top title background image

EmergencyContact.xlsm

Status: finished

Submission Time: 2020-03-27 18:26:19 +01:00

Malicious

Trojan

Exploiter

Evader

Comments

Tags

Details

Analysis ID:
218575
API (Web) ID:
334054
Analysis Started:

2020-03-27 18:28:17 +01:00
Analysis Finished:

2020-03-27 18:36:10 +01:00
MD5:
54515bed8a73f41aad6b75d7fd4fec5f
SHA1:
c5b151edcd96c966fd8cd7c9c6a500186485fd7b
SHA256:
f4ac9d3d03ba1b812ab00a141b054d8e5e719fcbd55f2955353ec402c08534aa
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
	Full Report Management Report IOC Report	malicious Score: 100	System: unknown

IPs

IP	Country	Detection
119.28.234.224	China
170.106.11.8	Singapore

Domains

Name	IP	Detection
march262020.com	119.28.234.224
march262020.club	170.106.11.8
march262020.live	162.255.119.36
Click to see the 3 hidden entries
parkingpage.namecheap.com	198.54.117.216
march262020.best	0.0.0.0
www.march262020.live	0.0.0.0

URLs

Name	Detection
http://march262020.site/post.php
http://www.march262020.live/post.phpAS
http://march262020.club/post.php
Click to see the 13 hidden entries
http://march262020.live/post.phpcs
http://march262020.store/post.php
http://www.march262020.live/post.php
http://www.march262020.live/post.phph
http://march262020.club/files/app.bin
http://www.march262020.live/post.php-
http://march262020.live/post.php
http://march262020.com/post.php
http://march262020.best/post.php
http://march262020.network/post.php
http://march262020.tech/post.php
http://march262020.online/post.php
http://march262020.live/post.phpU

Dropped files

Name	File Type	Hashes	Detection
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2KEOF6EJ\app[1].bin	empty	#
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\8C257964.jpeg	empty	#
C:\Users\user\AppData\Roaming\Imed\tufi.exe	empty	#
Click to see the 2 hidden entries
C:\Users\user\Desktop\~$EmergencyContact.xlsm	empty	#
C:\cYNhYPc\mVVJuWs\FTBSEIi.exe	empty	#