Joe Sandbox Cloud Basic

Want to search on specific fields?


Try our:

Advanced Search

Want to search in depth on all Cloud Basic reports?

Try: Joe Sandbox View

Register Login
sloganpng
top title background image
flash

test2.dll

Status: finished
Submission Time: 2023-03-16 20:43:34 +01:00
Malicious
Trojan
Ursnif

Comments

Tags

Details

  • Analysis ID:
    828211
  • API (Web) ID:
    1195310
  • Original Filename:
    test2.bin
  • Analysis Started:
    2023-03-16 20:44:28 +01:00
  • Analysis Finished:
    2023-03-16 21:00:05 +01:00
  • MD5:
    69a88f93c1ec9c8ecc66b7d19fb4a9aa
  • SHA1:
    74dca80be03ab4dcc6bac81e794b6a02b56c4574
  • SHA256:
    c825d867fb0bf1ba55b89f4bb1c6db13020792ceb175e84fac5f72cfa161726f
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
malicious
Full Report Management Report IOC Report
malicious
Score: 68
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Full Report Management Report IOC Report
malicious
Score: 68
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Run Condition: Run with higher sleep bypass

Third Party Analysis Engines

Open Full Report
malicious
Score: 27/69
malicious

URLs

Name Detection
http://upx.sf.net

Dropped files

Name File Type Hashes Detection
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_7bde5861e98b2ac3cc37e329f3101f62f0fff922_82810a17_10651bfd\Report.wer
 Unicode text, UTF-16, little-endian text, with CRLF line terminators
 #
C:\ProgramData\Microsoft\Windows\WER\Temp\WERF153.tmp.dmp
 Mini DuMP crash report, 14 streams, Thu Mar 16 19:45:30 2023, 0x1205a4 type
 #
C:\ProgramData\Microsoft\Windows\WER\Temp\WERF2AC.tmp.WERInternalMetadata.xml
 XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
 #
Click to see the 3 hidden entries
C:\ProgramData\Microsoft\Windows\WER\Temp\WERF31A.tmp.xml
 XML 1.0 document, ASCII text, with CRLF line terminators
 #
C:\Windows\appcompat\Programs\Amcache.hve
 MS Windows registry file, NT/2000 or above
 #
C:\Windows\appcompat\Programs\Amcache.hve.LOG1
 MS Windows registry file, NT/2000 or above
 #