Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
bad2.exe

Overview

General Information

Sample name:bad2.exe
Analysis ID:1544567
MD5:d045cdcb9add8aa1589d4b7d7706fc90
SHA1:993c3cad484ce7d87ffaabf7f4972b7768e926e9
SHA256:f8db759e79c6d9873327aa34eec0431255d319ed15323bc67cebd9cfd781284f

Detection

Score:0
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

No high impact signatures.

Classification

Process Tree

  • System is w10x64_ra
  • cleanup

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: classification engineClassification label: clean0.winEXE@0/0@0/0
Source: bad2.exeStatic file information: File size 2478742 > 1048576

Mitre Att&ck Matrix

No Mitre Att&ck techniques found

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

No Antivirus matches

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

No Antivirus matches

Domains and IPs

Contacted Domains

No contacted domains info

World Map of Contacted IPs

No contacted IP infos

General Information

Joe Sandbox version:41.0.0 Charoite
Analysis ID:1544567
Start date and time:2024-10-29 15:28:12 +01:00
Joe Sandbox product:CloudBasic
Overall analysis duration:
Hypervisor based Inspection enabled:false
Report type:full
Cookbook file name:defaultwindowsinteractivecookbook.jbs
Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:8
Number of new started drivers analysed:0
Number of existing processes analysed:0
Number of existing drivers analysed:0
Number of injected processes analysed:0
Technologies:
  • EGA enabled
Analysis Mode:stream
Analysis stop reason:Timeout
Sample name:bad2.exe
Detection:CLEAN
Classification:clean0.winEXE@0/0@0/0
Cookbook Comments:
  • Found application associated with file extension: .exe

Warnings

  • Exclude process from analysis (whitelisted): dllhost.exe
  • Excluded domains from analysis (whitelisted): slscr.update.microsoft.com, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com
  • VT rate limit hit for: bad2.exe

Created / dropped Files

No created / dropped files found

Static File Info

General

File type:data
Entropy (8bit):7.999935948017468
TrID:
  • XBase DataBase (generic) (1002/2) 100.00%
File name:bad2.exe
File size:2'478'742 bytes
MD5:d045cdcb9add8aa1589d4b7d7706fc90
SHA1:993c3cad484ce7d87ffaabf7f4972b7768e926e9
SHA256:f8db759e79c6d9873327aa34eec0431255d319ed15323bc67cebd9cfd781284f
SHA512:b600da1819da42efa5bc128fd762f35c90be7fb47b41b7e9795ed35c5202f61a61cd72a40dfb2489902ca8ba317ebf60a5b4946274eaedd97a944bdc363816bc
SSDEEP:49152:Hcm8LG6tNXnmpJ5LFBsjkAPYnc1o3AUjD4cKiTvYNr7agonZegKGrJ7M:8Fq8m/5kjkmYnhJRMhonsW7M
TLSH:F3B533F9273EBCCDA318C7A67340A5B28167A56830E36FF2528147650BE7F5A051A0FD
File Content Preview:.........^\Yo..Y..%.........upd2836a.bktP.[j....D...S.5..|.l.<..Nu....7v.......;.....X.M...7!1.%Y..URE..E.ZZC.....`.!{wd.q;j.^S............m.....e..m...m...ox...0...%....I.......]... ........*G.b..4...P.....7w..81_y......$...P.......YI.a...I....I.....0...

File Icon

Icon Hash:00928e8e8686b000