Analyzed on January 19th 2016 07:38:07 (CEST)
Guest System: Windows 7 32 bit, Home Premium, 6.1 (build 7601), Service Pack 1
Report generated by Falcon Sandbox v3.20 © Hybrid Analysis
Attention: this analysis ran with the legacy Usermode Monitor. It is highly recommended to use the Kernelmode Monitor.
Not all malicious and suspicious indicators are displayed. Get your own cloud service or the full version to view all details.
Loading content, please wait...
Tip: Click an analysed process below to view more details.
Analysed 7 processes in total (System Resource Monitor).
| Domain | Address | Registrar | Country |
|---|---|---|---|
| www.cnbhgy.com | 123.1.157.76 | - | Hong Kong |
| IP Address | Port/Protocol | Associated Process | Details |
|---|---|---|---|
| 123.1.157.76 OSINT |
80 TCP |
- |
Hong Kong
ASN: 17444 (AS number for New World Telephone Ltd.) |
| 216.59.16.175 OSINT |
4143 TCP |
- |
United States
ASN: 15085 (Immedion, LLC) |
| Endpoint | Request | URL | |
|---|---|---|---|
| 123.1.157.76:80 (www.cnbhgy.com) | GET | /786585d/08g7g6r56r.exe | GET /786585d/08g7g6r56r.exe HTTP/1.1 Accept: */* Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Host: www.cnbhgy.com Connection: Keep-Alive |