Windows
Analysis Report
17280510201784775850d23bd558ec024e3250b5315ffa4fe93a8080528c0d0b1d2256a805656.dat-decoded.exe
Overview
General Information
Sample name: | 17280510201784775850d23bd558ec024e3250b5315ffa4fe93a8080528c0d0b1d2256a805656.dat-decoded.exe |
Analysis ID: | 1525922 |
MD5: | 90d879a8942148ec889045a1d45a1652 |
SHA1: | 81ed6a4c530c1f9b1b0fbdaa9d38d7b18da28a97 |
SHA256: | 2c83051e7db512a79affd3a6571738c5f7aeddfa59a43f57252862f8fa4171d1 |
Tags: | base64-decodedexeuser-abuse_ch |
Errors
|
Detection
Score: | 0 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 80% |
Signatures
Classification
Click to jump to signature section
There are no malicious signatures, click here to show all signatures.
Source: | Classification label: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | Path Interception | Path Interception | Direct Volume Access | OS Credential Dumping | 1 System Information Discovery | Remote Services | Data from Local System | Data Obfuscation | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | ReversingLabs |
Joe Sandbox version: | 41.0.0 Charoite |
Analysis ID: | 1525922 |
Start date and time: | 2024-10-04 16:37:19 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 1m 47s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | default.jbs |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 1 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Sample name: | 17280510201784775850d23bd558ec024e3250b5315ffa4fe93a8080528c0d0b1d2256a805656.dat-decoded.exe |
Detection: | UNKNOWN |
Classification: | unknown0.winEXE@0/0@0/0 |
Cookbook Comments: |
|
- No process behavior to analyse as no analysis process or sample was found
- Corrupt sample or wrongly selected analyzer. Details: The image file %1 is valid, but is for a machine type other than the current machine.
- Exclude process from analysis (whitelisted): dllhost.exe
- VT rate limit hit for: 17280510201784775850d23bd558ec024e3250b5315ffa4fe93a8080528c0d0b1d2256a805656.dat-decoded.exe
File type: | |
Entropy (8bit): | 6.94625914600276 |
TrID: |
|
File name: | 17280510201784775850d23bd558ec024e3250b5315ffa4fe93a8080528c0d0b1d2256a805656.dat-decoded.exe |
File size: | 271'030 bytes |
MD5: | 90d879a8942148ec889045a1d45a1652 |
SHA1: | 81ed6a4c530c1f9b1b0fbdaa9d38d7b18da28a97 |
SHA256: | 2c83051e7db512a79affd3a6571738c5f7aeddfa59a43f57252862f8fa4171d1 |
SHA512: | 3a223be6084ba2dc8039b5f65d192fe5b28ffcc28115bb1abc6ffafe61fdbd932de8bdec0db6d23385e733d00dac2bf75fd1dc2da1446ad5737ef8b1831a3837 |
SSDEEP: | 6144:82AmY38ZLe04vQVMIETPZtel2sZhByJY6fC7wSROBoz:TvY2LeHvyTWMhZhBEhC7BRp |
TLSH: | C6446D02B147E282E8DF5FB6A32B5BF24B73353174140C8BDB0E6D3639B94913265A5B |
File Content Preview: | MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...0.N....?...?...0.N....?..U ...0.N...>#...?...0.N....?...V...0.N...Rich.?..........................PE..L......f............ |
Icon Hash: | 90cececece8e8eb0 |