Joe Sandbox Cloud Basic

Want to search on specific fields?


Try our:

Advanced Search

Want to search in depth on all Cloud Basic reports?

Try: Joe Sandbox View

Register Login
sloganpng
top title background image
flash

powerzeus_1.0.2.0.dll

Status: finished
Submission Time: 2020-07-19 20:17:46 +02:00
Malicious

Comments

Tags

  • powerzeus

Details

  • Analysis ID:
    247113
  • API (Web) ID:
    389880
  • Analysis Started:
    2020-07-19 21:27:41 +02:00
  • Analysis Finished:
    2020-07-19 21:33:34 +02:00
  • MD5:
    58bebe685a0b35149cf7f1daf059f3fa
  • SHA1:
    50b8e32336e850b7e0b0a70734270db29ea168bc
  • SHA256:
    442b1971e92aefeb93774a13cd2ca15f7f8e9dad99303f1c832bd62f10e30ed2
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
malicious
Full Report Management Report IOC Report
malicious
Score: 60
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

Open Full Report
malicious
Score: 59/72
Open Full Report
malicious
Score: 23/39
malicious
Score: 22/25
malicious

IPs

IP Country Detection
1.0.2.0
 China

Dropped files

Name File Type Hashes Detection
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_rundll32.exe_fabd1ad9f09a33c195e3aa93b1dfc347b66eb5d_82810a17_14a91888\Report.wer
 Little-endian UTF-16 Unicode text, with CRLF line terminators
 #
C:\ProgramData\Microsoft\Windows\WER\Temp\WER34A.tmp.dmp
 Mini DuMP crash report, 14 streams, Mon Jul 20 04:29:09 2020, 0x1205a4 type
 #
C:\ProgramData\Microsoft\Windows\WER\Temp\WERA50.tmp.WERInternalMetadata.xml
 XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators
 #
Click to see the 1 hidden entries
C:\ProgramData\Microsoft\Windows\WER\Temp\WERC84.tmp.xml
 XML 1.0 document, ASCII text, with CRLF line terminators
 #