33.0.0 White Diamond
IR
498828
CloudBasic
15:14:09
07/10/2021
50.dll
default.jbs
Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
WINDOWS
03a4adf216161aceabaf8b9cbde58308
5b37a2bdc58279f1f1e31038fff1f859eec76cf6
e0e9821e1c172ee90b6ea27d96a0e9053269fb48bcbe7ec4fb42e048da9f4e8a
Win32 Dynamic Link Library (generic) (1002004/3) 99.60%
true
false
false
false
100
0
100
5
0
5
false
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{391FBB81-27BC-11EC-90E9-ECF4BB862DED}.dat
false
9209EAE3279AC2632916580688128590
901CC40A9F371BA45651EF85872EBBACFB20AFC3
12BBBDF5F2B1BC161F903CFE8EE991C037F3E162053DCD0225127A6DB15D724D
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{531DF9CA-27BC-11EC-90E9-ECF4BB862DED}.dat
false
152CAA28B65E3A45B85101AE5126DC5D
294F05F91972C1B70894BE60A591AFBFF4903038
D542F8D642B5E28208759CC5CCA3CD784EC922A056CFE093881CDBD2ED366898
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{57B5605C-27BC-11EC-90E9-ECF4BB862DED}.dat
false
9F9833212C5E9817F794703F10445DEF
26F8E909E6680294702D19E1BAFFFA065E7B1FB2
7356A72ECD8003BCACFBB6932A60F2094B87B4EA1A4DA6489F09CEDC45B80DC4
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{60EB543E-27BC-11EC-90E9-ECF4BB862DED}.dat
false
72ECE26DBB9A78B7E7B10E6A7EB18E12
4200701E0E0A8B97EB84275D2F3179A6A71889DA
0C005DC1275F8B3743AB25E3F01FE3073DE2DEDF9D4C25320CC1B525B5EE00C3
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{654BE4A9-27BC-11EC-90E9-ECF4BB862DED}.dat
false
A2DA837EF8E44D6066F39FC2C5AB8344
A2163278AE2B2DDCFCDD3407F8C3D2245D14272D
2CB6FAD41B545B9DEE032D3EE9E55A05522529FC56B133E92F88A6866BD53487
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{391FBB83-27BC-11EC-90E9-ECF4BB862DED}.dat
false
C0F79B2CFBB0EF0E29C18856F7AF8A5E
2FFAA171EA1F12D3F51B4E5BF859371A355317AA
094721AB6B007155A44DE1A5858ACD3262868CCC4514AD563D26303D6AD61A08
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{531DF9CC-27BC-11EC-90E9-ECF4BB862DED}.dat
false
52BA7C2A651F7BE462F5658189C9D057
79024D0C933882D0E7A36B87C8EE4BDA14EAD041
07A30F5B29F2FED1F44D84F99FDB7D03BC00B877CA25290D9FB9BC16F667D935
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{57B5605E-27BC-11EC-90E9-ECF4BB862DED}.dat
false
B5DEB904336437E2DEBDDBC23C6055FF
6B48F712B640701E43E03F922F9D8DFC85DE63A8
96051E804562B509D1BF8F7B5FA6C03EDAF7F248AAD674C9323057E2B779CE5E
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{60EB5440-27BC-11EC-90E9-ECF4BB862DED}.dat
false
A6C76D6C29F8165E5A1FFDB71D60871C
9CAD9FC162A428A1A9A6D9760079492A5A385540
38ADFB366FD3E4FA4E805236EE100687873D74D3779716623C725C4015B2E399
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{654BE4AB-27BC-11EC-90E9-ECF4BB862DED}.dat
false
02CD78794142B261DFC91EA448CCBF31
543870E71426C5AAF61836B584812A96B9E6A446
29D605E80CEEE45B9531561FD1910753D35A9B9238FD2BE55A41AB0DC85C3B12
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-17529550060\msapplication.xml
false
2B16AADA42D1B1D5A38A03CFF0AC0DA7
46A5FB0C844FE8DC7B3189ECCDF7091BC9550DBE
170D75FDE23833A80C9BE56DD29A61A22FA7C68563E8A3D5F816D09580ACB2E7
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-18270793970\msapplication.xml
false
F61301BB91342CC794746636BB5771D2
A59399DD7FFC48C9F636B202C53758F1C5956FF3
85B84EC1AE06E8333B53F5B9C74A525C0980CDD4BC1AB3EBDAA46F6FBEEDC6D7
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-21706820\msapplication.xml
false
A9536414C0EC35670D89764EF1AC7B7C
EE58FB2E9E2A1755578E27938BDF2D9CEF4161F8
5C6C57F02BEF2FE1C748E86D168D43F43F3969F92EDB9D74545A480AEFD4AAC4
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-4759708130\msapplication.xml
false
2AD0C9D4415C7FFF68B643E23220411F
76863C2FCAB19A75D0A19B1C4551C180BCDD377A
F220F1DFC7E20643FED56720271FE6EE251F8671B3A71B60173436B08BA008C5
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-6757900\msapplication.xml
false
15230B4213E11682E3FC025BE12A7100
68AB26F9E75F0340B158696F0FFE31A5462425CC
7C9A3A595A2A9C537C52ADC0739EB4407D775479578A7BDA9439C7064725EB46
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-8760897390\msapplication.xml
false
F0AB12241C4580B19982A410A9A04A04
73ED57DA5C0701DFA71BF6D484A898F0AB41FC4B
09C0B7AF4F6829D3F74ADFA0CBC2A938D0A0302C4CF0606252CD642EEBA0EFB5
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20259167780\msapplication.xml
false
3C555F3DD99378421AE73BDD90AF9A5A
7AAC028E56FAF91971828036EDD350FCDE42E418
61AAA0C2A330052756F58C2841B372FA9E7A92ED8C894BC04EDC729D2C08527B
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20332743330\msapplication.xml
false
125E062B512CDE919E9736470AF2B0EE
2B3DFB992B0DF64691C3FAEFBCDF12B9FDAFE49C
E59B9F4CA80C0EEA35586C0C593C04188618B97A96080374800B1A8FDCBBA4C8
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin8215062560\msapplication.xml
false
53F94EFBA358D9AB4FC69DD095D0EEF8
E2347A13E23FB9EF3574D612BC7E205482C657F7
79C76FA69C53DC7E4E418C9064BC945EAF85B610248A0456A2DBB865205A31C2
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\NewErrorPageTemplate[1]
false
DFEABDE84792228093A5A270352395B6
E41258C9576721025926326F76063C2305586F76
77B138AB5D0A90FF04648C26ADDD5E414CC178165E3B54A4CB3739DA0F58E075
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\dnserror[1]
false
2DC61EB461DA1436F5D22BCE51425660
E1B79BCAB0F073868079D807FAEC669596DC46C1
ACDEB4966289B6CE46ECC879531F85E9C6F94B718AAB521D38E2E00F7F7F7993
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\errorPageStrings[1]
false
D65EC06F21C379C87040B83CC1ABAC6B
208D0A0BB775661758394BE7E4AFB18357E46C8B
A1270E90CEA31B46432EC44731BF4400D22B38EB2855326BF934FE8F1B169A4F
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\httpErrorPagesScripts[1]
false
9234071287E637F85D721463C488704C
CCA09B1E0FBA38BA29D3972ED8DCECEFDEF8C152
65CC039890C7CEB927CE40F6F199D74E49B8058C3F8A6E22E8F916AD90EA8649
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\dnserror[1]
false
2DC61EB461DA1436F5D22BCE51425660
E1B79BCAB0F073868079D807FAEC669596DC46C1
ACDEB4966289B6CE46ECC879531F85E9C6F94B718AAB521D38E2E00F7F7F7993
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\down[1]
false
C4F558C4C8B56858F15C09037CD6625A
EE497CC061D6A7A59BB66DEFEA65F9A8145BA240
39E7DE847C9F731EAA72338AD9053217B957859DE27B50B6474EC42971530781
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\NewErrorPageTemplate[1]
false
DFEABDE84792228093A5A270352395B6
E41258C9576721025926326F76063C2305586F76
77B138AB5D0A90FF04648C26ADDD5E414CC178165E3B54A4CB3739DA0F58E075
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\dnserror[1]
false
2DC61EB461DA1436F5D22BCE51425660
E1B79BCAB0F073868079D807FAEC669596DC46C1
ACDEB4966289B6CE46ECC879531F85E9C6F94B718AAB521D38E2E00F7F7F7993
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\down[1]
false
C4F558C4C8B56858F15C09037CD6625A
EE497CC061D6A7A59BB66DEFEA65F9A8145BA240
39E7DE847C9F731EAA72338AD9053217B957859DE27B50B6474EC42971530781
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\errorPageStrings[1]
false
D65EC06F21C379C87040B83CC1ABAC6B
208D0A0BB775661758394BE7E4AFB18357E46C8B
A1270E90CEA31B46432EC44731BF4400D22B38EB2855326BF934FE8F1B169A4F
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\httpErrorPagesScripts[1]
false
9234071287E637F85D721463C488704C
CCA09B1E0FBA38BA29D3972ED8DCECEFDEF8C152
65CC039890C7CEB927CE40F6F199D74E49B8058C3F8A6E22E8F916AD90EA8649
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\down[1]
false
C4F558C4C8B56858F15C09037CD6625A
EE497CC061D6A7A59BB66DEFEA65F9A8145BA240
39E7DE847C9F731EAA72338AD9053217B957859DE27B50B6474EC42971530781
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\httpErrorPagesScripts[1]
false
9234071287E637F85D721463C488704C
CCA09B1E0FBA38BA29D3972ED8DCECEFDEF8C152
65CC039890C7CEB927CE40F6F199D74E49B8058C3F8A6E22E8F916AD90EA8649
C:\Users\user\AppData\Local\Temp\JavaDeployReg.log
false
3873E593E1934969F5926C13BFEE66F9
3B82F081F2FBEDFC8B86988B4DA73505E76268A9
235FC7D5B4516318DD3F5EB58BA6DA1BF2E99430B422D02DE391CF681D223D8C
C:\Users\user\AppData\Local\Temp\~DF0FD44A9046836784.TMP
false
4424ED0732D7B13F792CA43D85C5537E
52BEC0FAAF21A348BE6EF0A7A1950CC02AE0F761
F031C482728659DF537260765815F088CE7262656AF8A1274D08B5BA5F161EEC
C:\Users\user\AppData\Local\Temp\~DF1FC87509FACB1AE5.TMP
false
105FC8363C4F2B383C9D87AE12D3B6F7
3946A1DC57A770DE2BFD3A0F5C46B952CBBED388
0A6ECFE1EFF015E01B8387814C892C65B77CFF09661DFDB14823091422AFDBB5
C:\Users\user\AppData\Local\Temp\~DF3A2D95194B6E56C4.TMP
false
8DD8549101EA31B20DE9CAA33E494DEF
6B63C1D3F92DF9A0D4056827F43DA55B7968AB27
AB53172A6B0839E568EC4F72515E36FE14C54670218CA2238D435DA449E54B72
C:\Users\user\AppData\Local\Temp\~DF4BC159430978B235.TMP
false
ADAD04E19A7B2F0F98CCBA72C3109DD7
F8B70831718581E7522EC400D1101029D7B77DA6
4CF8C5D721114247B9A827B31452B34BA3B7463C443D837AA77264891A789DAA
C:\Users\user\AppData\Local\Temp\~DF614A578B8A0039D2.TMP
false
01837F3500E010DA204417219CF40F3A
5300E7DD0E93ED6186C6604D346DAC648BC3D576
0BB4C60955DAF7AB952609C2F12E49CC7A81DF2DDF4B22F8E2BB143CEF6D65A6
C:\Users\user\AppData\Local\Temp\~DF724E8AB2918CB9FB.TMP
false
50426BF40EB19BE2D8AB973861D3B862
05C7AC8B548A968350A1B8046A7555AEAF45FACC
E295AAB9E9B30391591F2C741AA48C9EB4B614C519209A35AA20A0917B34B44A
C:\Users\user\AppData\Local\Temp\~DF91CFCEBEAE749A87.TMP
false
D3E17153E374EB42DA249B89E19CCC9D
E431E2356EBC6C6DCC3A6C66E7241FC005C237D9
D48ED09CCF435C020B708552DA0223E604B23A2B888585C90C3480BF96A2DA08
C:\Users\user\AppData\Local\Temp\~DF9E71909E92B794F9.TMP
false
CF5E1077CA891CB0FC5A5371994EA7A4
DC4D89A6D8F0803F1A37F0C4C5E8955905DE1C7C
BB1A7A0C2CB3B83B25BEC3BAE7C21B6660BA03D91EAC929055DA7F5D5E4BA02A
C:\Users\user\AppData\Local\Temp\~DFB26ED506A2ACFD75.TMP
false
6363274396A80C0D545ACDE52E13C6CC
69BC5DCAB07B01B1AF12F4266EDDFF88C199B20E
D175243C58EF103FD15B57BF0F68B84E3D6B3CB550A72DBC807084540C39F571
C:\Users\user\AppData\Local\Temp\~DFE194E450F56592B9.TMP
false
3BC585FD3C5B18CA6438E27A656EFC7D
D6AA2B2A21658F630E1BA65A3D11800BC768F524
FE8D12052AE9E3EB0F9485215C9C743D40A78C4B61ACF850280F282E33371013
87.106.18.141
api10.laptok.at
true
87.106.18.141
golang.feel500.at
true
unknown
Found malware configuration
Snort IDS alert for network traffic (e.g. based on Emerging Threat rules)
Multi AV Scanner detection for submitted file
Writes or reads registry keys via WMI
Yara detected Ursnif
Antivirus / Scanner detection for submitted sample
Writes registry values via WMI
Multi AV Scanner detection for domain / URL