AppSetupSilent.exe

Status: finished

Submission Time: 2020-04-15 16:23:24 +02:00

Suspicious

Evader

Comments

Details

Analysis ID:
222742
API (Web) ID:
342152
Analysis Started:

2020-04-15 16:23:31 +02:00
Analysis Finished:

2020-04-15 16:44:12 +02:00
MD5:
8f19746d42b4d3ee3df4b2d79869cbb9
SHA1:
25a8977104c9f2ce6ae6960f3c43a4aedcdba0b3
SHA256:
1910a2508690d8724ff73776d4eef6bde0193af648873bcb902b6e5ac94e4192
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
	Full Report Management Report IOC Report	suspicious Score: 29	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
	Full Report Management Report IOC Report	suspicious Score: 22	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 Run Condition: Cmdline fuzzy

URLs

Name	Detection
http://crl.sectigo.com/SectigoRSATimeStampingCA.crl0t
http://www.saba.comURLInfoAboutDisplayVersionDisplayIcon
http://ocsp.sectigo.com0
Click to see the 12 hidden entries
http://www.disoriented.com/p
http://www.symauth.com/rpa00
https://raw.githubusercontent.com/google/double-conversion/master/LICENSE
http://crt.sectigo.com/SectigoRSATimeStampingCA.crt0#
https://sectigo.com/CPS0C
https://sectigo.com/CPS0D
http://crl.sectigo.com/SectigoRSACodeSigningCA.crl0s
http://crt.sectigo.com/SectigoRSACodeSigningCA.crt0#
http://www.disoriented.com/
http://www.symauth.com/cps0(
http://ocsp.sectigo.com0$
http://www.saba.com

Dropped files

Name	File Type	Hashes
C:\Users\user\AppData\Roaming\Centra\App\bin\AppLauncher.exe	PE32+ executable (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\api-ms-win-crt-process-l1-1-0.dll	PE32+ executable (DLL) (console) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\glass.dll	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
Click to see the 97 hidden entries
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\fxplugins.dll	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\freetype.dll	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\fontmanager.dll	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\dt_socket.dll	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\decora_sse.dll	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\awt.dll	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\api-ms-win-crt-utility-l1-1-0.dll	PE32+ executable (DLL) (console) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\api-ms-win-crt-time-l1-1-0.dll	PE32+ executable (DLL) (console) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\api-ms-win-crt-string-l1-1-0.dll	PE32+ executable (DLL) (console) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\api-ms-win-crt-stdio-l1-1-0.dll	PE32+ executable (DLL) (console) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\api-ms-win-crt-runtime-l1-1-0.dll	PE32+ executable (DLL) (console) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\gstreamer-lite.dll	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\api-ms-win-crt-private-l1-1-0.dll	PE32+ executable (DLL) (console) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\api-ms-win-crt-multibyte-l1-1-0.dll	PE32+ executable (DLL) (console) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\api-ms-win-crt-math-l1-1-0.dll	PE32+ executable (DLL) (console) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\api-ms-win-crt-locale-l1-1-0.dll	PE32+ executable (DLL) (console) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\api-ms-win-crt-heap-l1-1-0.dll	PE32+ executable (DLL) (console) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\api-ms-win-crt-filesystem-l1-1-0.dll	PE32+ executable (DLL) (console) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\api-ms-win-crt-environment-l1-1-0.dll	PE32+ executable (DLL) (console) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\api-ms-win-crt-convert-l1-1-0.dll	PE32+ executable (DLL) (console) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\api-ms-win-crt-conio-l1-1-0.dll	PE32+ executable (DLL) (console) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\api-ms-win-core-util-l1-1-0.dll	PE32+ executable (DLL) (console) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\api-ms-win-core-timezone-l1-1-0.dll	PE32+ executable (DLL) (console) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\jawt.dll	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\lcms.dll	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\ktab.exe	PE32+ executable (console) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\klist.exe	PE32+ executable (console) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\kinit.exe	PE32+ executable (console) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\keytool.exe	PE32+ executable (console) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\jsound.dll	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\jrunscript.exe	PE32+ executable (console) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\jli.dll	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\jimage.dll	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\jfxwebkit.dll	PE32+ executable (DLL) (console) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\jfxmedia.dll	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\jdwp.dll	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\glib-lite.dll	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\javaw.exe	PE32+ executable (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\javajpeg.dll	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\javafx_iio.dll	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\javafx_font.dll	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\java.exe	PE32+ executable (console) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\java.dll	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\jabswitch.exe	PE32+ executable (console) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\jaas.dll	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\j2gss.dll	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\instrument.dll	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\api-ms-win-core-sysinfo-l1-1-0.dll	PE32+ executable (DLL) (console) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\bin\VoiceEngineLibrary64.dll	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\bin\systemhook-windows-amd64.dll	PE32+ executable (DLL) (console) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\bin\proxy_util_ia64.dll	PE32+ executable (DLL) (GUI) Intel Itanium, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\bin\proxy_util_amd64.dll	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\bin\package.properties.new	ASCII text, with CRLF line terminators	#
C:\Users\user\AppData\Roaming\Centra\App\bin\openh264-1.8.0-win64.dll	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\bin\npSabaMeetingPlugin4.dll	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\bin\msvcp140.dll	PE32+ executable (DLL) (console) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\bin\mjpeg64\mc_enc_mjpg.dll	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\bin\mjpeg64\mc_dec_mjpg.dll	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\bin\jfxpatch.jar	Java archive data (JAR)	#
C:\Users\user\AppData\Roaming\Centra\App\bin\com.saba.sabameeting.firefox.connector.json	ASCII text	#
C:\Users\user\AppData\Roaming\Centra\App\bin\com.saba.sabameeting.chrome.connector.json	ASCII text	#
C:\Users\user\AppData\Roaming\Centra\App\bin\systemhook-windows-x86.dll	PE32 executable (DLL) (console) Intel 80386, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\bin\Video_OpenH264_64.dll	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\bin\Video_MJPEG64.dll	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\bin\SmChromeExt.exe	PE32 executable (console) Intel 80386, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\bin\Roboto-Regular-webfont.ttf	TrueType Font data, 19 tables, 1st "FFTM", 28 names, Macintosh	#
C:\Users\user\AppData\Roaming\Centra\App\bin\Roboto-Medium-webfont.ttf	TrueType Font data, 19 tables, 1st "FFTM", 32 names, Macintosh	#
C:\Users\user\AppData\Roaming\Centra\App\bin\Roboto-Italic-webfont.ttf	TrueType Font data, 19 tables, 1st "FFTM", 28 names, Macintosh	#
C:\Users\user\AppData\Roaming\Centra\App\bin\PlatformUtils64.dll	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\bin\PPTExporter64.dll	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\bin\BC_Apphost_NativeLib-win64.dll	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\AppSetup.7z	7-zip archive data, version 0.3	#
C:\Users\user\AppData\Roaming\Centra\App\7zDecoder.exe	PE32 executable (console) Intel 80386, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\api-ms-win-core-libraryloader-l1-1-0.dll	PE32+ executable (DLL) (console) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\api-ms-win-core-synch-l1-2-0.dll	PE32+ executable (DLL) (console) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\api-ms-win-core-synch-l1-1-0.dll	PE32+ executable (DLL) (console) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\api-ms-win-core-string-l1-1-0.dll	PE32+ executable (DLL) (console) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\api-ms-win-core-rtlsupport-l1-1-0.dll	PE32+ executable (DLL) (console) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\api-ms-win-core-profile-l1-1-0.dll	PE32+ executable (DLL) (console) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\api-ms-win-core-processthreads-l1-1-1.dll	PE32+ executable (DLL) (console) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\api-ms-win-core-processthreads-l1-1-0.dll	PE32+ executable (DLL) (console) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\api-ms-win-core-processenvironment-l1-1-0.dll	PE32+ executable (DLL) (console) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\api-ms-win-core-namedpipe-l1-1-0.dll	PE32+ executable (DLL) (console) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\api-ms-win-core-memory-l1-1-0.dll	PE32+ executable (DLL) (console) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\api-ms-win-core-localization-l1-2-0.dll	PE32+ executable (DLL) (console) x86-64, for MS Windows	#
C:\Users\user\AppData\Local\Temp\FE6973.tmp	ASCII text	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\api-ms-win-core-interlocked-l1-1-0.dll	PE32+ executable (DLL) (console) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\api-ms-win-core-heap-l1-1-0.dll	PE32+ executable (DLL) (console) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\api-ms-win-core-handle-l1-1-0.dll	PE32+ executable (DLL) (console) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\api-ms-win-core-file-l2-1-0.dll	PE32+ executable (DLL) (console) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\api-ms-win-core-file-l1-2-0.dll	PE32+ executable (DLL) (console) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\api-ms-win-core-file-l1-1-0.dll	PE32+ executable (DLL) (console) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\api-ms-win-core-errorhandling-l1-1-0.dll	PE32+ executable (DLL) (console) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\api-ms-win-core-debug-l1-1-0.dll	PE32+ executable (DLL) (console) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\api-ms-win-core-datetime-l1-1-0.dll	PE32+ executable (DLL) (console) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\jre\bin\api-ms-win-core-console-l1-1-0.dll	PE32+ executable (DLL) (console) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Centra\App\bin\vcruntime140.dll	PE32+ executable (DLL) (console) x86-64, for MS Windows	#

AppSetupSilent.exe

Comments

Tags

Available tags:

Details

Joe Sandbox

URLs

Dropped files

AppSetupSilent.exe Options

Comments

Tags

Available tags:

Details

Joe Sandbox

URLs

Dropped files

Search started

AppSetupSilent.exe