98.104
googleads.g.doubleclick.net	142.250.185.226
oneimpress.io	136.244.117.138
d2ovawmze1vtgu.cloudfront.net	13.224.96.120
d1qcny5kzqmo9s.cloudfront.net	13.224.96.6
assets.prod.abebookscdn.com	13.224.96.28
cdn.shopify.com	151.101.1.12
cloudmonitor-logsss-com-1570812809.us-east-1.elb.amazonaws.com	35.169.187.184
seo.apps.avada.io	151.101.1.195
google.com	142.250.186.110
toa.mygametoa.com	34.64.183.91
vexacion.com	139.45.197.236
littlecdn.com	104.22.25.116
www.google.com	142.250.185.164
ekr.zdassets.com	104.18.70.113
di7rtopbiewfz.cloudfront.net	13.224.96.103
directdexchange.com	35.201.70.46
d28ndrjbfdkv0d.cloudfront.net	13.224.96.45
d2h3z7munabi1z.cloudfront.net	13.224.96.122
d6gl2ual1jt2h.cloudfront.net	13.224.96.80
monorail-production-web-apps-a-us-east1-10.shopifycloud.com	34.138.230.116
d1s33wn15r3bpe.cloudfront.net	13.224.96.124
s3.nl-ams.scw.cloud	163.172.208.8
www.adsaro.net	104.26.4.235
api.privy.com	104.22.20.108
iplogger.org	148.251.234.83
app.avada.io	151.101.1.195
atzekromchan.com	139.45.197.238
accounts.google.com	142.250.184.205
myhypeposts.com	139.45.197.139
diromalxx.com	62.122.170.197
cdn.admitad-connect.com	104.26.5.175
cdntechone.com	172.67.131.171
scontent.xx.fbcdn.net	157.240.17.15
affiliates-abebooks-com.customtraffic.impactradius.com	35.244.197.23
propeller-tracking.com	139.45.197.240
gstaticadssl.l.google.com	142.250.184.227
static.shareasale.com	104.16.227.72
www.cloud-security.xyz	172.67.215.223
htagzdownload.pw	35.205.61.67
goodnotification.net	172.67.138.139
mc.yandex.ru	93.158.134.119
data.abebooks.com	3.86.136.12
s.w.org	192.0.77.48
googlehosted.l.googleusercontent.com	142.250.181.225
stun.l.google.com	142.250.154.127
clients.l.google.com	172.217.16.142
cdn.langshop.app	104.21.51.248

URLs

Name	Detection
http://vexacion.com/afu.php?zoneid=1851513
http://vexacion.com/afu.php?zoneid=1343177&var=3
http://vexacion.com/afu.php?zoneid=1851483z
Click to see the 97 hidden entries
http://vexacion.com/?z=1851513&syncedCookie=false
http://vexacion.com/?z=1851483&syncedCookie=false
http://vexacion.com/afu.php?zoneid=1851483leSystem
http://vexacion.com/?z=1294231&syncedCookie=false
http://vexacion.com/afu.php?zoneid=1851483C:
http://vexacion.com/?z=1339680&syncedCookie=false
http://vexacion.com/?z=1492888&syncedCookie=true
https://support.google.com/chrome/?p=plugin_divx
https://connectini.net/S2S/Disc/Disc.php?ezok=lylach7&tesla=7
http://onepiece.s3.pl-waw.scw.cloud/pub-carousel/I-Record.exeeRR
http://fpdownload.ma)
http://www.interoperabilitybridges.com/wmp-extension-for-chrome=
https://korolova.s3.nl-ams.scw.cloud/electroman/uptoda_5a5uaqs98d3qj2w5.exe
https://accounts.google.com/AddSession
https://chrome-sync.sandbox.google.com/chrome-sync/alphat
https://connectini.net
https://chrome-sync.sandbox.google.com/chrome-sync/alpha&
http://download.divx.com/player/divxdotcom/DivXWebPlayerInstaller.exe2
https://daily-4.meet.sandbox.google.com
https://autopush.meet.sandbox.google.comlow-2G
http://korolova.s3.nl-ams.scw.cloud/adv-control/I-Record.
https://daily-0.meet.sandbox.google.com
https://daily-2.meet.sandbox.google.com
https://meet.google.com
https://www.amazon.co.uk
https://accounts.google.com/MergeSession
https://support.google.com/chrome/?p=plugin_java
https://www.amazon.com.mx
https://www.amazon.com
https://google.com/pluginM
https://preprod.meet.sandbox.google.com
https://support.google.com/chrome/answer/6258784-0000
https://clients2.google.com/service/update2/crx
https://accounts.google.com/ServiceLogin
http://mitrichsoftware.wordpress.comB
https://korolova.s3.nl-ams.shZ
https://accounts.google.com/OAuthGetAccessToken
https://support.google.com/c?
https://accounts.google.com/o/oauth/GetOAuthToken/e.dll
http://korolova.s3.nl-ams.scw.cloud/adv-control/I-Record.exe
https://accounts.google.com/encryption/unlock/desktop
https://accounts.google.com/ListAccounts?json=standard
https://delice.s3.fr-par.scw.cloud/run-data/rec_76nqyh7qvdmyuas4
http://www.remobjects.com/psU
http://service.real.com/realplayer/security/02062012_player/en/
https://accounts.google.com/GetUserInfo
https://korolova.s3.nl-ams.scw.cloud
https://iplogger.org
https://i-record.org
https://delice.s3.fr-par.scw.cloud
https://support.google.com/chrome/answer/6258784_win.dll
https://accounts.google.com/OAuthLogin
http://www.innosetup.com/
https://www.profitabletrustednetwork.com/b1fsmdd9m?key=7e872dab99d78bffc4aa0c1e6b062dadRr
http://onepiece.s3.pl-waw.scw.cloud/pub-carousel/I-Record.exL
http://korolova.s3.nl-ams.scw.cloud/adv-control/I-Record.exeL
https://accounts.google.com/OAuthWrapBridge
https://accounts.google.com/AuthSubRevokeToken
https://www.amazon.it
http://onepiece.s3.pl-waw.scw.cloud/pub-carousel/I-Record.exe
https://www.amazon.in
https://www.profitabletrustednetwork.com/b1fsmdd9m?key=7e872dab99d78bffc4aa0c1e6b062dadC:
https://support.google.com/chrome/?p=plugin_flasht
https://support.google.com/chrome/?p=plugin_quicktime~y
https://support.google.com/chrome/?p=plugin_real
https://www.youtube.com
https://accounts.google.com/AddSessionY
http://clients2.google.com/time/1/current
http://productsdetails.online/Series/za3ma_za3ma.php
https://www.profitabletrustednetwork.com/b1fsmdd9m?key=7e872dab9
https://accounts.google.com/TokenAuth
https://accounts.google.com/AddSessionS
http://www.fontbureau.com/designers
https://accounts.google.com/GetCheckConnectionInfoHwZ
https://support.google.com/chrome/?p=plugin_shockwave
https://accounts.google.com/chrome/blank.html
http://www.jrsoftware.org/ishelp/index.php?topic=setupcmdlineSetupU
https://accounts.google.com/embedded/xreauth/chromeGw-
https://support.google.com/chrome/?p=plugin_wmp
https://accounts.google.com/signin/chrome/sync?ssp=1
http://accounts.google.com/r
https://chrome.google.com/webstore0
https://accounts.google.com/embedded/setup/chrome/usermenum
https://daily-6.meet.sandbox.google.com
https://m.google.com/devicemanagement/data/api
https://support.google.com/chrome/answer/6258784Oy
https://www.hulu.com
https://daily-1.meet.sandbox.google.com
https://accounts.google.com/O4
https://autopush.meet.sandbox.google.comb
http://www.jrsoftware.org/ishelp/index.php?topic=setupcmdline
https://chrome.google.com/webstore
https://wewewe.s3.eu-central-1.amazonaws.com/WeUninstalled.exe
https://accounts.google.com/y
https://www.amazon.co.br
https://autopush.meet.sandbox.google.comM
https://connectini.net/Series/SuperNitouDisc.php

Dropped files

Name	File Type	Hashes
C:\Program Files (x86)\Windows Multimedia Platform\Windows Update.exe.config	XML 1.0 document, ASCII text, with CRLF line terminators	#
C:\Program Files\internet explorer\ROOKKLCFJB\irecord.exe.config	XML 1.0 document, ASCII text, with CRLF line terminators	#
C:\Program Files\internet explorer\ROOKKLCFJB\irecord.exe	PE32 executable (GUI) Intel 80386, for MS Windows	#
Click to see the 97 hidden entries
C:\Program Files (x86)\Windows Multimedia Platform\Windows Update.exe	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows	#
C:\Program Files (x86)\Windows Multimedia Platform\ZHunuhebaqu.exe.config	XML 1.0 document, ASCII text, with CRLF line terminators	#
C:\Program Files (x86)\Windows Multimedia Platform\ZHunuhebaqu.exe	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\Paths\CURRENT (copy)	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\Paths\000001.dbtmp	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\Paths\MANIFEST-000001	PGP\011Secret Key -	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\.usage	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old (copy)	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\71d92515-c24b-458c-b276-9b0491b8ca4b.tmp	UTF-8 Unicode text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\5d95fd30-ea03-4a19-9ab3-9eee3d6eae4b.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\59712dd3-f01d-4659-8be1-277572c9443a.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\2aa3f2e3-9ee1-47b1-a86e-883765e669f6.tmp	ASCII text, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\2a253b65-69ca-4624-843d-8ca1d46e60f6.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\2a1fa16e-d47a-4078-a976-02ffc7ee4cf4.tmp	ASCII text, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\24983b7e-0ca9-4ff7-9317-f4ca6c7a0134.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1fa9df1c-c008-45b0-ab90-e29fc4135cd2.tmp	UTF-8 Unicode text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1ee425c6-fed2-4742-a702-101af8a2f64b.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1bb1a9ce-0df5-40c3-b01b-22e51eaf0fef.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\15f2de4a-b30c-4e97-b9f0-7abadcab161f.tmp	UTF-8 Unicode text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\0fc95c24-a8c0-4351-879e-9c25d20d841a.tmp	ASCII text, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_myhypeposts.com_0.indexeddb.leveldb\000018.log	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_myhypeposts.com_0.indexeddb.leveldb\000006.log	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_myhypeposts.com_0.indexeddb.leveldb\000017.ldb	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_myhypeposts.com_0.indexeddb.leveldb\000016.ldb	PGP\011Secret Key -	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_myhypeposts.com_0.indexeddb.leveldb\000015.log	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_myhypeposts.com_0.indexeddb.leveldb\000014.ldb	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_myhypeposts.com_0.indexeddb.leveldb\000013.ldb	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_myhypeposts.com_0.indexeddb.leveldb\000012.log	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_myhypeposts.com_0.indexeddb.leveldb\000011.ldb	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_myhypeposts.com_0.indexeddb.leveldb\000010.ldb	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_myhypeposts.com_0.indexeddb.leveldb\000009.log	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_myhypeposts.com_0.indexeddb.leveldb\000008.ldb	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_myhypeposts.com_0.indexeddb.leveldb\000007.ldb	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\File System\001\t\.usage	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_myhypeposts.com_0.indexeddb.leveldb\000005.ldb	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_myhypeposts.com_0.indexeddb.leveldb\000004.log	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_myhypeposts.com_0.indexeddb.leveldb\000003.log	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_myhypeposts.com_0.indexeddb.leveldb\000001.dbtmp	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\MANIFEST-000001	PGP\011Secret Key -	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\CURRENT. (copy)	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\000001.dbtmp	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\File System\001\t\Paths\MANIFEST-000001	PGP\011Secret Key -	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\File System\001\t\Paths\CURRENT (copy)	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\File System\001\t\Paths\000001.dbtmp	ASCII text	#
C:\Program Files (x86)\i-record\is-685QJ.tmp	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows	#
C:\Program Files (x86)\i-record\postproc-52.dll (copy)	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows	#
C:\Program Files (x86)\i-record\is-V48G5.tmp	XML 1.0 document, ASCII text, with CRLF line terminators	#
C:\Program Files (x86)\i-record\is-T1381.tmp	PE32 executable (GUI) Intel 80386, for MS Windows	#
C:\Program Files (x86)\i-record\is-QLPAO.tmp	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows	#
C:\Program Files (x86)\i-record\is-PVRDV.tmp	PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows	#
C:\Program Files (x86)\i-record\is-O4BO6.tmp	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows	#
C:\Program Files (x86)\i-record\is-L76RD.tmp	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows	#
C:\Program Files (x86)\i-record\is-IGHFO.tmp	PE32 executable (DLL) (GUI) Intel 80386 Mono/.Net assembly, for MS Windows	#
C:\Program Files (x86)\i-record\is-ESLKL.tmp	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows	#
C:\Program Files (x86)\i-record\is-CUGLT.tmp	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows	#
C:\Program Files (x86)\i-record\is-9KFTG.tmp	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows	#
C:\Program Files (x86)\i-record\swresample-0.dll (copy)	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows	#
C:\Program Files (x86)\i-record\is-3FQP6.tmp	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows	#
C:\Program Files (x86)\i-record\is-2J58U.tmp	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows	#
C:\Program Files (x86)\i-record\i-record.exe.config (copy)	XML 1.0 document, ASCII text, with CRLF line terminators	#
C:\Program Files (x86)\i-record\avutil-51.dll (copy)	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows	#
C:\Program Files (x86)\i-record\avformat-53.dll (copy)	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows	#
C:\Program Files (x86)\i-record\avfilter-2.dll (copy)	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows	#
C:\Program Files (x86)\i-record\avdevice-53.dll (copy)	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows	#
C:\Program Files (x86)\i-record\avcodec-53.dll (copy)	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows	#
C:\Program Files (x86)\i-record\I-Record.exe (copy)	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows	#
C:\Program Files (x86)\i-record\AForge.Video.dll (copy)	PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows	#
C:\Program Files (x86)\i-record\AForge.Video.FFMPEG.dll (copy)	PE32 executable (DLL) (GUI) Intel 80386 Mono/.Net assembly, for MS Windows	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\2a352428-b82d-44cc-acf6-e210f45b0703.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\964f75b3-7187-4f98-8a54-465863dba7a9.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\8d340414-6271-4a96-bccf-462b615529df.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\8cabe9d0-39a8-490c-b8bd-16c3682641bc.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\78731a7f-df64-434a-8f83-15684fc0d669.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\5d2bd48d-f819-4744-9b96-ed502f000e0c.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\53441e9b-d872-4af6-8fc5-2604a1bfb5a4.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\509563ce-f6c0-4fec-b0ff-e8243dd21084.tmp	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\48f6465b-2f30-4fa7-b37a-72a5407f11c4.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\3b4ce552-267b-4573-8641-8d67ea85735e.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\384c10ff-4881-4fb3-9b0d-a0ef79881884.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\2fb646dc-2bb2-4b03-934e-fa9cabbee97f.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\9a56d51c-1ad0-46a0-83a1-a14e6fc34019.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\0ec449e8-5c88-408b-aa05-14f5959ea301.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\0cb48084-29fa-4a6f-9f40-114ac34fd18b.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\07769093-3e13-4e95-bb79-4c74058c9fd7.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\060318a3-b94a-41fc-a860-ee030a599821.tmp	data	#
C:\Users\Public\Desktop\i-record.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Archive, ctime=Sat Jan 15 00:59:28 2022, mtime=Sat Jan 15 00:59:28 2022, atime=Thu Jul 1 20:39:18 2021, length=893952, window=hide	#
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\i-record.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Archive, ctime=Sat Jan 15 00:59:28 2022, mtime=Sat Jan 15 00:59:28 2022, atime=Thu Jul 1 20:39:18 2021, length=893952, window=hide	#
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic	data	#
C:\Program Files (x86)\i-record\unins000.exe (copy)	PE32 executable (GUI) Intel 80386, for MS Windows	#
C:\Program Files (x86)\i-record\unins000.dat	data	#
C:\Program Files (x86)\i-record\swscale-2.dll (copy)	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows	#

1nJGU59JPU.exe

Comments

Tags

Available tags:

Details

Joe Sandbox

Third Party Analysis Engines

IPs

Domains

URLs

Dropped files

1nJGU59JPU.exe Options

Comments

Tags

Available tags:

Details

Joe Sandbox

Third Party Analysis Engines

IPs

Domains

URLs

Dropped files

Search started

1nJGU59JPU.exe