Joe Sandbox Cloud Basic

Want to search on specific fields?


Try our:

Advanced Search

Want to search in depth on all Cloud Basic reports?

Try: Joe Sandbox View

Register Login
sloganpng
top title background image
flash

5.dll

Status: finished
Submission Time: 2021-07-07 10:40:22 +02:00
Malicious
Trojan
Ursnif

Comments

Tags

  • dll

Details

  • Analysis ID:
    445164
  • API (Web) ID:
    812753
  • Analysis Started:
    2021-07-07 10:40:23 +02:00
  • Analysis Finished:
    2021-07-07 10:50:36 +02:00
  • MD5:
    fceb6a51be4205d11be1491f6e263cae
  • SHA1:
    0abb60d37fac49912172c5385ff58e049520eb53
  • SHA256:
    c521dd937ce9b2e8bda2fa915bae5b5be0e150a8b82e3b2bfb1cdbc60a8326c4
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
malicious
Full Report Management Report IOC Report
malicious
Score: 84
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

Open Full Report
malicious
Score: 15/67

IPs

IP Country Detection
40.101.137.98
 United States
52.97.152.210
 United States
52.97.144.2
 United States
Click to see the 2 hidden entries
52.97.233.2
 United States
40.97.116.82
 United States

Domains

Name IP Detection
outlook.com
 40.97.116.82
HHN-efz.ms-acdc.office.com
 40.101.137.98
FRA-efz.ms-acdc.office.com
 52.97.152.210
Click to see the 2 hidden entries
www.outlook.com
 0.0.0.0
outlook.office365.com
 0.0.0.0

URLs

Name Detection
https://outlook.office365.com/grower/GwIQZ7VTU_2B0dEDGXi3usO/98Jy_2Fhjs/9ADdwnOA_2BxxHdxk/bJ6tUkE3rK

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{BD6AF35A-DF4A-11EB-90E5-ECF4BB570DC9}.dat
 Microsoft Word Document
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{BD6AF35C-DF4A-11EB-90E5-ECF4BB570DC9}.dat
 Microsoft Word Document
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{BD6AF35E-DF4A-11EB-90E5-ECF4BB570DC9}.dat
 Microsoft Word Document
 #
Click to see the 4 hidden entries
C:\Users\user\AppData\Local\Temp\JavaDeployReg.log
 ASCII text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Temp\~DF3A99C7AD2702480D.TMP
 data
 #
C:\Users\user\AppData\Local\Temp\~DF48F8DB99852E5824.TMP
 data
 #
C:\Users\user\AppData\Local\Temp\~DFBADD8EC8FEBD51BA.TMP
 data
 #