Joe Sandbox Cloud Basic

Want to search on specific fields?


Try our:

Advanced Search

Want to search in depth on all Cloud Basic reports?

Try: Joe Sandbox View

Register Login
sloganpng
top title background image
flash

https://raw.githubusercontent.com/nerrorsec/SBT-SOC/main/MSWorker.exe

Status: finished
Submission Time: 2021-11-07 03:03:42 +01:00
Malicious

Comments

Tags

Details

  • Analysis ID:
    517120
  • API (Web) ID:
    884667
  • Analysis Started:
    2021-11-07 03:03:43 +01:00
  • Analysis Finished:
    2021-11-07 03:09:58 +01:00
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
Full Report Management Report IOC Report
malicious
Score: 48
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Full Report Management Report IOC Report
clean
0/100

Third Party Analysis Engines

Open Full Report
malicious
Score: 8/34
malicious
Score: 17/28

IPs

IP Country Detection
142.250.181.238
 United States
142.250.181.225
 United States
239.255.255.250
 Reserved
Click to see the 2 hidden entries
172.217.18.109
 United States
185.199.110.133
 Netherlands

Domains

Name IP Detection
accounts.google.com
 172.217.18.109
raw.githubusercontent.com
 185.199.110.133
clients.l.google.com
 142.250.181.238
Click to see the 3 hidden entries
googlehosted.l.googleusercontent.com
 142.250.181.225
clients2.googleusercontent.com
 0.0.0.0
clients2.google.com
 0.0.0.0

URLs

Name Detection
https://play.google.com/log?format=json&hasfast=true
https://ogs.google.com
https://support.google.com/chromecast/troubleshooter/2995236
Click to see the 53 hidden entries
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
https://payments.google.com/payments/v4/js/integrator.js
https://www.google.com;
https://chromium.googlesource.com/a/native_client/pnacl-llvm.git
https://hangouts.google.com/
https://www.google.com/images/x2.gif
http://llvm.org/):
https://www.google.com/images/dot2.gif
https://meetings.clients6.google.com
https://www.google.com/intl/en-US/chrome/blank.html
https://code.google.com/p/nativeclient/issues/entry%s:
http://tools.ietf.org/html/rfc1950
https://code.google.com/p/nativeclient/issues/entry
https://support.google.com/chromecast/answer/2998456
https://clients2.googleusercontent.com
https://csp.withgoogle.com/csp/report-to/IdentityListAccountsHttp/external
https://raw.githubusercontent.com/nerrorsec/SBT-SOC/main/MSWorker.exe
https://docs.google.com
https://www.google.com/
https://feedback.googleusercontent.com
https://chromium.googlesource.com/a/native_client/pnacl-clang.git
https://clients2.google.com/service/update2/crx
https://clients6.google.com
https://accounts.google.com
https://www.google.com/images/cleardot.gif
https://play.google.com
https://crash.corp.google.com/samples?reportid=&q=
https://www.google.com/log?format=json&hasfast=true
https://sandbox.google.com/payments/v4/js/integrator.js
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions-01
https://accounts.google.com/MergeSession
https://preprod-hangouts-googleapis.sandbox.google.com
https://clients2.googleusercontent.com/crx/blobs/Acy1k0bLIjHsvnKaKN_oRpVaYYvFs25d7GKYF1WXrT6yizCMksBO0c_ggE0B6tx6HPRHe6q1GOEe3_NcIbSiGG8kXeLMUY0sAKVvC6R89zvKM13s5VqoAMZSmuUgjQL5vlygJuArQghXXE_qTL7NlQ/extension_8520_615_0_5.crx
https://www.google.com
https://hangouts.clients6.google.com
https://meet.google.com
https://hangouts.google.com/hangouts/_/logpref
https://apis.google.com/js/client.js
https://clients2.google.com/cr/report
http://angularjs.org
https://creativecommons.org/publicdomain/zero/1.0/.
https://github.com/angular/material
https://apis.google.com
https://www.google.com/accounts/OAuthLogin?issueuberauth=1
https://github.com/madler/zlib/blob/master/zlib.h
https://www-googleapis-staging.sandbox.google.com
https://clients2.google.com
https://www.google.com/tools/feedback
http://www.apache.org/licenses/LICENSE-2.0
https://dns.google
https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p

Dropped files

No malicious files found. See full and IOC report for all dropped files.