Edit tour
Windows
Analysis Report
Caller Left (1) CALL_MSG-4bb9ec5a6600ee4f21fe8196ae247c30
Overview
General Information
| Sample name: | Caller Left (1) CALL_MSG-4bb9ec5a6600ee4f21fe8196ae247c30 |
| Analysis ID: | 1500774 |
| MD5: | 25ee36aaa6343fd83fe31b4c9e961aaf |
| SHA1: | 6fbb0db7da1b5b165589c111ad86a4d2c841c29e |
| SHA256: | 67f0767e57ae3ffb379c69ce33df3599dbaa90cdc04460e32e8fc9b45a852db6 |
 | |
Detection
| Score: | 0 |
| Range: | 0 - 100 |
| Whitelisted: | false |
| Confidence: | 100% |
Signatures
No high impact signatures.
Classification
- System is w10x64_ra
- cleanup
⊘No yara matches
⊘No Sigma rule has matched
⊘No Suricata rule has matched
Click to jump to signature section
Show All Signature Results
There are no malicious signatures, click here to show all signatures.
| Source: | Classification label: | ||
⊘No Mitre Att&ck techniques found
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
⊘No Antivirus matches
⊘No Antivirus matches
⊘No Antivirus matches
⊘No Antivirus matches
⊘No Antivirus matches
| Joe Sandbox version: | 40.0.0 Tourmaline |
| Analysis ID: | 1500774 |
| Start date and time: | 2024-08-28 22:19:45 +02:00 |
| Joe Sandbox product: | CloudBasic |
| Overall analysis duration: | |
| Hypervisor based Inspection enabled: | false |
| Report type: | full |
| Cookbook file name: | defaultwindowsinteractivecookbook.jbs |
| Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
| Number of analysed new started processes analysed: | 18 |
| Number of new started drivers analysed: | 0 |
| Number of existing processes analysed: | 0 |
| Number of existing drivers analysed: | 0 |
| Number of injected processes analysed: | 0 |
| Technologies: |
|
| Analysis Mode: | stream |
| Analysis stop reason: | Timeout |
| Sample name: | Caller Left (1) CALL_MSG-4bb9ec5a6600ee4f21fe8196ae247c30 |
| Detection: | CLEAN |
| Classification: | clean0.win@0/0@0/0 |
- Exclude process from analysis (whitelisted): dllhost.exe
- Excluded IPs from analysis (whitelisted): 20.73.194.208
- Excluded domains from analysis (whitelisted): fs.microsoft.com, ocsp.digicert.com, atm-settingsfe-prod-geo2.trafficmanager.net, slscr.update.microsoft.com, settings-prod-weu-2.westeurope.cloudapp.azure.com, ctldl.windowsupdate.com, settings-win.data.microsoft.com, fe3cr.delivery.mp.microsoft.com
- Not all processes where analyzed, report is missing behavior information
- VT rate limit hit for: Caller Left (1) CALL_MSG-4bb9ec5a6600ee4f21fe8196ae247c30
⊘No created / dropped files found
| File type: | |
| Entropy (8bit): | 6.0422609960254094 |
| TrID: | |
| File name: | Caller Left (1) CALL_MSG-4bb9ec5a6600ee4f21fe8196ae247c30 |
| File size: | 33'221 bytes |
| MD5: | 25ee36aaa6343fd83fe31b4c9e961aaf |
| SHA1: | 6fbb0db7da1b5b165589c111ad86a4d2c841c29e |
| SHA256: | 67f0767e57ae3ffb379c69ce33df3599dbaa90cdc04460e32e8fc9b45a852db6 |
| SHA512: | beaa5e74c2c737cf3e35da1db7b03243c594e18f347ebfbecd6f8b7afce3f83d9937b1e8d5ca542ef28df5c20cc8f763f77c9b71382158995f94775969b183e6 |
| SSDEEP: | 768:L9bXVU4abI1T3+CNvbg3mnaSbW5HMTfRumKJ7:L9bXVU4ab6bnaSbWhYfRumKJ7 |
| TLSH: | 36E2FA458FBA4470DA8236ED0D40BD076DB72CEAE4B370C17EBC55570D4B5D94B0BA4A |
| File Content Preview: | X-MS-Exchange-Organization-InternalOrgSender: False..ARC-Seal: i=2; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=pass;.. b=scJ/rDDTMVKEp++Tmw1v1kjoMXiHdrjKVIVjBP0NpBaHleZeSqHzonXonlbQ4j/LPeFR9weGSgDCcU6/2sF80i3pScKLJnmIAvZ/QNS71aTCmHeRZc67c9OwPmM |
 | |
| Icon Hash: | 74f0e4e4e4e4e0e4 |
Key Decision
Richest Path
Thread / callback creation
Lower opacity -> Library Node