Joe Sandbox Cloud Basic

Want to search on specific fields?


Try our:

Advanced Search

Want to search in depth on all Cloud Basic reports?

Try: Joe Sandbox View

Register Login
sloganpng
top title background image
flash

mental.dll

Status: finished
Submission Time: 2021-07-28 13:45:12 +02:00
Malicious
Trojan
Ursnif

Comments

Tags

Details

  • Analysis ID:
    455445
  • API (Web) ID:
    823036
  • Analysis Started:
    2021-07-28 13:45:13 +02:00
  • Analysis Finished:
    2021-07-28 13:54:38 +02:00
  • MD5:
    244fcb71c16ab8163f25c633dcb91b1c
  • SHA1:
    cf0256c44be6b311558358bb00f9ec257ec90236
  • SHA256:
    48589e8612584c5b67c325367e53b63379dbf984a0a0dc905bd29fd3f7fd6c03
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
Full Report Management Report IOC Report
malicious
Score: 88
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

Open Full Report
malicious
Score: 7/88
malicious

IPs

IP Country Detection
185.228.233.17
 Russian Federation

Domains

Name IP Detection
gtr.antoinfer.com
 185.228.233.17

URLs

Name Detection
http://gtr.antoinfer.com/mtJPbIZJhao/lLJRN3LZO2EvFc/VCw3UNiKyARh06G8CFACi/rvcu9DoT_2BWr3it/vuHuzB9pSHcZY8A/p5jj60CzJBYl9Lfa6y/ccpCtNQRI/kv6KUXrsc9szPvU9BS5d/INRHtQMx8ovuxsrRsSO/mBIUAu_2FXqDwSewtqhiF3/0y8M31aLbHe6S/83PL1bM6/ldvb9gwpgUV8X_2B2Qv6zJW/BQrwXyajxR/YXD2Kky6T0oSJ5G0A/e_2F9JsAj5ok/7mc5pqASMOR/DpTFFPntUkci7e/xU2mysx12dViVQ0ZXlm39/NDqJB6CJvjFI/z
http://gtr.antoinfer.com/02_2FRTV/EHY6_2ByVkK9zQWc7nVUHSO/fCtXqnqrPU/KM_2F1pf6mYZC4Gy7/bCWjowHLoe6i/IkZQTMTSLWC/A3a2f6f53ufRn9/E42sf0Trx1PwCM3URc2Wx/3meR8N06RbC7B5vz/fh1949JUpwcTC55/kxUMJM7FV5_2BW6yUI/Qi_2BBp7I/IolDvBZlj8BdCBHYqi7w/k9qRhAJwmrlYaX4Nld1/vuyMEecPRgPCKMIqpUl9z0/QU_2BZUyIrn6K/_2FFz5g9/uSWx1VCCRu0cJ4rt581fcIt/_2BF5K79Db/sITOyBjswJkOChsry/YZZI09hn/M

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{9D47ABEC-EF99-11EB-90EB-ECF4BBEA1588}.dat
 Microsoft Word Document
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{9D47ABEE-EF99-11EB-90EB-ECF4BBEA1588}.dat
 Microsoft Word Document
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{A6C9EAC6-EF99-11EB-90EB-ECF4BBEA1588}.dat
 Microsoft Word Document
 #
Click to see the 5 hidden entries
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\610143e0e072b[1].bin
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\610143ef37a40[1].bin
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Temp\~DF6E67667E2D178577.TMP
 data
 #
C:\Users\user\AppData\Local\Temp\~DF8C183346DBFD51CA.TMP
 data
 #
C:\Users\user\AppData\Local\Temp\~DFC2C22C1E682D9D5C.TMP
 data
 #