Joe Sandbox Cloud Basic

Want to search on specific fields?


Try our:

Advanced Search

Want to search in depth on all Cloud Basic reports?

Try: Joe Sandbox View

Register Login
Deep Malware Analysis
top title background image
CSRF protection violation occurred, your changes were not processed!
flash

http://download.winzip.com/tools/winzip/releases/242f4cc2-7a84-474e-b7b5-58b72fdd356f_2.9.0.24/or/0/SmartAlertsSetup.exe

Status: finished
Submission Time: 2023-04-14 23:11:06 +02:00
Malicious
Ransomware
Evader

Comments

Tags

Details

  • Analysis ID:
    847100
  • API (Web) ID:
    1214172
  • Analysis Started:
    2023-04-14 23:11:06 +02:00
  • Analysis Finished:
    2023-04-14 23:22:56 +02:00
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
Full Report Management Report IOC Report
malicious
Score: 56
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

IPs

IP Country Detection
142.250.184.110
 United States
142.250.184.68
 United States
142.251.209.13
 United States
Click to see the 2 hidden entries
239.255.255.250
 Reserved
34.202.156.239
 United States

Domains

Name IP Detection
accounts.google.com
 142.251.209.13
updaterv.winzip.com
 34.202.156.239
www.google.com
 142.250.184.68
Click to see the 4 hidden entries
clients.l.google.com
 142.250.184.110
fp2e7a.wpc.phicdn.net
 192.229.221.95
download.winzip.com
 0.0.0.0
clients2.google.com
 0.0.0.0

URLs

Name Detection
https://updaterv.winzip.com/api/updateE
https://api.winzip.com/pulse/updatei
https://updaterv.winzip.com/api/updateeK
Click to see the 44 hidden entries
https://api.winzip.com/pulse/update%
https://api.winzip.com/pulse/updatee
https://api.winzip.com/pulse/updatehttps://api.winzip.com/pulse/settingsD:
http://download.winzip.com/tools/winzip/releases/3f2bc018-3731-4fea-ab4b-809e12d48fab_2.12.3.2/or/0/
https://rink.hockeyapp.net/api/2/HARDWARE
https://api.winzip.com/pulse/settings)
https://api.winzip.com/pulse/updatehttps://api.winzip.com/pulse/settingsCLSIDAppIDSMDBValForceRemove
https://updaterv.winzip.com/api/updateWZSNUpdates
https://www.digicert.coA
http://crl3.digi
https://updaterv.winzip.com/api/updateF.DMTF
http://crl4.dig
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=104.0.5112.81&lang=en-GB&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
http://crl3.digice
https://api.winzip.com/pulse/settingsM
http://cacerts.digic
https://updaterv.winzip.com/api/updateW
https://rink.hockeyapp.net/api/2/IcK
https://api.winzip.com/registry-exclusions/
https://updaterv.winzip.com/api/updateWZSNUpdates%s
https://api.winzip.com/registry-exclusions/WinZip
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
https://api.winzip.com/pulse/settings64
http://crl4.digicertX
http://cacerts.digice
https://rink.hockeyapp.net/api/2/
http://ocsp.sb
http://ocsp.y3M
http://crl3.digicert
https://api.winzip.com/pulse/settingsetsQ
https://updaterv.winzip.com/api/update
https://api.winzip.com/pulse/updateInfonB
https://api.winzip.com/pulse/updateV
https://drtools.reviversoft.com/service/refreshdriverboost
https://api.winzip.com/pulse/settings
https://api.winzip.com/pulse/update1
https://updaterv.winzip.com/
https://api.winzip.com/pulse/settingsnfoj
https://api.winzip.com/pulse/update
http://crl4.digicert.
https://api.winzip.com/pulse/updateInfon9
http://nsis.sf.net/NSIS_ErrorError
https://api.winzip.com/pulse/updatehttps://api.winzip.com/pulse/settingsF
https://updaterv.winzip.com/B

Dropped files

Name File Type Hashes Detection
C:\Program Files\WinZip Smart Monitor\WinZip Smart Monitor Service.exe
 PE32+ executable (GUI) x86-64, for MS Windows
 #