gg.gif.dll

Status: finished

Submission Time: 2021-04-06 09:42:28 +02:00

Malicious

Trojan

Ursnif

Comments

Details

Analysis ID:
382555
API (Web) ID:
667249
Analysis Started:

2021-04-06 09:50:06 +02:00
Analysis Finished:

2021-04-06 10:00:43 +02:00
MD5:
75ffb2cb4faff68f2649a4f6f16840d9
SHA1:
543803cbfad26ff1e538e0843161ef6729ff3a85
SHA256:
db9ede8dfbecb23b804cd592eeb7500e397ade3bc1fa01551a912ae572cda8b3
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
		malicious
	Full Report Management Report IOC Report	malicious Score: 84	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

malicious

Score: 25/48

IPs

IP	Country	Detection
185.243.114.196	Netherlands

Domains

Name	IP	Detection
urs-world.com	185.186.244.95
under17.com	185.243.114.196
login.microsoftonline.com	0.0.0.0

URLs

Name	Detection
https://www.msn.com/de-ch/nachrichten/politik/coronakrise-laschet-fordert-harten-br
http://under17.com/joomla/qpONlUc_2Fx9bGWS/jLOColZsxiS4Q8t/VbkMaKiMRHZwpzblKX/6AI6KdKhU/1fj0ddZRJ_2F
http://feross.org
Click to see the 23 hidden entries
https://www.msn.com/de-ch/news/other/pentagon-usa-beobachten-russlands-aktivit
https://www.msn.com/de-ch/finanzen/top-stories/datenleck-bei-facebook-wachstum-z
https://www.msn.com/de-ch/news/other/ressourcen-f
https://www.msn.com/de-ch/nachrichten/international/admirale-begehren-auf-gegen-das-verr
https://www.msn.com/de-ch/nachrichten/international/ukrainekonflikt-maas-warnt-russland-und-ukraine-
https://login.microsoftonline.com/common/oauth2/authorize?client_id=9ea1ad79-fdb6-4f9a-8bc3-2b70f96e
https://www.msn.com/de-ch/nachrichten/politik/fdp-nur-keine-option-von-vornherein-ausschlie
https://www.msn.com/de-ch/finanzen/top-stories/staatliche-regulierung-allianz-gegen-big-tech-druck-a
https://www.msn.com/de-ch/nachrichten/other/karl-lauterbach-der-blitzableiter-der-republik/ar-BB1fiI
https://www.msn.com/de-ch/news/other/polizei-sucht-mit-superpuma-nach-vermissten-minderj
https://www.msn.com/de-ch/nachrichten/politik/l
http://under17.com
https://www.msn.com/de-ch/nachrichten/politik/manfred-weber-nennt-eu-beitritt-der-t
https://www.msn.com/de-ch/nachrichten/international/alexej-nawalny-klagt-
https://www.msn.com/de-ch/nachrichten/vermischtes/nachtleben-in-israel-eine-nacht-wie-fr
https://www.msn.com/de-ch/nachrichten/politik/das-alles-h
https://www.msn.com/de-ch/nachrichten/vermischtes/die-altersheime-hat-man-vergessen/ar-BB1fkRPW?ocid
https://www.msn.com/de-ch/news/other/abdullah-sollte-von-erdogan-lernen/ar-BB1fktw7?ocid=BingHPC
https://www.msn.com/de-ch/nachrichten/international/es-h
https://www.msn.com/de-ch/nachrichten/international/so-tickt-kosovos-neue-staatspr
http://under17.com/joomla/b5_2FTUcdYX/sVnNArBfX_2BDo/zZv_2Fbn6M53QxtrfT64W/tg0Mz_2FW77FnY1h/4P95tKyS
https://www.msn.com/de-ch/finanzen/top-stories/janet-yellen-us-finanzministerin-fordert-weltweite-mi
https://www.msn.com/de-ch/news/other/das-grosse-impfen-beginnt-geht-es-nun-endlich-vorw

Dropped files

Name	File Type	Hashes
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\bLULVERLX4vU6bjspboNMw9vl_0.gz[1].js	very short file (no magic)	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\th[5].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 150x150, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\th[4].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 150x150, frames 3	#
Click to see the 97 hidden entries
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\th[3].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 150x150, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\th[2].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 150x150, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\th[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 150x150, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\pXscrbCrewUD-UetJTvW5F7YMxo.gz[1].js	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\ozS3T0fsBUPZy4zlY0UX_e0TUwY.gz[1].js	ASCII text, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\lK_FmcR4naKX9hpIwfe9ify1hf4.gz[1].js	UTF-8 Unicode text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\k5oM71-Oyo7w7ptkcB_2S5dIr7I.gz[1].js	ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\gDsOfTXNZVl18jxNDvhXqAdf2tM.gz[1].js	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\errorPageStrings[1]	UTF-8 Unicode (with BOM) text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\down[1]	PNG image data, 15 x 15, 8-bit colormap, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\th[6].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 150x150, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\XvRHqJwJt19aXQca73hQTfvNMxk[1].svg	SVG Scalable Vector Graphics image	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\ULJCe4CXM2DCjZgELMGm2K4PcPo[1].png	PNG image data, 1642 x 116, 8-bit colormap, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\Passport[1].htm	HTML document, ASCII text	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\NewErrorPageTemplate[1]	UTF-8 Unicode (with BOM) text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\N55Tc-oLNOuzZam9OghLsR0GD5U[1].jpg	[TIFF image data, little-endian, direntries=6, xresolution=86, yresolution=94, resolutionunit=2, software=GIMP 2.10.18, datetime=2020:04:16 19:04:38], progressive, precision 8, 160x160, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\MstqcgNaYngCBavkktAoSE0--po.gz[1].js	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\Lq2ZTcK-ZOpjsEJIXReQZG4mDLg.gz[1].js	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\KC_nX2_tPPyFvVw1RK20Yu1FyDk[1].svg	SVG Scalable Vector Graphics image	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\Jl2vUSlEIqWjk-99MuYp4W74zvQ[1].svg	SVG Scalable Vector Graphics image	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\5rqGloMo94v3vwNVR5OsxDNd8d0[1].svg	SVG Scalable Vector Graphics image	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\uYzy_SF_Qx-quOm8IecsaqSoOd0[1].svg	SVG Scalable Vector Graphics image	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\n1U5gwBiwMo7s-fWOh2kSe3Kils[1].jpg	[TIFF image data, little-endian, direntries=5, xresolution=74, yresolution=82, resolutionunit=2, software=GIMP 2.10.8, datetime=2019:07:31 17:53:43], progressive, precision 8, 160x160, frames 3	#
C:\Users\user\AppData\Local\Temp\JavaDeployReg.log	ASCII text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\th[7].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 150x150, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\th[6].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 150x150, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\th[5].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 150x150, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\th[4].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 150x150, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\th[3].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 150x150, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\th[2].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 150x150, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\th[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 1920x1080, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\swyt_VnIjJDWZW5KEq7a8l_1AEw.gz[1].js	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\sTWC0LplwPyIP_jw8VjHps800ZQ.gz[1].js	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\n_C4vBfAV3O9RfkGjfduaZoxjAs[1].jpg	[TIFF image data, little-endian, direntries=5, xresolution=74, yresolution=82, resolutionunit=2, software=GIMP 2.10.8, datetime=2019:08:01 11:40:12], progressive, precision 8, 160x160, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\n8-O_KIRNSMPFWQWrGjn0BRH6SM.gz[1].js	UTF-8 Unicode text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\th[3].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 150x150, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\hqx6FcD0hjfzrON5oLgx2RMMD1s.gz[1].js	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\eaMqCdNxIXjLc0ATep7tsFkfmSA.gz[1].js	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\eRYlUYIMYsB_Pt8B7FTik-pl5cs.gz[1].js	ASCII text, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\cs[1].htm	gzip compressed data, max speed, from TOPS/20	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\RXZtj0lYpFm5XDPMpuGSsNG8i9I.gz[1].js	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\NewErrorPageTemplate[1]	UTF-8 Unicode (with BOM) text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\GiGr-rA9TBhE2c3LJn7PvDweiOo.gz[1].js	ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\Fsa_OI0AplCnVoXGca8ALOo0S0s[1].svg	SVG Scalable Vector Graphics image	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\DCD2HH6I.htm	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\CMm2G4GK3T9XHTMByeN2QI1OVUs[1].jpg	[TIFF image data, little-endian, direntries=5, xresolution=74, yresolution=82, resolutionunit=2, software=GIMP 2.10.8, datetime=2019:07:31 17:51:08], progressive, precision 8, 160x158, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\4L4QdyjTv0HYE2Ig2ol9eYoqxg8[1].svg	SVG Scalable Vector Graphics image	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\NGDGShwgz5vCvyjNFyZiaPlHGCE.gz[1].js	ASCII text, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\th[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 150x150, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\svI82uPNFRD54V4bMLaeahXQXBI.gz[1].js	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\sjm7ZxOOdUKgLq2Lulikx_Lt20I.gz[1].js	exported SGML document, ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\httpErrorPagesScripts[1]	UTF-8 Unicode (with BOM) text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\hceflue5sqxkKta9dP3R-IFtPuY.gz[1].js	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\fdVZU4ttbw8NDRm6H3I5BW3_vCo[1].svg	SVG Scalable Vector Graphics image	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\favicon-2x[1].ico	MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\errorPageStrings[1]	UTF-8 Unicode (with BOM) text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\dnserror[1]	HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\a282eRIAnHsW_URoyogdzsukm_o.gz[1].js	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\PA3TC2iNXZkiG2C3IJp5VAvC_yY.gz[1].js	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\NnFHhz2jL6yzChtIhaB5IIVKY5k[1].svg	SVG Scalable Vector Graphics image	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\th[2].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 150x150, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\JDHEvZVDnqsG9UcxzgIdtGb6thw.gz[1].js	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\BJp5dDFvoQm12CHBfp4PC6aiyg4.gz[1].css	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\6sxhavkE4_SZHA_K4rwWmg67vF0.gz[1].js	ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\gee00pr\imagestore.dat	data	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{EA9F6202-96AC-11EB-90EB-ECF4BBEA1588}.dat	Microsoft Word Document	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{EA9F6200-96AC-11EB-90EB-ECF4BBEA1588}.dat	Microsoft Word Document	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{1C24251D-96AD-11EB-90EB-ECF4BBEA1588}.dat	Microsoft Word Document	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{05FE9155-96AD-11EB-90EB-ECF4BBEA1588}.dat	Microsoft Word Document	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{05FE9153-96AD-11EB-90EB-ECF4BBEA1588}.dat	Microsoft Word Document	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{EA9F61FE-96AC-11EB-90EB-ECF4BBEA1588}.dat	Microsoft Word Document	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{1C24251B-96AD-11EB-90EB-ECF4BBEA1588}.dat	Microsoft Word Document	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\UYtUYDcn1oZlFG-YfBPz59zejYI[1].svg	SVG Scalable Vector Graphics image	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\th[2].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 150x150, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\th[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 1920x1080, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\test[1].htm	ASCII text, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\sbi[1].htm	HTML document, ASCII text, with very long lines, with CRLF, LF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\msnpopularnow[1].json	UTF-8 Unicode text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\model[1].json	UTF-8 Unicode text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\kBH4DSEA84cgV7IKw7_Bwvm2NpI[1].jpg	[TIFF image data, little-endian, direntries=5, xresolution=74, yresolution=82, resolutionunit=2, software=GIMP 2.10.8, datetime=2019:07:31 17:58:04], progressive, precision 8, 160x160, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\httpErrorPagesScripts[1]	UTF-8 Unicode (with BOM) text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\down[1]	PNG image data, 15 x 15, 8-bit colormap, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\dnserror[1]	HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\b4Jy0kwhnsWcsDQyuzAEsN7RmhQ[1].jpg	[TIFF image data, little-endian, direntries=5, xresolution=74, yresolution=82, resolutionunit=2, software=GIMP 2.10.8, datetime=2019:07:31 17:59:08], progressive, precision 8, 160x160, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\Xp-HPHGHOZznHBwdn7OWdva404Y.gz[1].js	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{05FE9151-96AD-11EB-90EB-ECF4BBEA1588}.dat	Microsoft Word Document	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\RrvsBuqGHDpqG7NAz4Q0BMOqQBg.gz[1].js	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\P3LN8DHh0udC9Pbh8UHnw5FJ8R8.gz[1].js	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\MDr1f9aJs4rBVf1F5DAtlALvweY.gz[1].js	ASCII text, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\LL4BV3XU.htm	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\HdepnBaFj-yarvouFUIlfV4Q9D8.gz[1].js	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\H_VmuFPRwWZ4UrVl0mPztnf3z5U[1].jpg	[TIFF image data, little-endian, direntries=5, xresolution=74, yresolution=82, resolutionunit=2, software=GIMP 2.10.8, datetime=2019:08:01 11:38:22], progressive, precision 8, 160x160, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\ELqKWpA6KkapLUFbOLS-IQ2zfXc[1].jpg	[TIFF image data, little-endian, direntries=5, xresolution=74, yresolution=82, resolutionunit=2, software=GIMP 2.10.8, datetime=2019:08:01 11:43:45], progressive, precision 8, 160x160, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\th[6].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 150x150, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\th[5].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 150x150, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\th[4].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 150x150, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\th[3].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, baseline, precision 8, 150x150, frames 3	#

gg.gif.dll

Comments

Tags

Available tags:

Details

Joe Sandbox

Third Party Analysis Engines

IPs

Domains

URLs

Dropped files

gg.gif.dll Options

Comments

Tags

Available tags:

Details

Joe Sandbox

Third Party Analysis Engines

IPs

Domains

URLs

Dropped files

Search started

gg.gif.dll