flash

bnerad4129F.xlsm

Status: finished
Submission Time: 2022-10-31 06:37:24 +01:00
Malicious
E-Banking Trojan
Exploiter
Evader
Ursnif Dropper

Comments

Tags

Details

  • Analysis ID:
    734111
  • API (Web) ID:
    1101450
  • Analysis Started:
    2022-10-31 06:37:25 +01:00
  • Analysis Finished:
    2022-10-31 06:42:39 +01:00
  • MD5:
    1bb0098ce207236e5a4819560e41a954
  • SHA1:
    5bb00ef5548bd03e1e45f9113497a22de0f95fc6
  • SHA256:
    97450cdcaa220328f6daebf774b425277103dbfe08940b1d5da07f6e2d8dbc49
  • Technologies:
Full Report Management Report IOC Report Engine Info Verdict Score Reports

System: Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 104, IE 11, Adobe Reader DC 19, Java 8 Update 211

malicious
72/100

URLs

Name Detection
https://ebs-prd.eos.lkqeurope.com:443/OA_HTML//BneUploaderService?bne:tickleSession=Truem:443/
http://www.oracle.com/bne
https://ebs-prd.eos.lkqeurope.com:443/OA_HTML//
Click to see the 8 hidden entries
https://ebs-prd.eos.lkqeurope.com:443/OA_HTML/BneComponentServiceos.lk
https://ebs-prd.eos.lkqeurope.com:443/OA_HTML/BneUploaderServiceeos.lk
https://ebs-prd.eos.lkqeurope.com:443/OA_HTML/
https://ebs-prd.eos.lkqeurope.com:443/OA_HTML/BneDownloadServiceeos.lk(
https://ebs-prd.eos.lkqeurope.com:443/OA_HTML/BneDownloadServiceeos.lk(FM51SOK4ODFJXCML07W7O8HY1PLOC
https://ebs-prd.eos.lkqeurope.
https://ebs-prd.eos.lkqeurope.com:443/OA
https://ebs-prd.eos.lkqeurope.com:443/OA_HTML/BneApplicationService

Dropped files

Name File Type Hashes Detection
C:\Users\user\Desktop\~$bnerad4129F.xlsm
data
#
C:\Users\user\AppData\Local\Temp\VBE\MSForms.exd
data
#
C:\Users\user\AppData\Local\Temp\~DF31B384211B18428B.TMP
Composite Document File V2 Document, Cannot read section info
#
Click to see the 1 hidden entries
C:\Users\user\AppData\Local\Temp\~DFBAA5C34754937DDE.TMP
data
#