Register Login

sloganpng

top title background image

DHL Delivery Documents.exe

Status: finished

Submission Time: 2022-01-28 14:00:34 +01:00

Malicious

Trojan

Evader

FormBook

Comments

Tags

Details

Analysis ID:
562120
API (Web) ID:
929642
Analysis Started:

2022-01-28 14:02:32 +01:00
Analysis Finished:

2022-01-28 14:13:18 +01:00
MD5:
5bc8492c9f262d1f9840635b87edf9c5
SHA1:
da867a8b837e43c91414ff46d239ab95b799d04b
SHA256:
7a4424af54555e5a81f6fa4e2b2c42c6d19c71bbcc261cd1be14af245c3b711c
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
		malicious
	Full Report Management Report IOC Report	malicious Score: 100	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

Open Full Report

malicious

Score: 20/65

malicious

IPs

IP	Country	Detection
144.76.136.153	Germany

Domains

Name	IP	Detection
transfer.sh	144.76.136.153

URLs

Name	Detection
www.trabaho-academy.net/zqzw/
https://transfer.sh
http://www.microsoft.c
Click to see the 7 hidden entries
https://transfer.sh/get/KkxDr1/bbbbbbbbbbb.txt9BNCXGAS.Properties.ResourcesL
http://crl.microf
http://crl.micros.
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
https://transfer.sh/get/KkxDr1/bbbbbbbbbbb.txtx
https://transfer.sh/get/mVKia7/BINCC.txt
https://transfer.sh/get/KkxDr1/bbbbbbbbbbb.txt

Dropped files

Name	File Type	Hashes	Detection
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\DHL Delivery Documents.exe.log	ASCII text, with CRLF line terminators	#