Register Login

sloganpng

top title background image

820023.xls

Status: finished

Submission Time: 2020-07-07 17:55:26 +02:00

Malicious

Exploiter

Evader

Hidden Macro 4.0

Comments

Tags

Details

Analysis ID:
243914
API (Web) ID:
383537
Analysis Started:

2020-07-07 17:59:09 +02:00
Analysis Finished:

2020-07-07 18:10:37 +02:00
MD5:
5ecb4d149a71b81c481095518a0cec6c
SHA1:
bf934617b1c61a2989e67e78a1bdbeb723df0ff1
SHA256:
dbd15343224dd3f95dc2163f3c27ec40717e4072c02cdaec86c6a77ca05bf601
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
	Full Report Management Report IOC Report	malicious Score: 88	System: unknown
	Full Report Management Report IOC Report	malicious Score: 84	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 Run Condition: Potential for more IOCs and behavior

Third Party Analysis Engines

Open Full Report

malicious

Score: 15/80

malicious

Domains

Name	IP	Detection
asdjgkfwsas.com	0.0.0.0

URLs

Name	Detection
http://asdjgkfwsas.com/plkdmc.exe

Dropped files

Name	File Type	Hashes	Detection
C:\Users\user\AppData\Local\Temp\B3630000	data	#
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\820023.LNK	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Tue Jan 28 13:45:42 2020, mtime=Tue Jul 7 15:00:48 2020, atime=Tue Jul 7 15:00:49 2020, length=850944, window=hide	#
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\Desktop.LNK	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Read-Only, Directory, ctime=Tue Jan 28 13:33:37 2020, mtime=Tue Jul 7 15:00:48 2020, atime=Tue Jul 7 15:00:48 2020, length=16384, window=hide	#
Click to see the 2 hidden entries
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\index.dat	ASCII text, with CRLF line terminators	#
C:\Users\user\Desktop\16630000	Applesoft BASIC program data, first line number 16	#