Joe Sandbox Cloud Basic

Want to search on specific fields?


Try our:

Advanced Search

Want to search in depth on all Cloud Basic reports?

Try: Joe Sandbox View

Register Login
sloganpng
top title background image
flash

iJdlvBxhYu.dll

Status: finished
Submission Time: 2021-05-04 18:51:39 +02:00
Malicious
Trojan
Ursnif

Comments

Tags

  • dll
  • geo
  • Gozi
  • ISFB
  • ITA
  • Ursnif

Details

  • Analysis ID:
    404149
  • API (Web) ID:
    710453
  • Analysis Started:
    2021-05-04 18:51:40 +02:00
  • Analysis Finished:
    2021-05-04 19:00:29 +02:00
  • MD5:
    18d613d02eaf8d339feebb21f578f329
  • SHA1:
    01ea39853139ccfe82f0bd19f8963d3ccebf8e8a
  • SHA256:
    bd43f7bc23a76b086a81b8e6fcd4355cac648d3f7d9a941d9aa259def534d5b1
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
Full Report Management Report IOC Report
malicious
Score: 60
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

IPs

IP Country Detection
52.97.150.2
 United States
40.97.128.194
 United States
52.97.201.82
 United States

Domains

Name IP Detection
outlook.com
 40.97.128.194
HHN-efz.ms-acdc.office.com
 52.97.150.2
FRA-efz.ms-acdc.office.com
 52.97.201.82
Click to see the 2 hidden entries
www.outlook.com
 0.0.0.0
outlook.office365.com
 0.0.0.0

URLs

Name Detection
https://outlook.office365.com/login/greed/dTdjBCYANBp89r_2BxCJb/gK6KRSDvLFl65FiM/sVGCJkg_2FiGctf/t6M
http://outlook.com/login/greed/dTdjBCYANBp89r_2BxCJb/gK6KRSDvLFl65FiM/sVGCJkg_2FiGctf/t6MCq4h_2BQjlakLCK/wiH0Ze_2B/jucB0Ra6kWTVhbib9MO1/jbq6SBoLka4DWlxdGWZ/y4sF0OuALvDiDjUoj2_2B_/2FCnNAucowWTY/QocXWkvP/dNKrsXhuwJ0UrXUCqZRpNCx/r6rZ7E04g_/2B8ZRdIhu4yR4YZKp/tqA3A0JYvM/21FVchV.gfk

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{C4CF6A27-AD44-11EB-90E5-ECF4BB2D2496}.dat
 Microsoft Word Document
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{C4CF6A29-AD44-11EB-90E5-ECF4BB2D2496}.dat
 Microsoft Word Document
 #
C:\Users\user\AppData\Local\Temp\JavaDeployReg.log
 ASCII text, with CRLF line terminators
 #
Click to see the 2 hidden entries
C:\Users\user\AppData\Local\Temp\~DF0D80EB75D4D79339.TMP
 data
 #
C:\Users\user\AppData\Local\Temp\~DF222070F69DD5E09D.TMP
 data
 #