Joe Sandbox Cloud Basic

Want to search on specific fields?


Try our:

Advanced Search

Want to search in depth on all Cloud Basic reports?

Try: Joe Sandbox View

Register Login
sloganpng
top title background image
flash

BL_SGN11203184.xlsx

Status: finished
Submission Time: 2021-06-10 15:02:23 +02:00
Malicious
Trojan
Exploiter
Evader
GuLoader

Comments

Tags

  • VelvetSweatshop
  • xlsx

Details

  • Analysis ID:
    432590
  • API (Web) ID:
    800184
  • Analysis Started:
    2021-06-10 15:16:10 +02:00
  • Analysis Finished:
    2021-06-10 15:23:14 +02:00
  • MD5:
    06eb9a2b3d7113604968b87722ed242a
  • SHA1:
    2a6929b76b8b69a4e3a3766881280c63af765cb1
  • SHA256:
    1554d0f1b36381c9a323749cd62b7870c8273d8020fc81df09cb159a3bb84acc
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
Full Report Management Report IOC Report
malicious
Score: 100
System: Windows 7 x64 SP1 with Office 2010 SP1 (IE 11, FF52, Chrome 57, Adobe Reader DC 15, Flash 25.0.0.127, Java 8 Update 121, .NET 4.6.2)

Third Party Analysis Engines

Open Full Report
malicious
Score: 11/88
Open Full Report
malicious
Score: 11/35
malicious
Score: 17/29
malicious

IPs

IP Country Detection
103.155.82.236
 unknown

URLs

Name Detection
http://103.155.82.236/fksdoc/svchost.exe
https://www.pos.nblwarehouse.my.id/bin_GgrWeMMq137.bin, http://benvenuti.rs/wp-co
http://www.day.com/dam/1.0

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\svchost[1].exe
 PE32 executable (GUI) Intel 80386, for MS Windows
 #
C:\Users\user\Desktop\~$BL_SGN11203184.xlsx
 data
 #
C:\Users\Public\vbc.exe
 PE32 executable (GUI) Intel 80386, for MS Windows
 #
Click to see the 13 hidden entries
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\1E4E0F48.png
 PNG image data, 476 x 244, 8-bit/color RGB, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\21A36D14.png
 PNG image data, 1686 x 725, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\221576A9.png
 PNG image data, 566 x 429, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\5AE1779F.jpeg
 JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 191x263, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\79B68205.png
 PNG image data, 1268 x 540, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\7A9F521.jpeg
 JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 191x263, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\8E0CA1A0.png
 PNG image data, 399 x 605, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\988F9842.png
 PNG image data, 476 x 244, 8-bit/color RGB, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\B8598AE.png
 PNG image data, 1686 x 725, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\B99C14D7.png
 PNG image data, 1268 x 540, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\D467075B.png
 PNG image data, 566 x 429, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\DEDF5C96.png
 PNG image data, 399 x 605, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\F77229A3.emf
 Windows Enhanced Metafile (EMF) image data version 0x10000
 #