Joe Sandbox Cloud Basic

Want to search on specific fields?


Try our:

Advanced Search

Want to search in depth on all Cloud Basic reports?

Try: Joe Sandbox View

Register Login
Deep Malware Analysis
top title background image
flash

z29Screenshot2022090613471456d96fbb0fj_docx.com.exe

Status: finished
Submission Time: 2024-02-22 14:04:05 +01:00
Malicious
Phishing
Trojan
Spyware
Exploiter
Evader
AveMaria, DBatLoader, UACMe

Comments

Tags

  • com
  • exe

Details

  • Analysis ID:
    1396947
  • API (Web) ID:
    1396947
  • Analysis Started:
    2024-02-22 14:04:06 +01:00
  • Analysis Finished:
    2024-02-22 14:14:39 +01:00
  • MD5:
    cdd45a122734f4f14ae8c4741cd79eab
  • SHA1:
    97c84316d2a17e3deae6c134076f873d60cd8ce4
  • SHA256:
    ca5fa091df6519461da15755e36a4d4ed795581388db81b9f834d20700eeaaeb
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
malicious
Full Report Management Report IOC Report
malicious
Score: 100
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

Open Full Report
malicious
Score: 37/61
malicious
Score: 25/38

IPs

IP Country Detection
64.176.178.205
 United States
13.107.137.11
 United States

Domains

Name IP Detection
zakriexports.com
 64.176.178.205
dual-spov-0006.spov-msedge.net
 13.107.137.11
onedrive.live.com
 0.0.0.0
Click to see the 1 hidden entries
9r5dma.sn.files.1drv.com
 0.0.0.0

URLs

Name Detection
https://onedrive.live.com/
https://9r5dma.sn.files.1drv.com:443/y4mOd3CYsrz1k-C0LeN_xb4oeIDGk90qj4wGK2lzFN9Wx8rLEiw59tNDQNL_bfM
http://ocsp.sectigo.com0C
Click to see the 23 hidden entries
http://www.pmail.com
https://github.com/syohex/java-simple-mine-sweeperC:
https://9r5dma.sn.files.1drv.com/y4metDCtYN_zPeCqKQa0gNzVM1XA_p5HxXeMEOW8Xx8n8-Ew-SIy9pHXqpK7USmHUmS
https://live.com/$
https://live.com/
https://onedrive.live.com/E
https://live.com/9
https://9r5dma.sn.files.1drv.com/yY
https://onedrive.live.com/download?resid=31BDC6BCA3597F9E%21345&authkey=!AE1-sfrjHk6wP1E
https://9r5dma.sn.files.1drv.com:443/y4metDCtYN_zPeCqKQa0gNzVM1XA_p5HxXeMEOW8Xx8n8-Ew-SIy9pHXqpK7USm
http://crl.sectigo.com/SectigoPublicCodeSigningCAEVR36.crl0
https://github.com/syohex/java-simple-mine-sweeper
https://9r5dma.sn.files.1drv.com/
https://9r5dma.sn.files.1drv.com:443/y4mMCIO2gbTn9lpYz8H-IoUQQchhmYo7hHQo18XZm9w0LnKfTpKHzUdBjUlMPfh
http://crt.sectigo.com/SectigoPublicCodeSigningRootR46.p7c0#
https://9r5dma.sn.files.1drv.com/y4ml2ZWYzBD-9O0phHNC5htiJRmsQbH34SnWkQ84q90Yi_SUBzcyj42Tv6jByZ_J-MQ
http://crt.sectigo.com/SectigoPublicCodeSigningCAEVR36.crt0#
http://ocsp.sectigo.com0
http://crl.sectigo.com/SectigoPublicCodeSigningRootR46.crl0
https://sectigo.com/CPS0
https://9r5dma.sn.files.1drv.com/y4mMCIO2gbTn9lpYz8H-IoUQQchhmYo7hHQo18XZm9w0LnKfTpKHzUdBjUlMPfh4aAA
https://onedrive.live.com/download?resid=31BDC6BCA3597F9E%21345&authkey=
https://9r5dma.sn.files.1drv.com/y4mOd3CYsrz1k-C0LeN_xb4oeIDGk90qj4wGK2lzFN9Wx8rLEiw59tNDQNL_bfM2cEo

Dropped files

Name File Type Hashes Detection
C:\Users\Public\Bpcgybqx.url
 MS Windows 95 Internet shortcut text (URL=<file:"C:\\Users\\Public\\Libraries\\Bpcgybqx.PIF">), ASCII text, with CRLF line terminators
 #
C:\Users\Public\Libraries\Bpcgybqx.PIF
 PE32 executable (GUI) Intel 80386, for MS Windows
 #
C:\Users\Public\Libraries\easinvoker.exe
 PE32+ executable (GUI) x86-64, for MS Windows
 #
Click to see the 3 hidden entries
C:\Users\Public\Libraries\netutils.dll
 PE32+ executable (DLL) (console) x86-64, for MS Windows
 #
C:\Users\Public\Libraries\truesight.sys
 PE32+ executable (native) x86-64, for MS Windows
 #
C:\Users\Public\Libraries\xqbygcpB.pif
 PE32 executable (GUI) Intel 80386, for MS Windows
 #