Joe Sandbox Cloud Basic

Want to search on specific fields?


Try our:

Advanced Search

Want to search in depth on all Cloud Basic reports?

Try: Joe Sandbox View

Register Login
Deep Malware Analysis
top title background image
flash

Request For Quotation.js

Status: finished
Submission Time: 2024-10-15 16:12:23 +02:00
Malicious
Trojan
Evader
STRRAT

Comments

Tags

  • js

Details

  • Analysis ID:
    1534158
  • API (Web) ID:
    1534158
  • Analysis Started:
    2024-10-15 16:46:51 +02:00
  • Analysis Finished:
    2024-10-15 16:59:35 +02:00
  • MD5:
    fcb0bce3701f97644ea1340f9c9cc1bb
  • SHA1:
    c8d0d47d359c5517367a5498a07683953f7f2d24
  • SHA256:
    a7c286cfc63ae4954730d6b1ff98773f00e89ae36164469ea4ca0aa1abac471c
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
Full Report Management Report IOC Report
malicious
Score: 96
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Full Report Management Report IOC Report
malicious
Score: 92
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Run Condition: Without Instrumentation

Third Party Analysis Engines

malicious
Score: 7/38

IPs

IP Country Detection
199.232.192.209
 United States
140.82.121.3
 United States
140.82.121.4
 United States

Domains

Name IP Detection
github.com
 140.82.121.4
dualstack.sonatype.map.fastly.net
 199.232.192.209
repo1.maven.org
 0.0.0.0

URLs

Name Detection
http://wshsoft.company/jv/jrex.zip
http://cps.chambersign.org/cps/chambersroot.html
http://www.quovadisglobal.com/cps
Click to see the 31 hidden entries
http://crl.securetrust.com/STCA.crl
https://repo1.maven.org
https://repository.luxtrust.lu
http://www.quovadisglobal.com/cps0
http://crl.xrampsecurity.com/XGCA.crl0
http://www.quovadis.bm
http://www.quovadis.bm0
https://ocsp.quovadisoffshore.com0
http://www.allatori.com
http://crl.chambersign.org/chambersroot.crl
http://repository.swisssign.com/
http://www.chambersign.org
https://github.com/kristian/system-hook/releases/download/3.5/system-hook-3.5.jar
http://policy.camerfirma.com0
http://www.chambersign.org1
https://repo1.maven.org/maven2/net/java/dev/jna/jna-platform/5.5.0/jna-platform-5.5.0.jar
http://crl.chambersign.org/chambersroot.crl0
https://github.com
https://repository.luxtrust.lu0
http://bugreport.sun.com/bugreport/
http://cps.chambersign.org/cps/chambersroot.html0
http://java.oracle.com/
http://null.oracle.com/
http://crl.xrampsecurity.com/XGCA.crl
http://repository.swisssign.com/0
https://repo1.maven.org/maven2/net/java/dev/jna/jna/5.5.0/jna-5.5.0.jar
http://policy.camerfirma.com
http://wshsoft.company/jv/jrex.zipleB
https://ocsp.quovadisoffshore.com
https://repo1.maven.org/maven2/org/xerial/sqlite-jdbc/3.14.2.1/sqlite-jdbc-3.14.2.1.jar
http://crl.securetrust.com/STCA.crl0

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Roaming\sxayqmlj.txt
 Zip archive data, at least v2.0 to extract, compression method=deflate
 #