top title background image

bnerad4129F.xlsm

Status: finished

Submission Time: 2022-10-31 06:37:24 +01:00

Malicious

E-Banking Trojan

Exploiter

Evader

Ursnif Dropper

Comments

Tags

Details

Analysis ID:
734111
API (Web) ID:
1101450
Analysis Started:

2022-10-31 06:37:25 +01:00
Analysis Finished:

2022-10-31 06:42:39 +01:00
MD5:
1bb0098ce207236e5a4819560e41a954
SHA1:
5bb00ef5548bd03e1e45f9113497a22de0f95fc6
SHA256:
97450cdcaa220328f6daebf774b425277103dbfe08940b1d5da07f6e2d8dbc49
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
	Full Report Management Report IOC Report	malicious Score: 72	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

URLs

Name	Detection
https://ebs-prd.eos.lkqeurope.com:443/OA_HTML//BneUploaderService?bne:tickleSession=Truem:443/
http://www.oracle.com/bne
https://ebs-prd.eos.lkqeurope.com:443/OA_HTML//
Click to see the 8 hidden entries
https://ebs-prd.eos.lkqeurope.com:443/OA_HTML/BneComponentServiceos.lk
https://ebs-prd.eos.lkqeurope.com:443/OA_HTML/BneUploaderServiceeos.lk
https://ebs-prd.eos.lkqeurope.com:443/OA_HTML/
https://ebs-prd.eos.lkqeurope.com:443/OA_HTML/BneDownloadServiceeos.lk(
https://ebs-prd.eos.lkqeurope.com:443/OA_HTML/BneDownloadServiceeos.lk(FM51SOK4ODFJXCML07W7O8HY1PLOC
https://ebs-prd.eos.lkqeurope.
https://ebs-prd.eos.lkqeurope.com:443/OA
https://ebs-prd.eos.lkqeurope.com:443/OA_HTML/BneApplicationService

Dropped files

Name	File Type	Hashes	Detection
C:\Users\user\Desktop\~$bnerad4129F.xlsm	data	#
C:\Users\user\AppData\Local\Temp\VBE\MSForms.exd	data	#
C:\Users\user\AppData\Local\Temp\~DF31B384211B18428B.TMP	Composite Document File V2 Document, Cannot read section info	#
Click to see the 1 hidden entries
C:\Users\user\AppData\Local\Temp\~DFBAA5C34754937DDE.TMP	data	#