Windows Analysis Report http://bbowles@boohoffpa.com

Overview

General Information

Sample URL:	http://bbowles@boohoffpa.com
Analysis ID:	438547
Infos:
Most interesting Screenshot:
Errors URL not reachable

Detection

Score:	0
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

URL contains potential PII (phishing indication)

Classification

Signatures

Phishing:

URL contains potential PII (phishing indication)

Source: http://bbowles@boohoffpa.com

Sample URL: PII: bbowles@boohoffpa.com

Source: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll

Jump to behavior

Source: classification engine

Classification label: unknown0.win@5/6@0/0

Source: C:\Program Files\internet explorer\iexplore.exe

File created: C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{2C1FA25A-D3C2-11EB-90E5-ECF4BB2D2496}.dat

Jump to behavior

Source: C:\Program Files\internet explorer\iexplore.exe

File created: C:\Users\user\AppData\Local\Temp\~DF74150F8D4F32A3FF.TMP

Jump to behavior

Source: C:\Program Files\internet explorer\iexplore.exe

File read: C:\Users\desktop.ini

Jump to behavior

Source: unknown	Process created: C:\Program Files\internet explorer\iexplore.exe 'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding
Source: C:\Program Files\internet explorer\iexplore.exe	Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:5908 CREDAT:17410 /prefetch:2
Source: C:\Program Files\internet explorer\iexplore.exe	Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:5908 CREDAT:17414 /prefetch:2
Source: C:\Program Files\internet explorer\iexplore.exe	Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:5908 CREDAT:17410 /prefetch:2	Jump to behavior
Source: C:\Program Files\internet explorer\iexplore.exe	Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:5908 CREDAT:17414 /prefetch:2	Jump to behavior

Source: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll

Jump to behavior

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No contacted IP infos

ID:	438547
Product:	CloudBasic
Start time:	18:26:37
Start date:	22.06.2021
Cookbook:	browseurl.jbs
System description:	Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
Architecture:	WINDOWS

Name	Type	MD5	SHA1	SHA256
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{2C1FA25A-D3C2-11EB-90E5-ECF4BB2D2496}.dat	Microsoft Word Document	8EB1079B51CD33DB3CF22AE56B75ABC8	4E4AA475E01EB5CD3D45833F37D85D2D0A5BBDD4	CF8D6AB5BF20EAF4600B307FD448FA1157BB8827FC789F9AFEF38E4A1C2A9DB3
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{2C1FA25C-D3C2-11EB-90E5-ECF4BB2D2496}.dat	Microsoft Word Document	6088E2D39BE843F4CE2992FDD8A133EE	4A83E797E5908D653C08C3D3A196BE15CDD17BEC	83C9F4DF6A47C301B3CB67A4F20104D2A869BA3728DF75822A17B1DEC8A9F5D6
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{2C1FA25E-D3C2-11EB-90E5-ECF4BB2D2496}.dat	Microsoft Word Document	6250646F1203F9A99913A823698D9671	2E0FD4C222EC99D7275F42FEB506C67C84B47EA0	5243F6AC09045536AC0DE25E0CA5C7DFF3ABFAC7B2EF928806FB9D5B5D095A56
C:\Users\user\AppData\Local\Temp\~DF00B808E4ADDA9C45.TMP	data	B468C87BB72DF8050A04F09F339D0F80	65351FC6353083B3CFB818B14E268CCA6571A772	99232E8CF2D25105E37CE6144873B39E615EFB6F4F1CD6EE1178A4F99908357C
C:\Users\user\AppData\Local\Temp\~DF3919968C317FF79C.TMP	data	B75377D181884FC9F379E2DF5C4679E2	4B712B3A8A1DF62B1B04161985A3E402FA8A3E02	7FA5B20FC010224B36AD36139C38E623E88D0936F99E8D84F9FBF19861DCCE6A
C:\Users\user\AppData\Local\Temp\~DF74150F8D4F32A3FF.TMP	data	7CA61D296775226EB6A2D7D9F91D7FA1	E34A653C45A291832F540FDDC8F2D97B03C1AA72	0B98324A77FEF4F9471FD0369738C509EC3677E3E9DEBFD43ED899DFBA7DB06C

Windows Analysis Report http://bbowles@boohoffpa.com

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing:

Compliance:

System Summary:

Screenshots

Behavior Graph

Network Map