ID: Cookbook: browseurl.jbs Time: 15:47:47 Date: 11/05/2018 Version:
Size: px
Start display at page:

Download "ID: Cookbook: browseurl.jbs Time: 15:47:47 Date: 11/05/2018 Version:"

Transcription

1 ID: Cookbook: browseurl.jbs Time: 15:47:47 Date: 11/05/2018 Version:

2 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Signature Overview Software Vulnerabilities: Networking: Persistence and Installation Behavior: System Summary: HIPS / PFW / Operating System Protection Evasion: Anti Debugging: Malware Analysis System Evasion: Hooking and other Techniques for Hiding and Protection: Language, Device and Operating System Detection: Behavior Graph Simulations Behavior and APIs Antivirus Detection Initial Sample Dropped Files Unpacked PE Files Domains Yara Overview Initial Sample PCAP (Network Traffic) Dropped Files Memory Dumps Unpacked PEs Joe Sandbox View / Context IPs Domains ASN Dropped Files Screenshots Startup Created / dropped Files Contacted Domains/Contacted IPs Contacted Domains Contacted IPs Static File Info No static file info Network Behavior Network Port Distribution TCP Packets UDP Packets DNS Queries DNS Answers HTTP Request Dependency Graph HTTP Packets Copyright Joe Security LLC 2018 Page 2 of 27

3 Code Manipulations Statistics Behavior System Behavior Analysis iexplore.exe PID: 3416 Parent PID: 548 General File Activities Registry Activities Analysis iexplore.exe PID: 3476 Parent PID: 3416 General File Activities Registry Activities Analysis ssvagent.exe PID: 3584 Parent PID: 3476 General Registry Activities Analysis wscript.exe PID: 4016 Parent PID: 3416 General File Activities Disassembly Code Analysis Copyright Joe Security LLC 2018 Page 3 of 27

4 Analysis Report Overview General Information Joe Sandbox Version: Analysis ID: Start time: 15:47:47 Joe Sandbox Product: CloudBasic Start date: Overall analysis duration: Hypervisor based Inspection enabled: Report type: Cookbook file name: Sample URL: 0h 4m 37s light browseurl.jbs javascript/load.js Analysis system description: Windows 7 SP1 (with Office 2010 SP2, IE 11, FF 54, Chrome 60, Acrobat Reader DC 17, Flash 26, Java ) Number of analysed new started processes analysed: 6 Number of new started drivers analysed: 0 Number of existing processes analysed: 0 Number of existing drivers analysed: 0 Number of injected processes analysed: 0 Technologies Analysis stop reason: Detection: Classification: HCA enabled EGA enabled HDC enabled Timeout SUS sus22.expl.win@7/29@1/1 HCA Information: Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0 EGA Information: HDC Information: Cookbook Comments: Warnings: Failed Failed Adjust boot time Correcting counters for adjusted boot time URL browsing timeout Show All Exclude process from analysis (whitelisted): WmiPrvSE.exe, dllhost.exe Report size getting too big, too many NtDeviceIoControlFile calls found. Report size getting too big, too many NtEnumerateKey calls found. Report size getting too big, too many NtEnumerateValueKey calls found. Report size getting too big, too many NtOpenKeyEx calls found. Report size getting too big, too many NtProtectVirtualMemory calls found. Report size getting too big, too many NtQueryValueKey calls found. Report size getting too big, too many NtQueryVolumeInformationFile calls found. Detection Strategy Score Range Reporting Detection Copyright Joe Security LLC 2018 Page 4 of 27

5 Strategy Score Range Reporting Detection Threshold Report FP / FN Confidence Strategy Score Range Further Analysis Required? Confidence Threshold Classification Copyright Joe Security LLC 2018 Page 5 of 27

6 Ransomware Miner Spreading malicious malicious malicious Evader Phishing suspicious suspicious suspicious clean clean clean Exploiter Banker Spyware Trojan / Bot Adware Signature Overview Vulnerabilities Software Networking and Installation Behavior Persistence Summary System / PFW / Operating System Protection Evasion HIPS Debugging Anti Analysis System Evasion Malware and other Techniques for Hiding and Protection Hooking Language, Device and Operating System Detection Click to jump to signature section Copyright Joe Security LLC 2018 Page 6 of 27

7 Software Vulnerabilities: Browser exploit detected (process start blacklist hit) Networking: Social media urls found in memory data Downloads files Downloads files from webservers via HTTP Found strings which match to known social media urls Performs DNS lookups Urls found in memory or binary data Persistence and Installation Behavior: May use bcdedit to modify the Windows boot settings System Summary: Searches the installation path of Mozilla Firefox Classification label Creates files inside the user directory Creates temporary files Reads ini files Reads software policies Spawns processes Uses an in-process (OLE) Automation server Found GUI installer (many successful clicks) Found graphical window changes (likely an installer) Uses new MSVCR Dlls HIPS / PFW / Operating System Protection Evasion: May try to detect the Windows Explorer process (often used for injection) Anti Debugging: Checks for kernel debuggers (NtQuerySystemInformation(SystemKernelDebuggerInformation)) Malware Analysis System Evasion: Found WSH timer for Javascript or VBS script (likely evasive script) Hooking and other Techniques for Hiding and Protection: Disables application error messsages (SetErrorMode) Language, Device and Operating System Detection: Queries the cryptographic machine GUID Behavior Graph Copyright Joe Security LLC 2018 Page 7 of 27

8 Behavior Graph ID: URL: Startdate: 11/05/2018 Architecture: WINDOWS Score: 22 started Legend: Process Signature Created File DNS/IP Info Is Dropped Is Windows Process Hide Legend iexplore.exe Number of created Registry Values Number of created Files Visual Basic Delphi Java started started.net C# or VB.NET Browser exploit detected (process start blacklist hit) C, C++ or other language Is malicious iexplore.exe wscript.exe , 49167, 49168, 80 webafricaza started South Africa ssvagent.exe 6 Simulations Behavior and APIs Time Type Description 15:48:45 API Interceptor 1657x Sleep call for process: iexplore.exe modified 15:48:47 API Interceptor 1x Sleep call for process: ssvagent.exe modified 15:49:06 API Interceptor 2x Sleep call for process: wscript.exe modified Antivirus Detection Initial Sample Detection Scanner Label Link 0% virustotal Browse Dropped Files No Antivirus matches Unpacked PE Files No Antivirus matches Domains Copyright Joe Security LLC 2018 Page 8 of 27

9 Detection Scanner Label Link 0% virustotal Browse Yara Overview Initial Sample No yara matches PCAP (Network Traffic) No yara matches Dropped Files No yara matches Memory Dumps No yara matches Unpacked PEs No yara matches Joe Sandbox View / Context IPs No context Domains No context ASN No context Dropped Files No context Screenshots Copyright Joe Security LLC 2018 Page 9 of 27

10 Startup System is w7 iexplore.exe (PID: 3416 cmdline: '' -Embedding CA1F703CD665867E8132D2946FB55750) iexplore.exe (PID: 3476 cmdline: '' SCODEF:3416 CREDAT: /prefetch:2 CA1F703CD665867E8132D2946FB55750) ssvagent.exe (PID: 3584 cmdline: 'C:\PROGRA~1\Java\JRE18~1.0_1\bin\ssvagent.exe' -new 0953A FD1E655B75B63B9083B7) wscript.exe (PID: 4016 cmdline: 'C:\Windows\System32\WScript.exe' 'C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\77PTX9DT\load.js' 979D74799EA6C8B A68DF5204A) cleanup Created / dropped Files C:\Users\HERBBL~1\AppData\Local\Temp\JavaDeployReg.log Size (bytes): 89 ASCII text, with CRLF line terminators Entropy (8bit): D589BE DDF4D6FF4019F D19A1744B B537DC07A75C48579B 884C F670A84E0655FE3965B3F3A58DBF2FFE414910A614011FAB4415A 297D38D362DA A4E4F545383B9FE969BA858D4AF17DE0037FE761DF2B354AE9F D4F4CDA D74B206B2A443FD6AC71BE1D210B1ECB69D67 Copyright Joe Security LLC 2018 Page 10 of 27

11 C:\Users\HERBBL~1\AppData\Local\Temp\JavaDeployReg.log C:\Users\HERBBL~1\AppData\Local\Temp\~DF0A0C81AABF007B0B.TMP FoxPro FPT, blocks size 258, next free block index Size (bytes): Entropy (8bit): CECFC4AD133B5D24CF816BD18848F 4BFB932A5D629A8C3F1E0EEC406BE467CF8DC06F E4DF70619FD78E82B329EB C117FB747CAB3166D5066BD64B1B6E CE13A389C4BF7EB57DF69FD8907CD8BE1799CAC3C7E0601ABFB6F93E44EA93F88A00A32B9CE0C7BF4 B96731E74282A7C0DB3AF8B505EF1B38AC89858 C:\Users\HERBBL~1\AppData\Local\Temp\~DF16B83427B7BA99A6.TMP FoxPro FPT, blocks size 258, next free block index Size (bytes): Entropy (8bit): AE8C73D1EC535DA11A4A0AA146FCDB 6A3B8584D3A1E309B6631DFFD451A8E4ED3EA C8412FE8C67A5EAC8313D5A69F6DD820A927DDC61C A026B AEC0C2F2E58EFAE3C8D47E98079AAC59C78866C227C096414D180A8ECC07E5E5C0D377B414E6C75F1A9 47D19E696E673CD7224DD3D8D0B297A05487C9 C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\57C8EDB95DF3F0AD4EE2DC2B8CFD4157 Size (bytes): 6509 Entropy (8bit): Microsoft Cabinet archive data, 6509 bytes, 1 file 33B39E2A516EF730A8FA922894F0FBD5 03D455583DDA59215D945AF76AF6293B202F586F 9446E8F2056FEA3AC1365A809ADA C396F72FFE42FD1B781C24CBA 75763AA13B43EB96294B0F84E E06FB79F4AF4F35D020ED0ADD9D8D1B42FE7EC2C6340AC8E08B 182F83469D813087C321C878F96970C C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_BEB37ABADF B E0 4 data Size (bytes): 471 Entropy (8bit): F0210FCA CC216A E2 D10B86C6F353C30D98B55BFCAADD40E7D493397C 397AD878DB2D20AFD65BA634252E B089E1C9526BD D1221F9 C5CA0CE0D36CB0716ECC6E37F96C261EF4E992C6C6B03D7EF703252D5494DE7AAFB222089C8BEC0A52ECD39D CF B994898E994C7D29C8C513BB690DA C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_D9817BD AD517DA data Size (bytes): 471 Entropy (8bit): Copyright Joe Security LLC 2018 Page 11 of 27

12 C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_D9817BD AD517DA B888F6ACEDF622DFC0182A8197CCE4 F96CB2A18EDEAF9CB9755EDCF5ED77ADDDA02F32 C0DCF3DF26FEA5DD85A9429DE3A8F1AF2BC34FD092A21A951CE08EDE2B44C9EA B96343B16789B2E97AA678E14F73F72FB8C28841CF93F0B2C63E2ED9CE53255F5BBD8EBA101405FEDBD2 CDA0969AFD5DC254F22DF179E50BD5E6F208E9 C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\82CB34DD3343FE727DF8890D352E0D8F data Size (bytes): 4405 Entropy (8bit): F49D05A12DAF7DC1437D8CCDB188A74 CC31C730E0CB60FF D781AD8F1F8DB788F B6CAF30D26C9B F0E345C3C5F343AE0D4378DE4FEECB0E9E5D9DA27C16 956F073E850CC D01450C632CDCA0CE7B449221FF81DA4C278785D1F1933A85C43FE97994CC7C67EBB 70E177ADA752BFDE76A88D061C7B047FB548C C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157 data Size (bytes): 342 Entropy (8bit): B1BCDF013C9720DD3D1DB748F1A53ED5 3988A55B3D1813D2E7093B F7612E172C DB26BDABA1F0531EBE22D2A554D35217A25BDB5CE79EF9E1BEA028B5BC AD5A37FE4F5B19E46376F46B5E061C AE3246DA5C493442B9574EF93D6EDD8A80B6CFE32 B5BEB8093F08A9DBC6DE82F27016D6BF30B63 C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_BEB37ABADF B E04 data Size (bytes): 434 Entropy (8bit): DA927E1B04BBE F9E94A2C6F E4ABD91172ED C88B4580C722B D6069F1FDF401B53930A2A7A405CCD5AEC1A43CB128414ECBD8AFCDE3EA9F C475380CDD54CF5E7DCD5CC1FCD73866D45B7A186CBC8E299A88EF973F7CDF9C063E19D01C1EDE4CEDD3E2A D53CB694EA58EE097F891E12A5AC8DCC2B2C2F054 C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_D9817BD AD517DA data Size (bytes): 876 Entropy (8bit): DF6629A88E230D1E2AD25A80B29069 BAC1F8EF654AA4E9E10821B6AAFF5F3F16FF AC22E88CFCFADE CA A433FF64A24A98387A4F4D8753 DA094AA6B6F6ABC7987BC5A74255FFAE219E6267CA2D4B3FC1F8C6B95B31DF9AB5201D28BA466E99E6A18FCF3 9D71D04C80677BF329A352FB4D77957EFA9D4AA Copyright Joe Security LLC 2018 Page 12 of 27

13 C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\82CB34DD3343FE727DF8890D352E0D8F data Size (bytes): 226 Entropy (8bit): C1AA183B5BF69C78902AEE08012B93 954F7FAA8C45B B47D514229E7B05B7A1 26E4AEB9A5B04428E138D55E0C F96471C1CF55B52171E8E9A A4C4AD1543FDE82BA1C4C955A1F27B1ADE3E181A76A9D4C FE30F8F9F2E1A E C0E9439A C0338FC7447DC736E2D C:\Users\user\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D f-A0FF-E1416B8B2E3A}.ico Size (bytes): 237 Entropy (8bit): PNG image data, 16 x 16, 4-bit colormap, non-interlaced 9FB559A E77D F6541 EA13848D33C2C7F4F4BAA39348AEB1DBFAD3DF31 6D8A01DC7647BC218D003B58FE04049E24A B7E0CEBAE76EDF85B8B914 0E CD123BE8A20B87D9A3AAF5CB05249DE7F8286FF99D3FA35FC7AF7A9D9797DD6EFB6D1E722147DCF B74437DE D0009D452FB96A8ECE236B C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DomainSuggestions\en-US.1 data Size (bytes): Entropy (8bit): A34CB996293FDE2CB7A4AC A 3C96C D1A77873CD62BC639B3A10653F C6A5377CBC07EECE33790CFC70572E12C7A48AD8296BE25C0CC805A1F384DBAD E1B7D F E70F68B1BE6FD0CA65DCCF4FF D44278D3A77F704AEDFF59D2DBC0D56A6 09B2590C8EC0DD6BC48AB30F1DAD0C07A0A3EE C:\Users\user\AppData\Local\Microsoft\Internet Explorer\IECompatData\iecompatdata.xml Size (bytes): Entropy (8bit): XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators 16322F071B1F7C6B655CFAA5B8C A FFC029F764C E1AFC AE56B12A7B8C83531A978F87BDA1C47E4D332BCB3689D6F6D30E7B3BCE822D2C 8B86F84E25697DD2FD0ED8097B2AC4C526F602F1D477CE9961DFFDE3B F73FC37FBA3E92ECF55CB CECEF86D52CD392C1D60B33260D5BA4543 C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{05755D E8-B7AC-B2C276BF9C88}.dat Size (bytes): Microsoft Word Document Entropy (8bit): A101C4B1611D11A4254E806E32CA4E34 D1D340D14452C4970A1DA457E818C9D241AE DF451B14BBF482E9B9452ABC747536A49000E FF9DEE2AA6D64 C6460C3F0BAE5720FDE27C7BD2AA0F1563D43A32F662C5764F57F0834E1FD14F4EDC644C13B98E6BA922C3DA F7C38DF5F71CDE8B4A6642BA354C13 Copyright Joe Security LLC 2018 Page 13 of 27

14 C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{05755D E8-B7AC-B2C276BF9C88}.dat C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{05755D E8-B7AC-B2C276BF9C88}.dat Size (bytes): Microsoft Word Document Entropy (8bit): AFD987B F54CE4766C1F78F5A A34B31A1E6838B5379DF24E266B8B6B5F5E01C86 C577F7EA6E426D6A286A0E7F3F95541FCCB6CCC7DEE108FA934D062FA671B931 40D0B4FE34D2565C0A4050DE4711CA77C0FF1078C DE74E1428B5C5DFC9ACE38B905412E06BDABBFD20 2A B2A5C83A657F32F3C F3C C:\Users\user\AppData\Local\Microsoft\Internet Explorer\VersionManager\ver9AD6.tmp Size (bytes): Entropy (8bit): XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators 095C72688DE7D90E6526DC0D8878F3F6 A1CAE182FB7E86C74FB5467C0014B2A27472BE DA E9B4B0D245C5B7E1FAC1242A087DED44EAF3B792E4A231E AB7FD229A6F532AE11E4CCEB01F823810B33D5C740BC9F290C79646C422AFFC27DDB8476C931D6E4A9686EED9 70E219B6CEBBF68F9A12B6C629B6816CDE1615C C:\Users\user\AppData\Local\Microsoft\Internet Explorer\VersionManager\verA778.tmp Size (bytes): Entropy (8bit): XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators 095C72688DE7D90E6526DC0D8878F3F6 A1CAE182FB7E86C74FB5467C0014B2A27472BE DA E9B4B0D245C5B7E1FAC1242A087DED44EAF3B792E4A231E AB7FD229A6F532AE11E4CCEB01F823810B33D5C740BC9F290C79646C422AFFC27DDB8476C931D6E4A9686EED97 0E219B6CEBBF68F9A12B6C629B6816CDE1615C C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0316J1PS\urlblockindex[1].bin Size (bytes): 16 Entropy (8bit): data FA518E3DFAE8CA3A0E495460FD60C791 E4F30E D37267C0162FD4A C C4B4E5F883F9FD5A278E61C471B3EE B6D129499AA7 D21667F3FB081D39B579178E74E9BB1B6E9A97F C165729A58F1787DC0ADADD980CD026C7A601D416665A 81AC13A69E49A6A2FE2FDD AA645C07 C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0TZNT9WD\iecompatviewlist[1].xml XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators Size (bytes): Entropy (8bit): CE5A2E8A386F7070BAA6799FB7C39E0D Copyright Joe Security LLC 2018 Page 14 of 27

15 C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0TZNT9WD\iecompatviewlist[1].xml 70AE543F05CABCD2FBED9C95BF03182A C0654B0B4367B3A082D00BCECD1DB365D6A3D7B8747F0B059EB4D016E0D F54676DE8A245CB847D3337BA7C0136B9D773FDA9BEF52C5C156C8C4F4F212DE46796F08F F2FA1 6436E831E9E369BA0A6513EC6DFFD C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0TZNT9WD\load[1].js Size (bytes): Entropy (8bit): UTF-8 Unicode (with BOM) text, with very long lines, with no line terminators 6908D699634A7E96CF070F861D F9F38460BB2BF28F49434EEFDB7781AB2DAE89 AA77B76AB3993CF45BA2B9AFEE0BECE D51D11CB82606F17EDD9DBABA 32CDEE829AA6F636C155832B6F49A FEA38DAE4322FCC58E17F6B89BB65F1B2CCD18DF7AEAD362EE934 CCE2DFDE80E65EEF D06F876BB4B1AFF0 C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0TZNT9WD\suggestions[1].en-US data Size (bytes): Entropy (8bit): A34CB996293FDE2CB7A4AC A 3C96C D1A77873CD62BC639B3A10653F C6A5377CBC07EECE33790CFC70572E12C7A48AD8296BE25C0CC805A1F384DBAD E1B7D F E70F68B1BE6FD0CA65DCCF4FF D44278D3A77F704AEDFF59D2DBC0D56A6 9B2590C8EC0DD6BC48AB30F1DAD0C07A0A3EE C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\77PTX9DT\favicon[1].ico Size (bytes): 237 Entropy (8bit): PNG image data, 16 x 16, 4-bit colormap, non-interlaced 9FB559A E77D F6541 EA13848D33C2C7F4F4BAA39348AEB1DBFAD3DF31 6D8A01DC7647BC218D003B58FE04049E24A B7E0CEBAE76EDF85B8B914 0E CD123BE8A20B87D9A3AAF5CB05249DE7F8286FF99D3FA35FC7AF7A9D9797DD6EFB6D1E722147DCF B74437DE D0009D452FB96A8ECE236B C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\77PTX9DT\load.js.4r0gkfz.partial Size (bytes): Entropy (8bit): UTF-8 Unicode (with BOM) text, with very long lines, with no line terminators 6908D699634A7E96CF070F861D F9F38460BB2BF28F49434EEFDB7781AB2DAE89 AA77B76AB3993CF45BA2B9AFEE0BECE D51D11CB82606F17EDD9DBABA 32CDEE829AA6F636C155832B6F49A FEA38DAE4322FCC58E17F6B89BB65F1B2CCD18DF7AEAD362EE934 CCE2DFDE80E65EEF D06F876BB4B1AFF0 C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\77PTX9DT\load.js.4r0gkfz.partial:Zone.Identifier ASCII text, with CRLF line terminators Copyright Joe Security LLC 2018 Page 15 of 27

16 C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\77PTX9DT\load.js.4r0gkfz.partial:Zone.Identifier Size (bytes): 26 Entropy (8bit): FBCCF14D504B7B2DBCB5A5BDA75BD93B D59FC84CDD5217C6CF F78DA6B582B EACD09517CE90D34BA562171D15AC40D302F0E691B439F91BE1B6406E25F5913 AA1D2B1EA3C9DE3CCADB319D4E3E3276A2F27DD1A5244FE72DE2B6F94083DDDC C5C2E53F803CD9E 3973DDEFC68966F974E124307B5043E654443B98 C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\77PTX9DT\load.js:Zone.Identifier Size (bytes): 1 Entropy (8bit): 0.0 very short file (no magic) ECCBC87E4B5CE2FE28308FD9F2A7BAF3 77DE68DAECD823BABBB58EDB1C8E14D7106E83BB 4E BEDB8B60CE05C1DECFE3AD16B DE01F640B7E4729B49FCE 3BAFBF08882A2D A1B8433F50563B93C14ACD05B79028EB1D A66C276A E26C43B739BC65C4E16B10C3AF6C202AEBB \samr Size (bytes): 116 Entropy (8bit): Hitachi SH big-endian COFF object, not stripped 080E701E8B8E2E9C68203C150AC7C6B7 4EF B805758AE1D3B122F9D FE129AE2A7C F6F51091E6E512C9FEACA1042A1E9DB914C651FEB344D C11D88B8E355B7B922B B693F75BA4C2A62F9137A15842CA82F9B6B3ED13059EDC0DF1C04E7DE43719 D892B4C0D22BB67BE0D57EAB368BA1BC057E79 Contacted Domains/Contacted IPs Contacted Domains Name IP Active Malicious Antivirus Detection Reputation true 0%, virustotal, Browse high Contacted IPs Copyright Joe Security LLC 2018 Page 16 of 27

17 No. of IPs < 25% 25% < No. of IPs < 50% 50% < No. of IPs < 75% 75% < No. of IPs IP Country Flag ASN ASN Name Malicious South Africa webafricaza Static File Info No static file info Network Behavior Network Port Distribution Total Packets: (HTTP) 53 (DNS) TCP Packets Timestamp Port Dest Port IP Dest IP May 11, :48: CEST May 11, :48: CEST Copyright Joe Security LLC 2018 Page 17 of 27

18 Timestamp Port Dest Port IP Dest IP May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST Copyright Joe Security LLC 2018 Page 18 of 27

19 Timestamp Port Dest Port IP Dest IP May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST Copyright Joe Security LLC 2018 Page 19 of 27

20 Timestamp Port Dest Port IP Dest IP May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST Copyright Joe Security LLC 2018 Page 20 of 27

21 Timestamp Port Dest Port IP Dest IP May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST Copyright Joe Security LLC 2018 Page 21 of 27

22 Timestamp Port Dest Port IP Dest IP May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :49: CEST May 11, :49: CEST May 11, :49: CEST May 11, :49: CEST May 11, :49: CEST May 11, :49: CEST May 11, :49: CEST May 11, :49: CEST May 11, :49: CEST May 11, :49: CEST May 11, :49: CEST May 11, :49: CEST May 11, :49: CEST May 11, :49: CEST May 11, :49: CEST May 11, :49: CEST May 11, :49: CEST May 11, :49: CEST May 11, :49: CEST May 11, :50: CEST UDP Packets Timestamp Port Dest Port IP Dest IP May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST Copyright Joe Security LLC 2018 Page 22 of 27

23 Timestamp Port Dest Port IP Dest IP May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :48: CEST May 11, :49: CEST May 11, :49: CEST May 11, :49: CEST May 11, :49: CEST May 11, :49: CEST May 11, :49: CEST May 11, :49: CEST May 11, :49: CEST May 11, :49: CEST May 11, :49: CEST May 11, :49: CEST May 11, :49: CEST DNS Queries Timestamp IP Dest IP Trans ID OP Code Name Type Class May 11, :48: CEST x63b9 Standard query (0) A (IP address) IN (0x0001) DNS Answers Timestamp IP Dest IP Trans ID Replay Code Name CName Address Type Class May 11, x63b9 No error (0) 15:48: CEST A (IP address) IN (0x0001) HTTP Request Dependency Graph HTTP Packets Session ID IP Port Destination IP Destination Port Process Timestamp kbytes transferred Direction Data Copyright Joe Security LLC 2018 Page 23 of 27

24 Timestamp kbytes transferred Direction Data May 11, :48: CEST 38 OUT GET /virtualtour/mahogany/javascript/load.js HTTP/1.1 Accept: text/html, application/xhtml+xml, */* Accept-Language: en-us User-Agent: Mozilla/5.0 (Windows NT 6.1; Trident/7.0; rv:11.0) like Gecko Accept-Encoding: gzip, deflate Host: DNT: 1 Connection: Keep-Alive May 11, :48: CEST 39 IN HTTP/ OK Date: Fri, 11 May :48:29 GMT Server: Apache Last-Modified: Tue, 22 Nov :04:57 GMT Accept-Ranges: bytes Content-Length: Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: application/javascript Data Raw: ef bb bf c e f 6e c 61 2c 63 2c 6b 2c 65 2c b 65 3d e f 6e b e c 61 3f a e f b d e f e 67 2e f 6d f b a 63 2e 74 6f e d 3b e c f 5e 2f 2c e b c d 2d 29 7b 64 5b d 3d 6b 5b 63 5d 7c 7c d 6b 3d 5b e f 6e b e b 65 5d 7d 5d 3b 65 3d e f 6e b e 27 5c 5c 77 2b 27 7d 3b 63 3d 31 7d 3b c d 2d 29 7b b 5b 63 5d 29 7b 70 3d 70 2 e c e c 5c b b 27 5c 5c c c 6b 5b 63 5d 29 7d 7d e d d 7b 6a 65 3a b c a 7b 65 6e 3a 22 6e c 63 6e 3a 22 e5 8a a0 e8 bd bd e4 b8 ad 2e 2e 2e 22 2c 6a 70 3a 22 e8 aa ad e3 81 bf e8 be bc e3 81 bf e4 b8 ad e2 80 a6 22 7d 2c a 7b 65 6e 3a 22 6e c c 63 6e 3a 22 e8 bd bd e5 85 a5 e8 b5 84 e6 ba c 6a 70 3a 22 e3 83 aa e3 82 bd e3 83 bc e3 82 b9 e e3 82 a1 e3 82 a4 e3 83 ab e8 aa ad e3 81 bf e8 be bc e3 81 bf e4 b8 ad e2 80 a6 22 7d 2c a 7b 65 6e 3a a a 6d b 62 2e 22 2c 63 6e 3a 22 e6 9c ac e6 bc ab e6 b8 b8 e5 b7 b2 e7 bb 8f e8 bf 87 e6 9c 9f ef bc 8c e8 af b7 e e7 b3 bb e5 88 b6 e4 bd 9c e5 8d 95 e4 bd 8d c 6a 70 3a 22 e e3 83 bc e e3 83 a3 e3 83 ab e e3 82 a2 e3 83 bc e3 81 af e6 9c 9f e e e9 81 8e e3 81 8e e3 81 be e e3 81 a6 e e8 a3 bd e4 bd 9c e e3 81 ab e e9 80 a3 e7 b5 a1 e3 81 8f e3 81 a0 e e d 2c 7a 50 3a 7b 65 6e 3a a a 6d 20 4a 42 5c a 45 2e 22 2c 63 6e 3a 22 e6 9c ac e6 bc ab e6 b8 b8 e8 a2 ab e e5 88 b6 e4 b8 8d e8 83 bd e6 92 ad e6 94 be ef bc 8c e8 af b7 e e7 b3 bb e5 88 b6 e4 bd 9c e5 8d 95 e4 bd 8d c 6a 70 3a 22 e e3 83 bc e e3 83 a3 e3 83 ab e e3 82 a2 e3 83 bc e3 81 af e5 88 b6 e e e3 82 8c e3 81 be e e3 81 a6 e e8 a3 bd e4 bd 9c e e3 81 ab e e9 80 a3 e7 b5 a1 e3 81 8f e3 81 a0 e e d 2c 4a 78 3a 7b 65 6e 3a 22 4a a 4e 20 4a c 63 6e 3a 22 e6 8f 90 e7 a4 ba ef bc 9a e6 9c ac e6 bc ab e6 b8 b8 e5 8f af e4 bb a5 e7 a6 bb e7 ba bf e6 b5 8f e8 a7 88 e4 ba c 6a 70 3a 22 e3 82 aa e e3 83 a9 e3 82 a4 e3 83 b3 e9 96 b2 e8 a6 a7 e3 81 af e5 8f af e8 83 bd e3 81 ab e3 81 aa e3 82 8a e3 81 be e e3 81 9f 22 7d 2c 7a 41 3a 7b 65 6e 3a f a a 6d 2c c a 4b 20 6f c a 4d c 61 2e 22 2c 63 6e 3a 22 e8 a7 82 e7 9c 8 b e6 a0 bc e5 bc 8f e7 9a 84 e6 bc ab e6 b8 b8 ef bc 8c e9 a1 bb e6 94 af e6 8c c e c 77 e6 92 ad e6 94 be e6 a8 a1 e5 bc 8f 22 2c 6a 70 3a 22 e e5 88 a9 e7 94 a8 e3 81 ae e e3 83 a9 e3 82 a6 e3 82 b6 e3 83 bc e3 81 af 4c 39 e3 81 8b 73 4d e e3 83 ac e3 83 bc e3 83 a4 e e5 af be e5 bf 9c e e3 81 be e3 81 9b e d 2c 4c 38 3a 7b 65 6e 3a 22 4c a c 32 2e 20 6e 36 2e 2e 2e 2e 2e 2e 22 2c 63 6e 3a 22 e6 8b bc e5 91 bd e5 8a a0 e8 bd Data Ascii: eval(function(p,a,c,k,e,d){e=function(c){return(c<a?'':e(parseint(c/a)))+((c=c%a)>35?string.fromcharcode(c+2 9):c.toString(36))};if(!''.replace(/^/,String)){while(c--){d[e(c)]=k[c] e(c)}k=[function(e){return d[e]}];e=function(){return'\\w +'};c=1};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('f 4q={je:"EA(K8)",ic:{en:"n6 ",cn:"... ",jp:""},bv:{en:"n6 lt",cn:"",jp:""},a3:{en:"wi j4 jm is Kb.",cn:"!",jp:""},zP:{en:"wI j4 jm JB\'t be JE.",cn:"!",jp:""},Jx:{en:"Jr is JN JH",cn:"",jp:""},zA:{en:"To 1I yw j4 jm, xl 3D JK or lw JM be La.",cn:"ywxL 3D lw",jp:"l9sm"},l8:{en:"l3 1q zp L2. n6.....",cn:" Code Manipulations Statistics Behavior iexplore.exe iexplore.exe ssvagent.exe Copyright Joe Security LLC 2018 Page 24 of 27

Similar documents

ID: Cookbook: browseurl.jbs Time: 11:59:06 Date: 14/05/2018 Version:

ID: Cookbook: browseurl.jbs Time: 11:59:06 Date: 14/05/2018 Version: ID: 5945 Cookbook: browseurl.jbs Time: 11:59:06 Date: 14/05/201 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis

More information

ID: Cookbook: browseurl.jbs Time: 20:27:59 Date: 16/03/2018 Version:

ID: Cookbook: browseurl.jbs Time: 20:27:59 Date: 16/03/2018 Version: ID: 50646 Cookbook: browseurl.jbs Time: 20:27:59 Date: 16/03/201 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis

More information

ID: Cookbook: browseurl.jbs Time: 13:46:19 Date: 09/05/2018 Version:

ID: Cookbook: browseurl.jbs Time: 13:46:19 Date: 09/05/2018 Version: ID: 5702 Cookbook: browseurl.jbs Time: 13:46:19 Date: 09/05/201 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis

More information

ID: Cookbook: browseurl.jbs Time: 12:58:02 Date: 02/04/2018 Version:

ID: Cookbook: browseurl.jbs Time: 12:58:02 Date: 02/04/2018 Version: ID: 5253 Cookbook: browseurl.jbs Time: 12:5:02 Date: 02/04/201 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis

More information

ID: Cookbook: browseurl.jbs Time: 07:02:50 Date: 27/03/2018 Version:

ID: Cookbook: browseurl.jbs Time: 07:02:50 Date: 27/03/2018 Version: ID: 51900 Cookbook: browseurl.jbs Time: 07:02:50 Date: 27/03/2018 Version: 22.0.0 Table of Contents Analysis Report Overview General Information Detection Confidence Classification Signature Overview Networking:

More information

ID: Cookbook: browseurl.jbs Time: 16:56:06 Date: 13/02/2018 Version:

ID: Cookbook: browseurl.jbs Time: 16:56:06 Date: 13/02/2018 Version: ID: 46296 Cookbook: browseurl.jbs Time: 16:56:06 Date: 13/02/2018 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis

More information

ID: Cookbook: browseurl.jbs Time: 13:10:41 Date: 01/04/2018 Version:

ID: Cookbook: browseurl.jbs Time: 13:10:41 Date: 01/04/2018 Version: ID: 52775 Cookbook: browseurl.jbs Time: 13:10:41 Date: 01/04/201 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis

More information

ID: Cookbook: browseurl.jbs Time: 16:58:45 Date: 04/06/2018 Version:

ID: Cookbook: browseurl.jbs Time: 16:58:45 Date: 04/06/2018 Version: ID: 62529 Cookbook: browseurl.jbs Time: 16:58:45 Date: 04/06/2018 Version: 22.0.0 Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis Advice Signature

More information

ID: Cookbook: browseurl.jbs Time: 10:12:02 Date: 15/01/2018 Version:

ID: Cookbook: browseurl.jbs Time: 10:12:02 Date: 15/01/2018 Version: ID: 42670 Cookbook: browseurl.jbs Time: 10:12:02 Date: 15/01/2018 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis

More information

ID: Cookbook: browseurl.jbs Time: 15:46:38 Date: 29/03/2018 Version:

ID: Cookbook: browseurl.jbs Time: 15:46:38 Date: 29/03/2018 Version: ID: 52374 Cookbook: browseurl.jbs Time: 15:46:3 Date: 29/03/201 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis

More information

ID: Cookbook: browseurl.jbs Time: 17:39:02 Date: 22/03/2018 Version:

ID: Cookbook: browseurl.jbs Time: 17:39:02 Date: 22/03/2018 Version: ID: 5139 Cookbook: browseurl.jbs Time: 17:39:02 Date: 22/03/201 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis

More information

ID: Cookbook: browseurl.jbs Time: 18:05:31 Date: 26/12/2017 Version:

ID: Cookbook: browseurl.jbs Time: 18:05:31 Date: 26/12/2017 Version: ID: 41000 Cookbook: browseurl.jbs Time: 1:05:31 Date: 26/12/2017 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis

More information

ID: Cookbook: browseurl.jbs Time: 20:56:26 Date: 03/07/2018 Version:

ID: Cookbook: browseurl.jbs Time: 20:56:26 Date: 03/07/2018 Version: ID: 66665 Cookbook: browseurl.jbs Time: 20:56:26 Date: 03/07/2018 Version: 23.0.0 Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis Advice Signature

More information

ID: Cookbook: browseurl.jbs Time: 14:46:55 Date: 31/08/2018 Version:

ID: Cookbook: browseurl.jbs Time: 14:46:55 Date: 31/08/2018 Version: ID: 74919 Cookbook: browseurl.jbs Time: 14:46:55 Date: 31/08/2018 Version: 23.0.0 Table of Contents Table of Contents Analysis Report http://tiny.cc/34aqxy Overview General Information Detection Confidence

More information

ID: Cookbook: browseurl.jbs Time: 22:12:09 Date: 17/11/2017 Version:

ID: Cookbook: browseurl.jbs Time: 22:12:09 Date: 17/11/2017 Version: ID: 37366 Cookbook: browseurl.jbs Time: 22:12:09 Date: 17/11/2017 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis

More information

ID: Cookbook: browseurl.jbs Time: 15:48:15 Date: 29/03/2018 Version:

ID: Cookbook: browseurl.jbs Time: 15:48:15 Date: 29/03/2018 Version: ID: 52376 Cookbook: browseurl.jbs Time: 15:4:15 Date: 29/03/201 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis

More information

ID: Cookbook: browseurl.jbs Time: 19:37:50 Date: 11/05/2018 Version:

ID: Cookbook: browseurl.jbs Time: 19:37:50 Date: 11/05/2018 Version: ID: 59176 Cookbook: browseurl.jbs Time: 19:37:50 Date: 11/05/2018 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis

More information

ID: Cookbook: browseurl.jbs Time: 20:04:11 Date: 14/06/2018 Version:

ID: Cookbook: browseurl.jbs Time: 20:04:11 Date: 14/06/2018 Version: ID: 64085 Cookbook: browseurl.jbs Time: 20:04:11 Date: 14/06/2018 Version: 22.0.0 Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis Advice Signature

More information

ID: Cookbook: urldownload.jbs Time: 19:58:34 Date: 02/05/2018 Version:

ID: Cookbook: urldownload.jbs Time: 19:58:34 Date: 02/05/2018 Version: ID: 57706 Cookbook: urldownload.jbs Time: 19:5:34 Date: 02/05/201 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis

More information

ID: Cookbook: browseurl.jbs Time: 13:47:53 Date: 16/02/2018 Version:

ID: Cookbook: browseurl.jbs Time: 13:47:53 Date: 16/02/2018 Version: ID: 46703 Cookbook: browseurl.jbs Time: 13:47:53 Date: 16/02/2018 Version: 21.0.0 Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis Advice Signature

More information

ID: Cookbook: browseurl.jbs Time: 18:10:52 Date: 18/05/2018 Version:

ID: Cookbook: browseurl.jbs Time: 18:10:52 Date: 18/05/2018 Version: ID: 60306 Cookbook: browseurl.jbs Time: 18:10:52 Date: 18/05/2018 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis

More information

ID: Cookbook: urldownload.jbs Time: 20:31:22 Date: 09/08/2018 Version:

ID: Cookbook: urldownload.jbs Time: 20:31:22 Date: 09/08/2018 Version: ID: 153 Cookbook: urldownload.jbs Time: 20:31:22 Date: 09/0/201 Version: 23.0.0 Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis Advice Signature

More information

ID: Cookbook: browseurl.jbs Time: 20:07:02 Date: 11/07/2018 Version:

ID: Cookbook: browseurl.jbs Time: 20:07:02 Date: 11/07/2018 Version: ID: 67658 Cookbook: browseurl.jbs Time: 20:07:02 Date: 11/07/2018 Version: 23.0.0 Table of Contents Analysis Report Overview Information Detection Confidence Classification Analysis Advice Signature Overview

More information

ID: Cookbook: urldownload.jbs Time: 18:48:38 Date: 19/06/2018 Version:

ID: Cookbook: urldownload.jbs Time: 18:48:38 Date: 19/06/2018 Version: ID: 64646 Cookbook: urldownload.jbs Time: 1:4:3 Date: 19/06/201 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Signature

More information

ID: Cookbook: browseurl.jbs Time: 14:05:23 Date: 30/07/2018 Version:

ID: Cookbook: browseurl.jbs Time: 14:05:23 Date: 30/07/2018 Version: ID: 70096 Cookbook: browseurl.jbs Time: 14:05:23 Date: 30/07/2018 Version: 23.0.0 Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis Advice Signature

More information

ID: Cookbook: browseurl.jbs Time: 18:45:10 Date: 08/10/2018 Version: Fire Opal

ID: Cookbook: browseurl.jbs Time: 18:45:10 Date: 08/10/2018 Version: Fire Opal ID: 82913 Cookbook: browseurl.jbs Time: 18:45:10 Date: 08/10/2018 Version: 24.0.0 Fire Opal Table of Contents Table of Contents Analysis Report http://www.learningtoolkit.club Overview General Information

More information

ID: Cookbook: browseurl.jbs Time: 00:12:30 Date: 24/03/2018 Version:

ID: Cookbook: browseurl.jbs Time: 00:12:30 Date: 24/03/2018 Version: ID: 51630 Cookbook: browseurl.jbs Time: 00:12:30 Date: 24/03/2018 Version: 22.0.0 Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis Advice Signature

More information

ID: Cookbook: urldownload.jbs Time: 20:09:25 Date: 13/06/2018 Version:

ID: Cookbook: urldownload.jbs Time: 20:09:25 Date: 13/06/2018 Version: ID: 3923 Cookbook: urldownload.jbs Time: 20:09:25 Date: 13/0/201 Version: 22.0.0 Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis Advice Signature

More information

ID: Cookbook: browseurl.jbs Time: 00:46:14 Date: 03/07/2018 Version:

ID: Cookbook: browseurl.jbs Time: 00:46:14 Date: 03/07/2018 Version: ID: 66523 Cookbook: browseurl.jbs Time: 00:46:14 Date: 03/07/2018 Version: 23.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis

More information

ID: Cookbook: urldownload.jbs Time: 22:46:20 Date: 19/02/2018 Version:

ID: Cookbook: urldownload.jbs Time: 22:46:20 Date: 19/02/2018 Version: ID: 4706 Cookbook: urldownload.jbs Time: 22:46:20 Date: 1/02/201 Version: 21.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Signature

More information

ID: Cookbook: browseurl.jbs Time: 14:54:22 Date: 05/09/2018 Version:

ID: Cookbook: browseurl.jbs Time: 14:54:22 Date: 05/09/2018 Version: ID: 75522 Cookbook: browseurl.jbs Time: 14:54:22 Date: 05/09/2018 Version: 23.0.0 Table of Contents Table of Contents 2 Analysis Report http://www.springdwnld2.com/download/? d=0&h=1&pnid=4&domain=hmapsanddrivingdirection.com&implementation_id=maps_spt_&source=g-ccc7-lp0-

More information

ID: Cookbook: urldownload.jbs Time: 08:25:02 Date: 29/10/2018 Version: Fire Opal

ID: Cookbook: urldownload.jbs Time: 08:25:02 Date: 29/10/2018 Version: Fire Opal ID: Cookbook: urldownload.jbs Time: 0:25:02 Date: 29//201 Version: 24.0.0 Fire Opal Table of Contents Table of Contents Analysis Report http://15.1..14/neko.sh Overview General Information Detection Confidence

More information

ID: Cookbook: browseurl.jbs Time: 15:26:33 Date: 16/03/2018 Version:

ID: Cookbook: browseurl.jbs Time: 15:26:33 Date: 16/03/2018 Version: ID: 50608 Cookbook: browseurl.jbs Time: 15:26:33 Date: 16/03/2018 Version: 22.0.0 Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis Advice Signature

More information

ID: Cookbook: browseurl.jbs Time: 20:07:43 Date: 27/09/2018 Version:

ID: Cookbook: browseurl.jbs Time: 20:07:43 Date: 27/09/2018 Version: ID: 80599 Cookbook: browseurl.jbs Time: 20:07:43 Date: 27/09/2018 Version: 23.0.0 Table of Contents Table of Contents Analysis Report http://www.qbproadvisorshelp.com Overview General Information Detection

More information

ID: Sample Name: maintools.js Cookbook: default.jbs Time: 15:43:35 Date: 17/02/2018 Version:

ID: Sample Name: maintools.js Cookbook: default.jbs Time: 15:43:35 Date: 17/02/2018 Version: ID: 48 Sample Name: maintools.js Cookbook: default.jbs Time: 1:43:3 Date: 1/02/2018 Version: 21.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence

More information

ID: Cookbook: urldownload.jbs Time: 23:23:00 Date: 11/01/2018 Version:

ID: Cookbook: urldownload.jbs Time: 23:23:00 Date: 11/01/2018 Version: ID: 42417 Cookbook: urldownload.jbs Time: 23:23:00 Date: 11/01/201 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Signature

More information

ID: Cookbook: urldownload.jbs Time: 21:28:55 Date: 28/06/2018 Version:

ID: Cookbook: urldownload.jbs Time: 21:28:55 Date: 28/06/2018 Version: ID: 6600 Cookbook: urldownload.jbs Time: 21:2:55 Date: 2/06/201 Version: 23.0.0 Table of Contents Analysis Report Overview General Information Detection Confidence Classification Signature Overview Networking:

More information

ID: Sample Name: MobaXterm_installer.dat Cookbook: default.jbs Time: 18:29:43 Date: 25/05/2018 Version:

ID: Sample Name: MobaXterm_installer.dat Cookbook: default.jbs Time: 18:29:43 Date: 25/05/2018 Version: ID: 1259 Sample Name: MobaXterm_installer.dat Cookbook: default.jbs Time: 1:29:43 Date: 25/05/201 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection

More information

ID: Cookbook: urldownload.jbs Time: 02:55:04 Date: 01/02/2018 Version:

ID: Cookbook: urldownload.jbs Time: 02:55:04 Date: 01/02/2018 Version: ID: 4441 Cookbook: urldownload.jbs Time: 02:55:04 Date: 01/02/201 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Signature

More information

ID: Sample Name: 21PO jpg...js Cookbook: default.jbs Time: 14:32:06 Date: 21/11/2017 Version:

ID: Sample Name: 21PO jpg...js Cookbook: default.jbs Time: 14:32:06 Date: 21/11/2017 Version: ID: 371 Sample Name: 21PO201745.jpg...js Cookbook: default.jbs Time: 14:32:0 Date: 21/11/2017 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview Information Detection Confidence

More information

ID: Cookbook: urldownload.jbs Time: 11:39:45 Date: 07/04/2018 Version:

ID: Cookbook: urldownload.jbs Time: 11:39:45 Date: 07/04/2018 Version: ID: 53619 Cookbook: urldownload.jbs Time: 11:39:45 Date: 07/04/2018 Version: 22.0.0 Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis Advice Signature

More information

ID: Cookbook: urldownload.jbs Time: 16:41:45 Date: 23/06/2018 Version:

ID: Cookbook: urldownload.jbs Time: 16:41:45 Date: 23/06/2018 Version: ID: 52 Cookbook: urldownload.jbs Time: 1:41:45 Date: 23/0/201 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Signature

More information

ID: Cookbook: urldownload.jbs Time: 19:53:36 Date: 07/03/2018 Version:

ID: Cookbook: urldownload.jbs Time: 19:53:36 Date: 07/03/2018 Version: ID: 49 Cookbook: urldownload.jbs Time: 19:: Date: 0/0/201 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis Advice

More information

ID: Sample Name: image002 Cookbook: default.jbs Time: 18:19:28 Date: 18/05/2018 Version:

ID: Sample Name: image002 Cookbook: default.jbs Time: 18:19:28 Date: 18/05/2018 Version: ID: 0309 Sample Name: image002 Cookbook: default.jbs Time: 1:19:2 Date: 1/05/201 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification

More information

ID: Cookbook: browseurl.jbs Time: 23:36:16 Date: 10/04/2018 Version:

ID: Cookbook: browseurl.jbs Time: 23:36:16 Date: 10/04/2018 Version: ID: 54075 Cookbook: browseurl.jbs Time: 23:36:16 Date: 10/04/2018 Version: 22.0.0 Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis Advice Signature

More information

ID: Sample Name: fly.jse Cookbook: default.jbs Time: 18:17:26 Date: 11/11/2017 Version:

ID: Sample Name: fly.jse Cookbook: default.jbs Time: 18:17:26 Date: 11/11/2017 Version: ID: 371 Sample Name: fly.jse Cookbook: default.jbs Time: 1:17:2 Date: 11/11/2017 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview Information Detection Confidence Classification

More information

ID: Sample Name: js.jar Cookbook: defaultwindowsfilecookbook.jbs Time: 10:01:15 Date: 26/09/2018 Version:

ID: Sample Name: js.jar Cookbook: defaultwindowsfilecookbook.jbs Time: 10:01:15 Date: 26/09/2018 Version: ID: 80115 Sample Name: js.jar Cookbook: defaultwindowsfilecookbook.jbs Time: 10:01:15 Date: 26/09/2018 Version: 23.0.0 Table of Contents Table of Contents Analysis Report js.jar Overview General Information

More information

ID: Sample Name: test.txt Cookbook: default.jbs Time: 13:18:36 Date: 31/03/2018 Version:

ID: Sample Name: test.txt Cookbook: default.jbs Time: 13:18:36 Date: 31/03/2018 Version: ID: 5250 Sample Name: test.txt Cookbook: default.jbs Time: 13:18:3 Date: 31/03/2018 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence

More information

ID: Cookbook: browseurl.jbs Time: 19:21:50 Date: 15/10/2017 Version:

ID: Cookbook: browseurl.jbs Time: 19:21:50 Date: 15/10/2017 Version: ID: 34266 Cookbook: browseurl.jbs Time: 19:21:50 Date: 15/10/2017 Version: 20.0.0 Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis Advice Signature

More information

ID: Cookbook: urldownload.jbs Time: 22:26:00 Date: 30/12/2017 Version:

ID: Cookbook: urldownload.jbs Time: 22:26:00 Date: 30/12/2017 Version: ID: 41304 Cookbook: urldownload.jbs Time: 22:26:00 Date: 30/12/2017 Version: 20.0.0 Table of Contents Analysis Report Overview General Information Detection Confidence Classification Signature Overview

More information

ID: Sample Name: ff2c8cadaa0fd8da6138cce6fce37e001f53a5d9ceccd67945b15ae273f4d751.evaljs.js Cookbook: default.jbs Time: 16:44:00 Date:

ID: Sample Name: ff2c8cadaa0fd8da6138cce6fce37e001f53a5d9ceccd67945b15ae273f4d751.evaljs.js Cookbook: default.jbs Time: 16:44:00 Date: ID: 33355 Sample Name: ff2c8cadaa0fd8da138ccefce3e001f53a5dceccd45b15ae23f4d51.evaljs.js Cookbook: default.jbs Time: 1:44:00 Date: 04//201 Version: 20.0.0 Table of Contents Table of Contents Analysis Report

More information

ID: Sample Name: FsQHOWXph8.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 20:31:13 Date: 16/03/2018 Version:

ID: Sample Name: FsQHOWXph8.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 20:31:13 Date: 16/03/2018 Version: ID: 50648 Sample Name: FsQHOWXph8.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 20:31: Date: 16/03/2018 Version: 22.0.0 Table of Contents Analysis Report Overview Information Detection Confidence

More information

ID: Sample Name: scan00.html Cookbook: default.jbs Time: 22:21:27 Date: 16/12/2017 Version:

ID: Sample Name: scan00.html Cookbook: default.jbs Time: 22:21:27 Date: 16/12/2017 Version: ID: 40269 Sample Name: scan00.html Cookbook: default.jbs Time: 22:21:27 Date: 16/12/2017 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence

More information

ID: Sample Name: Dxd1yOZMU1.bin Cookbook: defaultwindowsofficecookbook.jbs Time: 09:43:59 Date: 21/10/2017 Version:

ID: Sample Name: Dxd1yOZMU1.bin Cookbook: defaultwindowsofficecookbook.jbs Time: 09:43:59 Date: 21/10/2017 Version: ID: 34788 Sample Name: Dxd1yOZMU1.bin Cookbook: defaultwindowsofficecookbook.jbs Time: 0:43:5 Date: 21/10/2017 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information

More information

ID: Sample Name: testfiletestfile.txt Cookbook: default.jbs Time: 15:24:30 Date: 06/07/2018 Version:

ID: Sample Name: testfiletestfile.txt Cookbook: default.jbs Time: 15:24:30 Date: 06/07/2018 Version: ID: 6045 Sample Name: testfiletestfile.txt Cookbook: default.jbs Time: 15:24:30 Date: 06/0/201 Version: 23.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection

More information

ID: Cookbook: urldownload.jbs Time: 20:47:24 Date: 09/12/2017 Version:

ID: Cookbook: urldownload.jbs Time: 20:47:24 Date: 09/12/2017 Version: ID: 0 Cookbook: urldownload.jbs Time: 20:4:24 Date: 0/12/201 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis

More information

ID: Sample Name: quzpecasrh Cookbook: default.jbs Time: 16:55:54 Date: 07/10/2017 Version:

ID: Sample Name: quzpecasrh Cookbook: default.jbs Time: 16:55:54 Date: 07/10/2017 Version: ID: 3393 Sample Name: quzpecasrh Cookbook: default.jbs Time: 1:55:54 Date: 0//201 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification

More information

ID: Sample Name: test.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 18:57:54 Date: 12/04/2018 Version:

ID: Sample Name: test.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 18:57:54 Date: 12/04/2018 Version: ID: 54427 Sample Name: test.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 18:57:54 Date: /04/2018 Version: 22.0.0 Table of Contents Analysis Report Overview Information Detection Confidence Classification

More information

ID: Sample Name: Serial.txt Cookbook: default.jbs Time: 02:59:20 Date: 07/05/2018 Version:

ID: Sample Name: Serial.txt Cookbook: default.jbs Time: 02:59:20 Date: 07/05/2018 Version: ID: 58133 Sample Name: Serial.txt Cookbook: default.jbs Time: 02:5:20 Date: 0/05/2018 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence

More information

ID: Sample Name: SSI Set Details.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 01:14:07 Date: 13/04/2018 Version: 22.0.

ID: Sample Name: SSI Set Details.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 01:14:07 Date: 13/04/2018 Version: 22.0. ID: 54478 Sample Name: SSI Set Details.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 01:14:07 Date: /04/2018 Version: 22.0.0 Table of Contents Analysis Report Overview Information Detection Confidence

More information

ID: Sample Name: Payment_Remittance#.xps Cookbook: defaultwindowsofficecookbook.jbs Time: 01:35:46 Date: 20/09/2018 Version: 23.0.

ID: Sample Name: Payment_Remittance#.xps Cookbook: defaultwindowsofficecookbook.jbs Time: 01:35:46 Date: 20/09/2018 Version: 23.0. ID: 25 Sample Name: Payment_Remittance#.xps Cookbook: defaultwindowsofficecookbook.jbs Time: 01:35:4 Date: 20/09/201 Version: 23.0.0 Table of Contents Table of Contents Analysis Report Payment_Remittance#.xps

More information

ID: Sample Name: text_0.txt Cookbook: default.jbs Time: 16:20:15 Date: 12/01/2018 Version:

ID: Sample Name: text_0.txt Cookbook: default.jbs Time: 16:20:15 Date: 12/01/2018 Version: ID: 4253 Sample Name: text_0.txt Cookbook: default.jbs Time: 1:20:15 Date: 12/01/2018 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence

More information

ID: Sample Name: tesseract-ocrsetup exe. Cookbook: default.jbs Time: 16:44:15 Date: 12/02/2018 Version:

ID: Sample Name: tesseract-ocrsetup exe. Cookbook: default.jbs Time: 16:44:15 Date: 12/02/2018 Version: ID: 46161 Sample Name: tesseract-ocrsetup-3.05.01.exe Cookbook: default.jbs Time: 16:44:15 Date: 12/02/2018 Version: 20.0.0 Table of Contents Analysis Report Overview General Information Detection Confidence

More information

ID: Sample Name: MSM- 24_Supply_List RU_518.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 17:15:48 Date: 19/06/2018 Version: 22.0.

ID: Sample Name: MSM- 24_Supply_List RU_518.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 17:15:48 Date: 19/06/2018 Version: 22.0. ID: 64635 Sample Name: MSM- 24_Supply_List RU_518.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 17::48 Date: 1/06/2018 Version: 22.0.0 Table of Contents Analysis Report Overview Information Detection

More information

ID: Sample Name: E DA5e8a0c01b.txt Cookbook: default.jbs Time: 15:35:01 Date: 18/04/2018 Version:

ID: Sample Name: E DA5e8a0c01b.txt Cookbook: default.jbs Time: 15:35:01 Date: 18/04/2018 Version: ID: 55401 Sample Name: E203182DA5e8a0c01b.txt Cookbook: default.jbs Time: 15:35:01 Date: 18/04/2018 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection

More information

ID: Sample Name: FD-1 Phase Out Notice.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 14:36:29 Date: 04/05/2018 Version: 22.0.

ID: Sample Name: FD-1 Phase Out Notice.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 14:36:29 Date: 04/05/2018 Version: 22.0. ID: 5762 Sample Name: FD-1 Phase Out Notice.doc Cookbook: defaultwindowsofficecookbook.jbs Time: :36:2 Date: 04/05/2018 Version: 22.0.0 Table of Contents Analysis Report Overview Information Detection

More information

ID: Sample Name: Coss, Daniel.vcf Cookbook: default.jbs Time: 15:16:47 Date: 21/06/2018 Version:

ID: Sample Name: Coss, Daniel.vcf Cookbook: default.jbs Time: 15:16:47 Date: 21/06/2018 Version: ID: 6467 Sample Name: Coss, Daniel.vcf Cookbook: default.jbs Time: 15:16:47 Date: 21/06/201 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence

More information

ID: Sample Name: dronefly.apk Cookbook: default.jbs Time: 10:24:54 Date: 07/06/2018 Version:

ID: Sample Name: dronefly.apk Cookbook: default.jbs Time: 10:24:54 Date: 07/06/2018 Version: ID: 001 Sample Name: dronefly.apk Cookbook: default.jbs Time: 10:24:4 Date: 0/0/201 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence

More information

ID: Sample Name: lt.pak Cookbook: default.jbs Time: 12:40:34 Date: 26/07/2018 Version:

ID: Sample Name: lt.pak Cookbook: default.jbs Time: 12:40:34 Date: 26/07/2018 Version: ID: 90 Sample Name: lt.pak Cookbook: default.jbs Time: 12:40:4 Date: 2/0/201 Version: 2.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification

More information

ID: Sample Name: Luxus.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 10:22:08 Date: 09/01/2018 Version:

ID: Sample Name: Luxus.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 10:22:08 Date: 09/01/2018 Version: ID: 42035 Sample Name: Luxus.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 10:22:08 Date: 09/01/2018 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview Information Detection

More information

ID: Sample Name: MobaXterm_installer_10.5.msi Cookbook: defaultwindowsmsicookbook.jbs Time: 18:29:36 Date: 25/05/2018 Version: 22.0.

ID: Sample Name: MobaXterm_installer_10.5.msi Cookbook: defaultwindowsmsicookbook.jbs Time: 18:29:36 Date: 25/05/2018 Version: 22.0. ID: 61258 Sample Name: MobaXterm_installer_10.5.msi Cookbook: defaultwindowsmsicookbook.jbs Time: 18:29:36 Date: 25/05/2018 Version: 22.0.0 Table of Contents Analysis Report Overview Information Detection

More information

ID: Sample Name: TO_HM_CROWN PR#U0130NCE MOHAMMED B#U0130N SALMAN - Dear Prime Minister.doc Cookbook: defaultwindowsofficecookbook.

ID: Sample Name: TO_HM_CROWN PR#U0130NCE MOHAMMED B#U0130N SALMAN - Dear Prime Minister.doc Cookbook: defaultwindowsofficecookbook. ID: 63341 Sample Name: TO_HM_CROWN PR#U0130NCE MOHAMMED B#U0130N SALMAN - Dear Prime Minister.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 08:43:14 Date: 10/06/2018 Version: 22.0.0 Table of Contents

More information

ID: Cookbook: browseurl.jbs Time: 09:46:57 Date: 19/10/2018 Version: Fire Opal

ID: Cookbook: browseurl.jbs Time: 09:46:57 Date: 19/10/2018 Version: Fire Opal ID: 85066 Cookbook: browseurl.jbs Time: 09:46:57 Date: 19/10/2018 Version: 24.0.0 Fire Opal Table of Contents Table of Contents Analysis Report http://lux-motors.com/nnngg/nngbbgh/fffee Overview General

More information

ID: Cookbook: urldownload.jbs Time: 16:10:39 Date: 07/12/2017 Version:

ID: Cookbook: urldownload.jbs Time: 16:10:39 Date: 07/12/2017 Version: ID: 94 Cookbook: urldownload.jbs Time: 1:10:9 Date: 0/12/201 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Signature

More information

ID: Sample Name: test Cookbook: default.jbs Time: 09:46:13 Date: 21/05/2018 Version:

ID: Sample Name: test Cookbook: default.jbs Time: 09:46:13 Date: 21/05/2018 Version: ID: 042 Sample Name: test Cookbook: default.jbs Time: 09:4:1 Date: 21/0/201 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification

More information

ID: Sample Name: MacKeeper.dmg Cookbook: default.jbs Time: 11:09:32 Date: 02/06/2018 Version:

ID: Sample Name: MacKeeper.dmg Cookbook: default.jbs Time: 11:09:32 Date: 02/06/2018 Version: ID: 22 Sample Name: MacKeeper.dmg Cookbook: default.jbs Time: 11:0:2 Date: 02/0/201 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence

More information

ID: Cookbook: browseurl.jbs Time: 14:02:12 Date: 23/11/2018 Version: Fire Opal

ID: Cookbook: browseurl.jbs Time: 14:02:12 Date: 23/11/2018 Version: Fire Opal ID: 92832 Cookbook: browseurl.jbs Time: 14:02:12 Date: 23/11/2018 Version: 24.0.0 Fire Opal Table of Contents Table of Contents Analysis Report http://www.winsupport.ml Overview Information Detection Confidence

More information

ID: Sample Name: Swift details.xls Cookbook: defaultwindowsofficecookbook.jbs Time: 17:14:48 Date: 21/06/2018 Version: 22.0.

ID: Sample Name: Swift details.xls Cookbook: defaultwindowsofficecookbook.jbs Time: 17:14:48 Date: 21/06/2018 Version: 22.0. ID: 64992 Sample Name: Swift details.xls Cookbook: defaultwindowsofficecookbook.jbs Time: 17::48 Date: 21/06/2018 Version: 22.0.0 Table of Contents Analysis Report Overview Information Detection Confidence

More information

ID: Sample Name: NEW ORDER LIST.jar Cookbook: default.jbs Time: 10:19:47 Date: 19/02/2018 Version:

ID: Sample Name: NEW ORDER LIST.jar Cookbook: default.jbs Time: 10:19:47 Date: 19/02/2018 Version: ID: 47020 Sample Name: NEW ORDER LIST.jar Cookbook: default.jbs Time: :19:47 Date: 19/02/201 Version: 21.0.0 Table of Contents Table of Contents Analysis Report Overview Information Detection Confidence

More information

ID: Cookbook: browseurl.jbs Time: 15:35:36 Date: 03/11/2017 Version:

ID: Cookbook: browseurl.jbs Time: 15:35:36 Date: 03/11/2017 Version: ID: 35980 Cookbook: browseurl.jbs Time: 15:35:36 Date: 03/11/2017 Version: 20.0.0 Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis Advice Signature

More information

ID: Sample Name: DOCS.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 16:07:38 Date: 06/02/2018 Version:

ID: Sample Name: DOCS.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 16:07:38 Date: 06/02/2018 Version: ID: 45263 Sample Name: DOCS.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 16:07:38 Date: 06/02/2018 Version: 20.0.0 Table of Contents Analysis Report Overview Information Detection Confidence Classification

More information

ID: Sample Name: Commercial Card Services CTO Quality Control Checklist v9.docm Cookbook: defaultwindowsofficecookbook.jbs Time: 15:55:50 Date:

ID: Sample Name: Commercial Card Services CTO Quality Control Checklist v9.docm Cookbook: defaultwindowsofficecookbook.jbs Time: 15:55:50 Date: ID: 244 Sample Name: Commercial Card Services CTO Quality Control Checklist v9.docm Cookbook: defaultwindowsofficecookbook.jbs Time: 15:55:50 Date: 05/10/201 Version: 24.0.0 Fire Opal Table of Contents

More information

ID: Sample Name: dialog.nvp Cookbook: default.jbs Time: 00:09:12 Date: 10/05/2018 Version:

ID: Sample Name: dialog.nvp Cookbook: default.jbs Time: 00:09:12 Date: 10/05/2018 Version: ID: 09 Sample Name: dialog.nvp Cookbook: default.jbs Time: 00:09:12 Date: 10/0/201 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence

More information

ID: Sample Name: Liste_az.docx Cookbook: defaultwindowsofficecookbook.jbs Time: 00:17:54 Date: 30/12/2017 Version:

ID: Sample Name: Liste_az.docx Cookbook: defaultwindowsofficecookbook.jbs Time: 00:17:54 Date: 30/12/2017 Version: ID: 41280 Sample Name: Liste_az.docx Cookbook: defaultwindowsofficecookbook.jbs Time: 00:17:54 Date: 30/12/2017 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview Information

More information

ID: Sample Name: Commercial Card Services CTO Quality Control Checklist v9.docm Cookbook: defaultwindowsofficecookbook.jbs Time: 15:52:31 Date:

ID: Sample Name: Commercial Card Services CTO Quality Control Checklist v9.docm Cookbook: defaultwindowsofficecookbook.jbs Time: 15:52:31 Date: ID: 244 Sample Name: Commercial Card Services CTO Quality Control Checklist v9.docm Cookbook: defaultwindowsofficecookbook.jbs Time: 15:52:31 Date: 05/10/201 Version: 24.0.0 Fire Opal Table of Contents

More information

ID: Cookbook: browseurl.jbs Time: 23:19:26 Date: 20/08/2018 Version:

ID: Cookbook: browseurl.jbs Time: 23:19:26 Date: 20/08/2018 Version: ID: 73278 Cookbook: browseurl.jbs Time: 23:19:26 Date: 20/08/2018 Version: 23.0.0 Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis Advice Signature

More information

ID: Sample Name: 5GeZNwROcB.bin Cookbook: default.jbs Time: 15:22:54 Date: 30/11/2017 Version:

ID: Sample Name: 5GeZNwROcB.bin Cookbook: default.jbs Time: 15:22:54 Date: 30/11/2017 Version: ID: 82 Sample Name: GeZNwROcB.bin Cookbook: default.jbs Time: 1:22:4 Date: 0/11/201 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence

More information

ID: Sample Name: 11#Ucb#Uae#Uc4#Ube#Ue5#Ubb#UaafNOnOJTVYQ.exe Cookbook: default.jbs Time: 09:47:21 Date: 02/02/2018 Version: 20.0.

ID: Sample Name: 11#Ucb#Uae#Uc4#Ube#Ue5#Ubb#UaafNOnOJTVYQ.exe Cookbook: default.jbs Time: 09:47:21 Date: 02/02/2018 Version: 20.0. ID: 4457 Sample Name: #Ucb#Uae#Uc4#Ube#Ue5#Ubb#UaafNOnOJTVYQ.exe Cookbook: default.jbs Time: 09:47:21 Date: 02/02/201 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General

More information

ID: Sample Name: faktury_pdf.rar Cookbook: default.jbs Time: 12:24:33 Date: 15/12/2017 Version:

ID: Sample Name: faktury_pdf.rar Cookbook: default.jbs Time: 12:24:33 Date: 15/12/2017 Version: ID: 4019 Sample Name: faktury_pdf.rar Cookbook: default.jbs Time: 12:24: Date: 1/12/201 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence

More information

ID: Sample Name: modulecheck.js Cookbook: default.jbs Time: 17:46:31 Date: 01/02/2018 Version:

ID: Sample Name: modulecheck.js Cookbook: default.jbs Time: 17:46:31 Date: 01/02/2018 Version: ID: 44491 Sample Name: modulecheck.js Cookbook: default.jbs Time: 17:4:31 Date: 01/02/201 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence

More information

ID: Sample Name: vlaue.exe Cookbook: default.jbs Time: 18:54:49 Date: 26/01/2018 Version:

ID: Sample Name: vlaue.exe Cookbook: default.jbs Time: 18:54:49 Date: 26/01/2018 Version: ID: 44024 Sample Name: vlaue.exe Cookbook: default.jbs Time: 18:4:49 Date: 2/01/2018 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence

More information

ID: Sample Name: Unconfirmed crdownload Cookbook: default.jbs Time: 22:58:07 Date: 08/11/2017 Version:

ID: Sample Name: Unconfirmed crdownload Cookbook: default.jbs Time: 22:58:07 Date: 08/11/2017 Version: ID: 80 Sample Name: Unconfirmed.crdownload Cookbook: default.jbs Time: 22:8:0 Date: 08/11/201 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection

More information

ID: Sample Name: gpg4win exe.sig Cookbook: default.jbs Time: 21:44:31 Date: 02/02/2018 Version:

ID: Sample Name: gpg4win exe.sig Cookbook: default.jbs Time: 21:44:31 Date: 02/02/2018 Version: ID: Sample Name: gpgwin-.0..exe.sig Cookbook: default.jbs Time: 21::1 Date: 02/02/2018 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence

More information

ID: Sample Name:._k.php Cookbook: default.jbs Time: 05:41:18 Date: 25/04/2018 Version:

ID: Sample Name:._k.php Cookbook: default.jbs Time: 05:41:18 Date: 25/04/2018 Version: ID: 2 Sample Name:._k.php Cookbook: default.jbs Time: 0:41:1 Date: 2/04/201 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification

More information

ID: Sample Name: INDUSTRIAL.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 02:35:30 Date: 25/04/2018 Version: 22.0.

ID: Sample Name: INDUSTRIAL.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 02:35:30 Date: 25/04/2018 Version: 22.0. ID: 56519 Sample Name: 20180542 INDUSTRIAL.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 02:35:30 Date: 25/04/2018 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview Information

More information

ID: Sample Name: paint.net install.exe Cookbook: default.jbs Time: 00:46:01 Date: 01/12/2017 Version:

ID: Sample Name: paint.net install.exe Cookbook: default.jbs Time: 00:46:01 Date: 01/12/2017 Version: ID: 38812 Sample Name: paint.net.4.0.19.install.exe Cookbook: default.jbs Time: 00:46:01 Date: 01/12/2017 Version: 20.0.0 Table of Contents Analysis Report Overview General Information Detection Confidence

More information

ID: Sample Name: SSB SBV Daily Report - Logistics Template DEC '17 (8).xlsm Cookbook: defaultwindowsofficecookbook.jbs Time: 06:35:29 Date:

ID: Sample Name: SSB SBV Daily Report - Logistics Template DEC '17 (8).xlsm Cookbook: defaultwindowsofficecookbook.jbs Time: 06:35:29 Date: ID: 41310 Sample Name: SSB SBV Daily Report - Logistics Template DEC '17 (8).xlsm Cookbook: defaultwindowsofficecookbook.jbs Time: 06:35:29 Date: 31/12/2017 Version: 20.0.0 Table of Contents Analysis Report

More information

ID: Sample Name: wtf.bat Cookbook: default.jbs Time: 18:32:35 Date: 19/05/2018 Version:

ID: Sample Name: wtf.bat Cookbook: default.jbs Time: 18:32:35 Date: 19/05/2018 Version: ID: 6036 Sample Name: wtf.bat Cookbook: default.jbs Time: 1:32:35 Date: 19/05/201 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification

More information

ID: Sample Name: PO xls Cookbook: defaultwindowsofficecookbook.jbs Time: 03:13:36 Date: 08/01/2018 Version:

ID: Sample Name: PO xls Cookbook: defaultwindowsofficecookbook.jbs Time: 03:13:36 Date: 08/01/2018 Version: ID: 41861 Sample Name: PO65445465.xls Cookbook: defaultwindowsofficecookbook.jbs Time: 03::36 Date: 08/01/2018 Version: 20.0.0 Table of Contents Analysis Report Overview Information Detection Confidence

More information

ID: Sample Name: oq5wdjgk2r.exe Cookbook: default.jbs Time: 20:25:47 Date: 22/11/2017 Version:

ID: Sample Name: oq5wdjgk2r.exe Cookbook: default.jbs Time: 20:25:47 Date: 22/11/2017 Version: ID: 388 Sample Name: oq5wdjgk2r.exe Cookbook: default.jbs Time: 20:25:4 Date: 22/11/201 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence

More information
2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback