Loading ...

Play interactive tourEdit tour

Analysis Report ZjmkLmandiant_ioc_finder.exe.sha

Overview

General Information

Joe Sandbox Version:28.0.0 Lapis Lazuli
Analysis ID:208467
Start date:14.02.2020
Start time:16:06:28
Joe Sandbox Product:CloudBasic
Overall analysis duration:0h 2m 9s
Hypervisor based Inspection enabled:false
Report type:full
Sample file name:ZjmkLmandiant_ioc_finder.exe.sha
Cookbook file name:default.jbs
Analysis system description:Windows 10 64 bit (version 1803) with Office 2016, Adobe Reader DC 19, Chrome 70, Firefox 63, Java 8.171, Flash 30.0.0.113
Number of analysed new started processes analysed:1
Number of new started drivers analysed:0
Number of existing processes analysed:0
Number of existing drivers analysed:0
Number of injected processes analysed:0
Technologies:
  • EGA enabled
  • HDC enabled
  • AMSI enabled
Analysis stop reason:Timeout
Detection:UNKNOWN
Classification:unknown0.winSHA@0/0@0/0
Cookbook Comments:
  • Adjust boot time
  • Enable AMSI
  • Unable to launch sample, stop analysis
Warnings:
Show All
  • Exclude process from analysis (whitelisted): dllhost.exe
Errors:
  • Nothing to analyse, Joe Sandbox has not found any analysis process or sample
  • Corrupt sample or wrongly selected analyzer. Details: 80040153

Detection

StrategyScoreRangeReportingWhitelistedDetection
Threshold00 - 100falseunknown

Confidence

StrategyScoreRangeFurther Analysis Required?Confidence
Threshold50 - 5false
ConfidenceConfidence


Classification

Mitre Att&ck Matrix

No Mitre Att&ck techniques found

Signature Overview

Click to jump to signature section


System Summary:

barindex
Classification labelShow sources
Source: classification engineClassification label: unknown0.winSHA@0/0@0/0

Malware Configuration

No configs have been found

Simulations

Behavior and APIs

No simulations

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
ZjmkLmandiant_ioc_finder.exe.sha0%VirustotalBrowse
ZjmkLmandiant_ioc_finder.exe.sha0%MetadefenderBrowse

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

No Antivirus matches

Yara Overview

Initial Sample

No yara matches

PCAP (Network Traffic)

No yara matches

Dropped Files

No yara matches

Memory Dumps

No yara matches

Unpacked PEs

No yara matches

Sigma Overview

No Sigma rule has matched

Joe Sandbox View / Context

IPs

No context

Domains

No context

ASN

No context

JA3 Fingerprints

No context

Dropped Files

No context

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

windows-stand

Created / dropped Files

No created / dropped files found

Domains and IPs

Contacted Domains

No contacted domains info

Contacted IPs

No contacted IP infos

Static File Info

General

File type:ASCII text
Entropy (8bit):4.48427462071106
TrID:
    File name:ZjmkLmandiant_ioc_finder.exe.sha
    File size:66
    MD5:4c7d27a6fe59c46196366ac5753244f8
    SHA1:9ae9ce267b1b03cb4d5fda232b68ee734643b61d
    SHA256:8a2ddd429421d45806609fb49ae27e5acecec2cf374c0deec897020a2b35abe6
    SHA512:e20f05cfe205bc47b7544bd8872084df21b7703ec51eb8c5ad2a6c6978c7a92756ba5c3cc1224744f45e79a01940114317a0fbfd961d02e8d081af2f66fc0414
    SSDEEP:3:NVTFRd3cYXqTBkFDgaAkdKn:vTFRd3tXSeDgaAUK
    File Content Preview:11826ac848f45e2f9cfd2706515cdd62a2f64b3c mandiant_ioc_finder.exe.

    File Icon

    Icon Hash:74f0e4e4e4e4e0e4

    Network Behavior

    No network behavior found

    Code Manipulations

    Statistics

    System Behavior

    Disassembly

    Reset < >