Register Login

sloganpng

top title background image

file.exe

Status: finished

Submission Time: 2023-06-06 17:14:10 +02:00

Malicious

Trojan

Evader

BlackGuard

Comments

Tags

Details

Analysis ID:
882706
API (Web) ID:
1249685
Analysis Started:

2023-06-06 17:17:12 +02:00
Analysis Finished:

2023-06-06 17:24:49 +02:00
MD5:
06c4b26e4b35eefdd3ba47c2a6316f0a
SHA1:
d3af04c23a9b80252445f713a1071f2cf72e6092
SHA256:
663f49a7b12d9ef01a0c3c98892d7c9a204cae1afc7bf134da02510b61195bb5
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
		malicious
	Full Report Management Report IOC Report	malicious Score: 88	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

Open Full Report

malicious

Score: 31/70

malicious

Score: 12/37

malicious

URLs

Name	Detection
http://upx.sf.net

Dropped files

Name	File Type	Hashes	Detection
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_file.exe_2db7612a235b1823c476f2f7c37c3d2280d4ef70_4149fb10_1ad28681\Report.wer	Unicode text, UTF-16, little-endian text, with CRLF line terminators	#
C:\ProgramData\Microsoft\Windows\WER\Temp\WER68D7.tmp.dmp	Mini DuMP crash report, 15 streams, Wed Jun 7 00:18:22 2023, 0x1205a4 type	#
C:\ProgramData\Microsoft\Windows\WER\Temp\WER73C5.tmp.WERInternalMetadata.xml	XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators	#
Click to see the 2 hidden entries
C:\ProgramData\Microsoft\Windows\WER\Temp\WER7462.tmp.xml	XML 1.0 document, ASCII text, with CRLF line terminators	#
C:\Windows\appcompat\Programs\Amcache.hve	MS Windows registry file, NT/2000 or above	#