Joe Sandbox Cloud Basic

Want to search on specific fields?


Try our:

Advanced Search

Want to search in depth on all Cloud Basic reports?

Try: Joe Sandbox View

Register Login
sloganpng
top title background image
flash

graphic.vbs

Status: finished
Submission Time: 2022-06-23 23:13:09 +02:00
Malicious
Trojan
Evader
CryptOne

Comments

Tags

  • vbs

Details

  • Analysis ID:
    651434
  • API (Web) ID:
    1018938
  • Analysis Started:
    2022-06-23 23:13:10 +02:00
  • Analysis Finished:
    2022-06-23 23:26:23 +02:00
  • MD5:
    d2945c4124e2f89c05a723f7c1ad416d
  • SHA1:
    414faaa0bf15450bc7f84c31024fa8fed26eb156
  • SHA256:
    ac1cad78a2be2e78a05a51cf4d1b5eac2a6b302a40c3f6157496e00b4dcb81cd
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
malicious
Full Report Management Report IOC Report
malicious
Score: 76
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

IPs

IP Country Detection
104.244.73.88
 United States

Domains

Name IP Detection
idontgetitpodcast.com
 104.244.73.88

URLs

Name Detection
https://idontgetitpodcast.com/
https://idontgetitpodcast.com/contacting/responsible.dae
http://www.borland.com/namespaces/Types-
Click to see the 6 hidden entries
http://www.borland.com/namespaces/Types
http://www.borland.com/namespaces/Typesh
http://schemas.xmlsoap.org/soap/encoding/Nhttp://www.borland.com/namespaces/Types
https://idontgetitpodcast.com/contacting/responsible.daem
http://schemas.xmlsoap.org/soap/encoding/
http://www.borland.com/namespaces/TypesR

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Temp\A09278-2768-DE0743-A6FB64083C2\LogicoolTouchPad.exe
 PE32 executable (GUI) Intel 80386, for MS Windows
 #
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_LogicoolTouchPad_947d9cf2526790edff1959af95e3e22df417fa27_e28e5cbf_19bbec0b\Report.wer
 data
 #
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_LogicoolTouchPad_947d9cf2526790edff1959af95e3e22df417fa27_e28e5cbf_19d14f63\Report.wer
 data
 #
Click to see the 4 hidden entries
C:\ProgramData\Microsoft\Windows\WER\Temp\WER3246.tmp.dmp
 Mini DuMP crash report, 14 streams, Thu Jun 23 21:16:44 2022, 0x1205a4 type
 #
C:\ProgramData\Microsoft\Windows\WER\Temp\WER4BBB.tmp.WERInternalMetadata.xml
 XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators
 #
C:\ProgramData\Microsoft\Windows\WER\Temp\WERB58A.tmp.dmp
 Mini DuMP crash report, 14 streams, Thu Jun 23 21:15:06 2022, 0x1205a4 type
 #
C:\ProgramData\Microsoft\Windows\WER\Temp\WERC598.tmp.WERInternalMetadata.xml
 XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators
 #