Register Login

sloganpng

top title background image

pdfdocs.dot

Status: finished

Submission Time: 2020-07-03 08:28:14 +02:00

Malicious

Trojan

Exploiter

Evader

Comments

Tags

Details

Analysis ID:
243145
API (Web) ID:
381995
Analysis Started:

2020-07-03 08:28:31 +02:00
Analysis Finished:

2020-07-03 08:40:37 +02:00
MD5:
0e46607580a1a6cf0ab2aa3233e8d3e6
SHA1:
e23bbc0f5f79dbac2baaea8b1e271e28ac6fc05b
SHA256:
7e152e6cca0c29ee9d7b33dee095ace23324a6ba3ceea2aef76e9592de5ef6de
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
	Full Report Management Report IOC Report	malicious Score: 80	System: unknown
	Full Report Management Report IOC Report	malicious Score: 80	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 Run Condition: Potential for more IOCs and behavior
	Full Report Management Report IOC Report	malicious Score: 76	System: unknown Run Condition: Without Instrumentation

URLs

Name	Detection
http://go.micro
http://cs-g2-crl.thawte.com/ThawteCSG2.crl0
http://ocsp.thawte.com0

Dropped files

Name	File Type	Hashes	Detection
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{761F6684-4D0C-4100-ACA0-300DC414D9F9}.tmp	data	#
C:\Users\user\AppData\Local\Temp\VBE\MSForms.exd	data	#
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\index.dat	ASCII text, with CRLF line terminators	#
Click to see the 3 hidden entries
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\pdfdocs.LNK	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Tue Jan 28 13:45:44 2020, mtime=Tue Jan 28 13:45:44 2020, atime=Fri Jul 3 05:29:08 2020, length=645120, window=hide	#
C:\Users\user\AppData\Roaming\Microsoft\Templates\~$Normal.dotm	data	#
C:\Users\user\Desktop\~$dfdocs.dot	data	#