Register Login

sloganpng

test2.dll

Status: finished

Submission Time: 2023-03-16 20:43:34 +01:00

Malicious

Trojan

Ursnif

Comments

Tags

Details

Analysis ID:
828211
API (Web) ID:
1195310
Original Filename:
test2.bin
Analysis Started:

2023-03-16 20:44:28 +01:00
Analysis Finished:

2023-03-16 21:00:05 +01:00
MD5:
69a88f93c1ec9c8ecc66b7d19fb4a9aa
SHA1:
74dca80be03ab4dcc6bac81e794b6a02b56c4574
SHA256:
c825d867fb0bf1ba55b89f4bb1c6db13020792ceb175e84fac5f72cfa161726f
Technologies:

Engines
IOCs

Full Report	Management Report	IOC Report	Engine	Info	Verdict	Score	Reports

				System: Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 104, IE 11, Adobe Reader DC 19, Java 8 Update 211		68/100
				System: Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 104, IE 11, Adobe Reader DC 19, Java 8 Update 211 Run Condition: Run with higher sleep bypass		68/100
						27/69

URLs

Name	Detection
http://upx.sf.net

Dropped files

Name	File Type	Hashes	Detection
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_7bde5861e98b2ac3cc37e329f3101f62f0fff922_82810a17_10651bfd\Report.wer	Unicode text, UTF-16, little-endian text, with CRLF line terminators	#
C:\ProgramData\Microsoft\Windows\WER\Temp\WERF153.tmp.dmp	Mini DuMP crash report, 14 streams, Thu Mar 16 19:45:30 2023, 0x1205a4 type	#
C:\ProgramData\Microsoft\Windows\WER\Temp\WERF2AC.tmp.WERInternalMetadata.xml	XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators	#
Click to see the 3 hidden entries
C:\ProgramData\Microsoft\Windows\WER\Temp\WERF31A.tmp.xml	XML 1.0 document, ASCII text, with CRLF line terminators	#
C:\Windows\appcompat\Programs\Amcache.hve	MS Windows registry file, NT/2000 or above	#
C:\Windows\appcompat\Programs\Amcache.hve.LOG1	MS Windows registry file, NT/2000 or above	#