Register Login

sloganpng

top title background image

2Wa2NBpFBj.exe

Status: finished

Submission Time: 2020-11-08 21:35:50 +01:00

Malicious

Comments

Tags

Details

Analysis ID:
311935
API (Web) ID:
525610
Analysis Started:

2020-11-09 05:43:31 +01:00
Analysis Finished:

2020-11-09 05:52:15 +01:00
MD5:
a07d726334600a2595f3ecefc3257e0c
SHA1:
d5227e0fa7351637c826e7a0a32ff8fa2c13c6fd
SHA256:
c4f9ca65e29fd76699bfeed6ccdfd9d7e32a57261e38f73120cef84e20c95721
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
		malicious
	Full Report Management Report IOC Report	malicious Score: 60	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
	Full Report Management Report IOC Report	malicious Score: 60	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 Run Condition: Run with higher sleep bypass

Third Party Analysis Engines

Open Full Report

malicious

Score: 22/43

Open Full Report

malicious

Score: 30/37

malicious

Score: 25/25

malicious

Dropped files

Name	File Type	Hashes	Detection
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_2Wa2NBpFBj.exe_faac571e6f7bf550b15a4961f7d0fe441e7ee667_da88bfd7_07650cef\Report.wer	Little-endian UTF-16 Unicode text, with CRLF line terminators	#
C:\ProgramData\Microsoft\Windows\WER\Temp\WERF6A8.tmp.dmp	Mini DuMP crash report, 14 streams, Mon Nov 9 04:44:27 2020, 0x1205a4 type	#
C:\ProgramData\Microsoft\Windows\WER\Temp\WERF89D.tmp.WERInternalMetadata.xml	XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators	#
Click to see the 1 hidden entries
C:\ProgramData\Microsoft\Windows\WER\Temp\WERFA92.tmp.xml	XML 1.0 document, ASCII text, with CRLF line terminators	#