Joe Sandbox Cloud Basic

Want to search on specific fields?


Try our:

Advanced Search

Want to search in depth on all Cloud Basic reports?

Try: Joe Sandbox View

Register Login
sloganpng
top title background image
flash

sample2.xls.xls

Status: finished
Submission Time: 2021-11-25 18:37:20 +01:00
Malicious
Trojan
Exploiter
Hidden Macro 4.0

Comments

Tags

  • vir
  • xlsx

Details

  • Analysis ID:
    528761
  • API (Web) ID:
    896284
  • Analysis Started:
    2021-11-25 18:41:48 +01:00
  • Analysis Finished:
    2021-11-25 18:56:25 +01:00
  • MD5:
    75c10281f9cae799f72d6b949199fd91
  • SHA1:
    7bd8c6de6d714ff5e0b8f450203d24c8dd30495d
  • SHA256:
    53a57594efe3312565fd5415ad3d7066799f831bb6854737ffaf87fe0119af01
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
Full Report Management Report IOC Report
malicious
Score: 88
System: Windows 7 x64 SP1 with Office 2010 SP1 (IE 11, FF52, Chrome 57, Adobe Reader DC 15, Flash 25.0.0.127, Java 8 Update 121, .NET 4.6.2)
Full Report Management Report IOC Report
malicious
Score: 88
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Run Condition: Potential for more IOCs and behavior

Third Party Analysis Engines

Open Full Report
malicious
Score: 22/59

IPs

IP Country Detection
51.15.56.22
 France

Domains

Name IP Detection
gupta-foods.xyz
 51.15.56.22
gupta-airways.icu
 51.15.56.22
gupta-technologies.sbs
 51.15.56.22

URLs

Name Detection
http://services.msn.com/svcs/oe/certpage.asp?name=%s&email=%s&&Check
http://www.windows.com/pctv.
http://investor.msn.com
Click to see the 8 hidden entries
http://www.msnbc.com/news/ticker.txt
http://www.%s.comPA
http://www.icra.org/vocabulary/.
http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous.
http://windowsmedia.com/redir/services.asp?WMPFriendly=true
http://www.hotmail.com/oe
http://servername/isapibackend.dll
http://investor.msn.com/

Dropped files

Name File Type Hashes Detection
C:\Users\user\Desktop\sample2.xls.xls
 Composite Document File V2 Document, Little Endian, Os: MacOS, Version 6.11, Code page: -535, Last Saved By: Microsoft Office User, Name of Creating Application: Microsoft Macintosh Excel, Create Time/Date: Fri Jun 5 19:19:34 2015, Last Saved Time/Da (…)
 #
C:\Users\user\AppData\Local\Temp\7D1C.tmp
 Composite Document File V2 Document, Cannot read section info
 #
C:\Users\user\AppData\Local\Temp\~DF30EC3661E732423E.TMP
 data
 #
Click to see the 1 hidden entries
C:\Users\user\AppData\Local\Temp\~DF6FA4235239FD3AE0.TMP
 data
 #