flash

8OKQ6ogGRx.dll

Status: finished
Submission Time: 04.05.2021 18:49:59
Malicious
Trojan
Ursnif

Comments

Tags

  • dll

Details

  • Analysis ID:
    404147
  • API (Web) ID:
    710449
  • Analysis Started:
    04.05.2021 18:50:36
  • Analysis Finished:
    04.05.2021 18:58:42
  • MD5:
    e8eae1a820426a722c7cae54ed5bacd8
  • SHA1:
    4d8368f112e0c56e7caccb89724bfdad1999e706
  • SHA256:
    eb498648d17ad5250ab1f38b190dd2da8bfa8db3ee86054db991db79d15ad5cc
  • Technologies:
Full Report Management Report IOC Report Engine Info Verdict Score Reports

System: Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211

malicious
64/100

Domains

Name IP Detection
outlook.com
40.97.161.50
HHN-efz.ms-acdc.office.com
40.101.138.2
FRA-efz.ms-acdc.office.com
40.101.81.162
Click to see the 2 hidden entries
www.outlook.com
0.0.0.0
outlook.office365.com
0.0.0.0

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{AE905FC9-AD44-11EB-90E4-ECF4BB862DED}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{AE905FCB-AD44-11EB-90E4-ECF4BB862DED}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Temp\~DFFDCA7E35786F02EC.TMP
data
#
Click to see the 1 hidden entries
C:\Users\user\AppData\Local\Temp\~DFFF4222CFAFFA654A.TMP
data
#