522da9e54f489a96202e525386cc8434 File Analysis Results

Metadata

File name:	2018_11Informationen_betreffend_Transaktion.doc
File type:	Composite Document File V2 Document, Little Endian ...
File size:	129536
Analysis date:	2021-11-25 11:40:52
MD5:	522da9e54f489a96202e525386cc8434
SHA1:	21168788e0d33f428206a02db0b6bb5edf39c21f
SHA256:	893bf230a92d22efc2df75456984be38f60554d2d703a7dd35b5b7c19ab22d2a
SHA512:	N/A
SSDEEP:	N/A
IMPHASH:	N/A
Authentihash:	N/A
Related resources

APTNotes
Cyber threat intelligence reports associated with 522da9e54f489a96202e525386cc8434.

Domains
Domains the malware sample communicates with.

Domain	IP
clanift.cba.pl	N/A
eddietravel.marigoldcatba.com	N/A
school3.webhawksittesting.com	N/A
www.wmdcustoms.com	N/A
www.yogananda-palermo.org	N/A

Hosts
Hosts the malware sample communicates with.

95.211.144.68

217.64.195.223

148.66.137.40

HTTP Requests
HTTP requests the malware sample makes.

Host	URL	User-Agent
95.211.144.68 (clanift.cba.pl)	/f
N/A
N/A
N/A
217.64.195.223 (www.yogananda-palermo.org)	/Ra7
N/A
N/A
N/A
148.66.137.40 (www.wmdcustoms.com)	/R
N/A
N/A
N/A
148.66.137.40 (www.wmdcustoms.com)	/cgi-sys/suspendedpage.cgi
N/A
N/A
N/A

AV Detections
AV detection names associated with the malware sample.

Mutants
Mutants created by the malware sample.

Registry keys
Registry keys created by the malware sample.

Comments
User comments about 522da9e54f489a96202e525386cc8434.

NOTICE: We have updated our privacy terms and conditions in accordance to GDPR. By using our site, you acknowledge that you have read and understand our Privacy Policy. Your use of ThreatMiner’s Products and Services is subject to these policies and terms.

Contextual information

File: 522da9e54f489a96202e525386cc8434