top title background image
flash

qjrOWCCE58.exe

Status: finished
Submission Time: 2022-05-05 05:39:04 +02:00
Malicious
Trojan
Evader
Nymaim

Comments

Tags

  • 32
  • exe
  • trojan

Details

  • Analysis ID:
    620693
  • API (Web) ID:
    988197
  • Analysis Started:
    2022-05-05 05:39:04 +02:00
  • Analysis Finished:
    2022-05-05 05:46:38 +02:00
  • MD5:
    732132623989caae367e0878298b7e9b
  • SHA1:
    e493be600aa8ecf7384ac3f23454daf6fdd1821d
  • SHA256:
    32f431ba791fcd1f53e53b26447c9dbf59983549f567bac43ea9578b98de4ca8
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
malicious
malicious
Score: 60
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

malicious
Score: 23/68
malicious
Score: 21/42

Dropped files

Name File Type Hashes Detection
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_qjrOWCCE58.exe_455362eeffb32f0bf40f06cd73c56872c5d9440_dba93c7d_10d822ca\Report.wer
Little-endian UTF-16 Unicode text, with CRLF line terminators
#
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_qjrOWCCE58.exe_455362eeffb32f0bf40f06cd73c56872c5d9440_dba93c7d_1167fbca\Report.wer
Little-endian UTF-16 Unicode text, with CRLF line terminators
#
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_qjrOWCCE58.exe_455362eeffb32f0bf40f06cd73c56872c5d9440_dba93c7d_12a3eeab\Report.wer
Little-endian UTF-16 Unicode text, with CRLF line terminators
#
Click to see the 25 hidden entries
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_qjrOWCCE58.exe_455362eeffb32f0bf40f06cd73c56872c5d9440_dba93c7d_12a4344f\Report.wer
Little-endian UTF-16 Unicode text, with CRLF line terminators
#
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_qjrOWCCE58.exe_455362eeffb32f0bf40f06cd73c56872c5d9440_dba93c7d_181043fe\Report.wer
Little-endian UTF-16 Unicode text, with CRLF line terminators
#
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_qjrOWCCE58.exe_455362eeffb32f0bf40f06cd73c56872c5d9440_dba93c7d_19545302\Report.wer
Little-endian UTF-16 Unicode text, with CRLF line terminators
#
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_qjrOWCCE58.exe_455362eeffb32f0bf40f06cd73c56872c5d9440_dba93c7d_0c0c0928\Report.wer
Little-endian UTF-16 Unicode text, with CRLF line terminators
#
C:\ProgramData\Microsoft\Windows\WER\Temp\WER5015.tmp.WERInternalMetadata.xml
XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators
#
C:\ProgramData\Microsoft\Windows\WER\Temp\WERFAD2.tmp.xml
XML 1.0 document, ASCII text, with CRLF line terminators
#
C:\ProgramData\Microsoft\Windows\WER\Temp\WER51AC.tmp.xml
XML 1.0 document, ASCII text, with CRLF line terminators
#
C:\ProgramData\Microsoft\Windows\WER\Temp\WER63B.tmp.WERInternalMetadata.xml
XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators
#
C:\ProgramData\Microsoft\Windows\WER\Temp\WER774.tmp.xml
XML 1.0 document, ASCII text, with CRLF line terminators
#
C:\ProgramData\Microsoft\Windows\WER\Temp\WERE842.tmp.dmp
Mini DuMP crash report, 14 streams, Thu May 5 12:40:12 2022, 0x1205a4 type
#
C:\ProgramData\Microsoft\Windows\WER\Temp\WEREC5A.tmp.WERInternalMetadata.xml
XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators
#
C:\ProgramData\Microsoft\Windows\WER\Temp\WERED84.tmp.xml
XML 1.0 document, ASCII text, with CRLF line terminators
#
C:\ProgramData\Microsoft\Windows\WER\Temp\WERF726.tmp.dmp
Mini DuMP crash report, 14 streams, Thu May 5 12:40:16 2022, 0x1205a4 type
#
C:\ProgramData\Microsoft\Windows\WER\Temp\WERF9A8.tmp.WERInternalMetadata.xml
XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators
#
C:\ProgramData\Microsoft\Windows\WER\Temp\WER4C2C.tmp.dmp
Mini DuMP crash report, 14 streams, Thu May 5 12:40:38 2022, 0x1205a4 type
#
C:\ProgramData\Microsoft\Windows\WER\Temp\WER4306.tmp.xml
XML 1.0 document, ASCII text, with CRLF line terminators
#
C:\ProgramData\Microsoft\Windows\WER\Temp\WER41DC.tmp.WERInternalMetadata.xml
XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators
#
C:\ProgramData\Microsoft\Windows\WER\Temp\WER3EED.tmp.dmp
Mini DuMP crash report, 14 streams, Thu May 5 12:40:34 2022, 0x1205a4 type
#
C:\ProgramData\Microsoft\Windows\WER\Temp\WER38A.tmp.dmp
Mini DuMP crash report, 14 streams, Thu May 5 12:40:19 2022, 0x1205a4 type
#
C:\ProgramData\Microsoft\Windows\WER\Temp\WER329B.tmp.xml
XML 1.0 document, ASCII text, with CRLF line terminators
#
C:\ProgramData\Microsoft\Windows\WER\Temp\WER30D5.tmp.WERInternalMetadata.xml
XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators
#
C:\ProgramData\Microsoft\Windows\WER\Temp\WER2CBD.tmp.dmp
Mini DuMP crash report, 14 streams, Thu May 5 12:40:29 2022, 0x1205a4 type
#
C:\ProgramData\Microsoft\Windows\WER\Temp\WER21C3.tmp.xml
XML 1.0 document, ASCII text, with CRLF line terminators
#
C:\ProgramData\Microsoft\Windows\WER\Temp\WER20D7.tmp.WERInternalMetadata.xml
XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators
#
C:\ProgramData\Microsoft\Windows\WER\Temp\WER1DD9.tmp.dmp
Mini DuMP crash report, 14 streams, Thu May 5 12:40:26 2022, 0x1205a4 type
#