Analysis Report · CAPE Sandbox

Analysis Details

Category	Package	Started	Completed	Duration	Options	Logs
FILE	edge	2026-06-29 16:59:18	2026-06-29 16:59:36	18s
Reports	JSON

Options

vnc_port=5900

Analysis Log

2026-06-29 14:58:58,588 [root] INFO: Date set to: 20260629T16:59:22, timeout set to: 200
2026-06-29 16:59:22,387 [root] DEBUG: Starting analyzer from: C:\7d7wfxi0
2026-06-29 16:59:22,388 [root] DEBUG: Storing results at: C:\xUytmwVfoP
2026-06-29 16:59:22,389 [root] DEBUG: Pipe server name: \\.\PIPE\EcXQecBoz
2026-06-29 16:59:22,389 [root] DEBUG: Python path: C:\Users\Rajesh\AppData\Local\Programs\Python\Python314
2026-06-29 16:59:22,390 [root] INFO: analysis running as an admin
2026-06-29 16:59:22,390 [root] INFO: analysis package specified: "edge"
2026-06-29 16:59:22,391 [root] DEBUG: importing analysis package module: "modules.packages.edge"...
2026-06-29 16:59:22,396 [root] DEBUG: imported analysis package "edge"
2026-06-29 16:59:22,396 [root] DEBUG: initializing analysis package "edge"...
2026-06-29 16:59:22,413 [lib.common.common] INFO: no wrapping
2026-06-29 16:59:22,423 [lib.core.compound] INFO: C:\Users\Rajesh\AppData\Local\Temp already exists, skipping creation
2026-06-29 16:59:22,451 [root] DEBUG: New location of moved file: C:\Users\Rajesh\AppData\Local\Temp\philip website fixed.html
2026-06-29 16:59:22,452 [root] INFO: Analyzer: Package modules.packages.edge does not specify a dll option
2026-06-29 16:59:22,452 [root] INFO: Analyzer: Package modules.packages.edge does not specify a dll_64 option
2026-06-29 16:59:22,452 [root] INFO: Analyzer: Package modules.packages.edge does not specify a loader option
2026-06-29 16:59:22,452 [root] INFO: Analyzer: Package modules.packages.edge does not specify a loader_64 option
2026-06-29 16:59:22,470 [root] DEBUG: Imported auxiliary module "modules.auxiliary.browser"
2026-06-29 16:59:22,476 [root] DEBUG: Imported auxiliary module "modules.auxiliary.digisig"
2026-06-29 16:59:22,509 [root] DEBUG: Imported auxiliary module "modules.auxiliary.disguise"
2026-06-29 16:59:22,802 [root] DEBUG: Imported auxiliary module "modules.auxiliary.human"
2026-06-29 16:59:22,810 [lib.api.screenshot] DEBUG: Importing 'PIL.ImageChops'
2026-06-29 16:59:22,811 [lib.api.screenshot] ERROR: No module named 'PIL'
2026-06-29 16:59:22,812 [root] DEBUG: Imported auxiliary module "modules.auxiliary.screenshots"
2026-06-29 16:59:22,815 [root] DEBUG: Imported auxiliary module "modules.auxiliary.tlsdump"
2026-06-29 16:59:22,815 [root] DEBUG: Initialized auxiliary module "Browser"
2026-06-29 16:59:22,816 [root] DEBUG: attempting to configure 'Browser' from data
2026-06-29 16:59:22,817 [root] DEBUG: module Browser does not support data configuration, ignoring
2026-06-29 16:59:22,817 [root] DEBUG: Trying to start auxiliary module "modules.auxiliary.browser"...
2026-06-29 16:59:22,828 [root] DEBUG: Started auxiliary module modules.auxiliary.browser
2026-06-29 16:59:22,829 [root] DEBUG: Initialized auxiliary module "DigiSig"
2026-06-29 16:59:22,829 [root] DEBUG: attempting to configure 'DigiSig' from data
2026-06-29 16:59:22,829 [root] DEBUG: module DigiSig does not support data configuration, ignoring
2026-06-29 16:59:22,829 [root] DEBUG: Trying to start auxiliary module "modules.auxiliary.digisig"...
2026-06-29 16:59:22,830 [modules.auxiliary.digisig] DEBUG: Checking for a digital signature
2026-06-29 16:59:23,273 [modules.auxiliary.digisig] DEBUG: File has an invalid signature
2026-06-29 16:59:23,273 [modules.auxiliary.digisig] INFO: Uploading signature results to aux/DigiSig.json
2026-06-29 16:59:23,276 [root] DEBUG: Started auxiliary module modules.auxiliary.digisig
2026-06-29 16:59:23,276 [root] DEBUG: Initialized auxiliary module "Disguise"
2026-06-29 16:59:23,277 [root] DEBUG: attempting to configure 'Disguise' from data
2026-06-29 16:59:23,277 [root] DEBUG: module Disguise does not support data configuration, ignoring
2026-06-29 16:59:23,277 [root] DEBUG: Trying to start auxiliary module "modules.auxiliary.disguise"...
2026-06-29 16:59:23,283 [modules.auxiliary.disguise] INFO: Launched background process notepad.exe hidden (PID: 2264)
2026-06-29 16:59:23,288 [modules.auxiliary.disguise] INFO: Disguising GUID to 66c92be0-096a-4693-b2f4-39ea0ebbe16e
2026-06-29 16:59:23,288 [root] DEBUG: Started auxiliary module modules.auxiliary.disguise
2026-06-29 16:59:23,289 [root] DEBUG: Initialized auxiliary module "Human"
2026-06-29 16:59:23,289 [root] DEBUG: attempting to configure 'Human' from data
2026-06-29 16:59:23,290 [root] DEBUG: module Human does not support data configuration, ignoring
2026-06-29 16:59:23,290 [root] DEBUG: Trying to start auxiliary module "modules.auxiliary.human"...
2026-06-29 16:59:23,347 [root] DEBUG: Started auxiliary module modules.auxiliary.human
2026-06-29 16:59:23,347 [root] DEBUG: Initialized auxiliary module "Screenshots"
2026-06-29 16:59:23,347 [root] DEBUG: attempting to configure 'Screenshots' from data
2026-06-29 16:59:23,348 [root] DEBUG: module Screenshots does not support data configuration, ignoring
2026-06-29 16:59:23,348 [root] DEBUG: Trying to start auxiliary module "modules.auxiliary.screenshots"...
2026-06-29 16:59:23,355 [modules.auxiliary.screenshots] WARNING: Python Image Library is not installed, screenshots are disabled
2026-06-29 16:59:23,356 [root] DEBUG: Started auxiliary module modules.auxiliary.screenshots
2026-06-29 16:59:23,356 [root] DEBUG: Initialized auxiliary module "TLSDumpMasterSecrets"
2026-06-29 16:59:23,356 [root] DEBUG: attempting to configure 'TLSDumpMasterSecrets' from data
2026-06-29 16:59:23,356 [root] DEBUG: module TLSDumpMasterSecrets does not support data configuration, ignoring
2026-06-29 16:59:23,357 [root] DEBUG: Trying to start auxiliary module "modules.auxiliary.tlsdump"...
2026-06-29 16:59:23,358 [modules.auxiliary.tlsdump] WARNING: Unable to find lsass.exe process
2026-06-29 16:59:23,359 [root] DEBUG: Started auxiliary module modules.auxiliary.tlsdump
2026-06-29 16:59:29,271 [root] INFO: Restarting WMI Service
2026-06-29 16:59:31,401 [root] DEBUG: package modules.packages.edge does not support configure, ignoring
2026-06-29 16:59:31,403 [root] WARNING: configuration error for package modules.packages.edge: error importing data.packages.edge: No module named 'data.packages'
2026-06-29 16:59:31,404 [root] ERROR: You probably submitted the job with wrong package
Traceback (most recent call last):
  File "C:\7d7wfxi0/analyzer.py", line 688, in run
    pids = self.package.start(self.target)
  File "C:\7d7wfxi0\modules\packages\edge.py", line 14, in start
    edge = self.get_path("msedge.exe")
  File "C:\7d7wfxi0\lib\common\abstracts.py", line 142, in get_path
    raise CuckooPackageError(f"Unable to find any {application} executable")
lib.common.exceptions.CuckooPackageError: Unable to find any msedge.exe executable

The above exception was the direct cause of the following exception:

Traceback (most recent call last):
  File "C:\7d7wfxi0/analyzer.py", line 1598, in <module>
    success = analyzer.run()
  File "C:\7d7wfxi0/analyzer.py", line 692, in run
    raise CuckooError(f'The package "{self.package_name}" start function raised an error: {e}') from e
lib.common.exceptions.CuckooError: The package "modules.packages.edge" start function raised an error: Unable to find any msedge.exe executable
2026-06-29 16:59:31,513 [root] WARNING: Folder at path "C:\xUytmwVfoP\debugger" does not exist, skipping
2026-06-29 16:59:31,514 [root] WARNING: Folder at path "C:\xUytmwVfoP\tlsdump" does not exist, skipping
2026-06-29 16:59:31,514 [root] INFO: Analysis completed

Process Log

Pre-Script Log

During-Script Log

Machine Information

Name	Label	Manager	Started On	Shutdown On	Route
win10	win10	KVM	2026-06-29 16:59:18	2026-06-29 16:59:35	`internet`

File Details

File Information

File Name	philip website fixed.html
File Type	HTML document, ASCII text
File Size	771 bytes
MD5	0332a12a029770f3118f9f346bf46dfe
SHA1	c7efd61451c78ffd91b317cd325ccfb972675e5d
SHA256	076775d4cc29dcc6bfb09ffcfe5d423ebf13310c4aa17c9bf3ed8bd4f9eab0d2 VT MWDB Bazaar
SHA3-384	26749ffc9c66975cea7ab1994253035ca475698534ecdac0ca8a49b4042fe024fec7fbb200deb4073b97249375f09beb
CRC32	FD52D484
TLSH	T12F0120B7F094A5BB9E17F49EA807BAADC3817021A06655AC318C98C3F6C9F66C2420D1
Ssdeep	24:ZoEaGW3TgGeiVGnM8cBRdNQ8eAW9mCm8L:Zl9IWioM8AeAH8L

Tools: Extract: BinGraph Text

Extracted Text

<center><h1><u>The Philip Adams Website</u></h1>
<p>Click the word <a href='https://www.youtube.com/osfirsttimer'>YouTube</a> to visit the best thing on the YouTube website</p>
<h2><p>Check out this google logo</p></h2>
<a href='https://www.google.com.au/'><img src='https://www.google.com.au/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png'alt='Google'/>
</a><p><i>Click on the google logo to visit google website</i></p>

<table border="9>

<td bgcolor="red">Windows 95</td><td bgcolor="rainbow">Windows 98</td><td bgcolor="lightblue">Windows 2000<td bgcolor="yellow">Windows XP</td><td bgcolor="pink">Windows 8</td>
</table>

<MARQUEE WIDTH=460 HEIGHT=50>
Philip's silly website!!!
</MARQUEE>

<p><font size=9 face="Impact">Copyright Diana 2017</font></p>

Processing 0.51s

0.494s CAPE
0.01s AnalysisInfo
0.007s NetworkAnalysis
0.002s BehaviorAnalysis
0.001s Debug

Signatures 0.03s

0.006s ransomware_files
0.004s ransomware_extensions_known
0.002s antiav_detectreg
0.002s territorial_disputes_sigs
0.001s antianalysis_detectfile
0.001s antianalysis_detectreg
0.001s antiav_detectfile
0.001s antivm_vbox_files
0.001s browser_security
0.001s disables_backups
0.001s disables_browser_warn
0.001s infostealer_bitcoin
0.001s infostealer_ftp
0.001s infostealer_im
0.001s infostealer_mail
0.001s masquerade_process_name

Reporting 0.00s

0.001s JsonDump

Signatures

Sample contains empty HTML title

string		Empty HTML title

Screenshots

Hosts

Direct	IP	Country Name	ASN
Y	151.101.206.172 [VT]	unknown	-
Y	20.190.159.23 [VT]	unknown	-

No behavioral analysis data available.

Sorry! No strace.

Sorry! No tracee.

Hosts (0)
DNS (0)

Hosts

No hosts contacted.

TCP Connections

No TCP connections recorded.

UDP Connections

No UDP connections recorded.

DNS Requests

No domains contacted.

HTTP Requests

No HTTP(s) requests performed.

SMTP Traffic

No SMTP traffic performed.

IRC Traffic

No IRC requests performed.

ICMP Traffic

No ICMP traffic performed.

CIF Results

No CIF Results

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Suricata HTTP

No Suricata HTTP

Sorry! No Suricata Extracted files.

No dropped files found.

Sorry! No process dumps.

Analysis Details

Options

Analysis Log

Process Log

Pre-Script Log

During-Script Log

Machine Information

File Details

File Information

Extracted Text

Statistics 0.54s

Signatures

Screenshots

Hosts

Hosts

TCP Connections

UDP Connections

DNS Requests

HTTP Requests

SMTP Traffic

IRC Traffic

ICMP Traffic

CIF Results

Suricata Alerts

Suricata TLS

Suricata HTTP