Joe Sandbox Cloud Basic

Want to search on specific fields?


Try our:

Advanced Search

Want to search in depth on all Cloud Basic reports?

Try: Joe Sandbox View

Register Login
sloganpng
top title background image
flash

1c8.dll

Status: finished
Submission Time: 2021-07-14 15:45:17 +02:00
Malicious
Trojan
Ursnif

Comments

Tags

  • dll
  • gozi

Details

  • Analysis ID:
    448651
  • API (Web) ID:
    816240
  • Analysis Started:
    2021-07-14 15:45:17 +02:00
  • Analysis Finished:
    2021-07-14 15:55:14 +02:00
  • MD5:
    1c87b3ebc5ddf8f53e585b3cf8f74f47
  • SHA1:
    4579705a3e0e8b644fcf30d4c79456b0e4f669b8
  • SHA256:
    f2dfc3562e150ca045557559269c3c21531bb85292864109fd2ceca4fe0f1ea9
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
Full Report Management Report IOC Report
malicious
Score: 80
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

Open Full Report
malicious
Score: 9/35
malicious
Score: 17/28

IPs

IP Country Detection
40.97.128.194
 United States
52.97.232.194
 United States
52.97.232.210
 United States
Click to see the 1 hidden entries
52.97.201.226
 United States

Domains

Name IP Detection
outlook.com
 40.97.128.194
ZRH-efz.ms-acdc.office.com
 52.97.232.194
www.outlook.com
 0.0.0.0
Click to see the 1 hidden entries
outlook.office365.com
 0.0.0.0

URLs

Name Detection
https://outlook.office365.com/grower/IGPiFOK9TunC/gPtC5_2F4YG/ZzNVH5SYgNPO4r/Psx6BaSL6yLcaujEgpw7P/t
https://outlook.office365.com/grower/iSa3U_2FCrZy/TdWTQggM2F_/2F4Qd7iLvOzuNw/Q11HFiIe_2BP9wOCf9bSc/9
http://outlook.com/grower/IGPiFOK9TunC/gPtC5_2F4YG/ZzNVH5SYgNPO4r/Psx6BaSL6yLcaujEgpw7P/tYMT5RnKSeCB9jBg/3iH6euhlA_2FGYG/rhrfnjjJUD3Y1TDXr8/g3m2c4nF8/bM6OTpEkWKHOq9wInEON/2HRIvyEq85fMK7VnDSk/ESY1C1z2RWNeT9llxDcxvu/GKJMCp_2FJD6L/hm1dCsQj.grow

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{0A0F511A-E4AA-11EB-90EB-ECF4BBEA1588}.dat
 Microsoft Word Document
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{0A0F511C-E4AA-11EB-90EB-ECF4BBEA1588}.dat
 Microsoft Word Document
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{0A0F511E-E4AA-11EB-90EB-ECF4BBEA1588}.dat
 Microsoft Word Document
 #
Click to see the 4 hidden entries
C:\Users\user\AppData\Local\Temp\JavaDeployReg.log
 ASCII text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Temp\~DF34CE60BF8360E948.TMP
 data
 #
C:\Users\user\AppData\Local\Temp\~DF4099CF7A12250C28.TMP
 data
 #
C:\Users\user\AppData\Local\Temp\~DF547E5E23E7DFF857.TMP
 data
 #