Joe Sandbox Cloud Basic

Want to search on specific fields?


Try our:

Advanced Search

Want to search in depth on all Cloud Basic reports?

Try: Joe Sandbox View

Register Login
Deep Malware Analysis
top title background image
flash

temp_script.bat

Status: finished
Submission Time: 2024-08-06 18:11:05 +02:00
Malicious
Trojan
Spyware
Evader
PureLog Stealer

Comments

Tags

  • bat
  • funcaptcha-ru

Details

  • Analysis ID:
    1488895
  • API (Web) ID:
    1488895
  • Analysis Started:
    2024-08-06 18:11:06 +02:00
  • Analysis Finished:
    2024-08-06 18:18:07 +02:00
  • MD5:
    7972cb9d1ef5a286c735bb8da928fbda
  • SHA1:
    98e294e14777cc9e5a3c7166b35b2feba3b3f140
  • SHA256:
    649dd265b8599866e827d12135b10b2b415d221ca4db58e1cf8c602c6afa2466
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
malicious
Full Report Management Report IOC Report
malicious
Score: 100
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

malicious
Score: 25/38
malicious
malicious

IPs

IP Country Detection
188.114.96.3
 European Union
45.11.229.96
 Germany

Domains

Name IP Detection
funcaptcha.ru
 188.114.96.3
strompreis.ru
 45.11.229.96

URLs

Name Detection
https://funcaptcha.ru/hvnc.exe
https://contoso.com/License
https://github.com/testdemo345/DemoThing/raw/main/msedgedriver.exe
Click to see the 15 hidden entries
https://github.com/testdemo345/DemoThing/raw/main/chromedriver.exe
https://github.com/Pester/Pester
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
https://aka.ms/pscore68
https://oneget.orgX
https://contoso.com/Icon
https://github.com/testdemo345/DemoThing/raw/main/WebDriver.dll
http://nuget.org/NuGet.exe
https://nuget.org/nuget.exe
https://contoso.com/
https://stackoverflow.com/q/11564914/23354;
https://stackoverflow.com/q/2152978/23354rCannot
http://www.apache.org/licenses/LICENSE-2.0.html
http://pesterbdd.com/images/Pester.png
https://stackoverflow.com/q/14436606/23354

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Temp\RuntimeBroker.exe
 PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
 #
C:\Users\user\AppData\Roaming\RuntimeBroker.exe
 PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
 #