General Information

  • Date:17.05.2020
  • Duration:0h 2m 33s
  • Sample URL:https://covid-sheets-mirror.web.app
  • Cookbook:browseurl.jbs
  • Icon:No Icon
  • Filetype:unknown

Detection

CLEAN
    • Found 0 malicious signatures
    • Contacts 3 domains/IPs
    • Launches 2 processes
    • Drops 16 files

Signature Overview

    Hide Legend

    Legend:

    • Process
    • Signature
    • Created File
    • DNS/IP Info
    • Is Dropped
    • Is Windows Process
    • Number of created Registry Values
    • Number of created Files
    • Visual Basic
    • Delphi
    • Java
    • .Net C# or VB.NET
    • C, C++ or other language
    • Is malicious
    • Internet
    behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 230857 URL: https://covid-sheets-mirror... Startdate: 17/05/2020 Architecture: WINDOWS Score: 0 11 favicon.ico 2->11 6 iexplore.exe 3 84 2->6         started        process3 process4 8 iexplore.exe 2 31 6->8         started        dnsIp5 13 covid-sheets-mirror.web.app 151.101.1.195, 443, 49745, 49746 unknown United States 8->13
    • No. of IPs < 25%
    • 25% < No. of IPs < 50%
    • 50% < No. of IPs < 75%
    • 75% < No. of IPs

    Contacted Public IPs

    IP Country Flag ASN ASN Name Malicious
    151.101.1.195
    United States
    54113 unknown false

    Contacted Domains

    Name IP Active
    covid-sheets-mirror.web.app 151.101.1.195 true
    favicon.ico unknown unknown