Automated Malware Analysis Executive Report for https://covid-sheets-mirror.web.app - Generated by Joe Sandbox

General Information

Date:17.05.2020
Duration:0h 2m 33s
Sample URL:https://covid-sheets-mirror.web.app
Cookbook:browseurl.jbs
Icon:No Icon
Filetype:unknown

Detection

CLEAN

- Found 0 malicious signatures
- Contacts 3 domains/IPs
- Launches 2 processes
- Drops 16 files

Signature Overview

Loading... Additional Content is being loaded

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Classification

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Country	Flag	ASN	ASN Name	Malicious
151.101.1.195	United States		54113	unknown	false

Contacted Domains

Name	IP	Active
covid-sheets-mirror.web.app	151.101.1.195	true
favicon.ico	unknown	unknown

Name	Type	MD5	SHA1	SHA256
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{AFECBB40-9866-11EA-AADD-C25F135D3C65}.dat	Microsoft Word Document	E91D0EB19149AF5DCF843D872F292057	32D3FCCC8AEC1B60BEEE3C1143598CF965693EB4	A1FED3195A7C7AA471A3E717DDFCB9120D92A9AB1C9CBBAEF57A3C53795005F7
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{AFECBB42-9866-11EA-AADD-C25F135D3C65}.dat	Microsoft Word Document	1C07CDC6E85C0BB97F52CFE2930AE194	C3B001325CF17DC6DB44C52E665E23E8DB5A6CB4	2CA005138EAD022148B62902D5C3E8B82E37D0EC0B63A55CB6F6AA1B32B89D48
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{AFECBB43-9866-11EA-AADD-C25F135D3C65}.dat	Microsoft Word Document	215FBBE8BD0694E9664816F2DA974F11	DEC3DB9AEC845D579C5E1603A979676C5623E1F8	E40C391ED2903EC9D5C3B96FF4D43CF9B7D382F45B7CBC0CF5002EF0B0AE5D78
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-17529550060\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	F2D5A084B530010874D732063A45D425	F2C30B2128C5C03A81508910313759ED5ECF6BB2	35485117CB8A4A4B8246D41845B24613E9A9F0B8115B967CE4543726A2C35CE5
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-18270793970\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	5F8160B4E39BA89EB309501088C9973B	54390E6BAB69EF8F935177E2AD35BC954A2A618D	F4CA5F9DCD369D15C45686C0B4ED7BDE495903C9B001F8AA649F0F285D37ECD1
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-21706820\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	FAC9D56D64597E957970310A42568FC2	147928D8FE77C0F172898A5D5BDA1CA6D7D47AD5	8B4F82F423D29F00A0EFC4D210EFCD7026A31A43C7FB6FE68B687A7609B7C1D6
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-4759708130\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	B2D5A4F23C28BDEF45B3B681CB8289B1	CC63B268BE14F8F269094B10BFF9629EA93140F0	BE2682A34496118E49D31A2841F0859ABB8D8A69CE6D15BA017F5745A7C70AD8
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-6757900\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	DD3F9197B1DCFEFE40547D6C1B5CBC9D	A9420411B8E002349E23CB0D3594FA3C103EA7FA	BFAEF3D55FC43BC2FD3472BFB084692829B89464F2FBEA0A8980D6B1ABC0046A
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-8760897390\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	52119B4D215C8BAD7662BEFC5CE1E88D	092653191F729AF9CDDA53F5978A9C7723A7C290	89CA00BE91CB44CA2E8493BF6476F3B83715DEEFE54F8D86F414EB4172D1099C
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20259167780\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	2D3EC9EF5067425202E9DBB481F911CA	91D635D0A2A466BE07EE2851768C80B38E6AED6D	E5184ACD1ECFD8C3C1989BB2645055A5007CF60C7BB5CAAE1A681D85A0BD47E4
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20332743330\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	D19034EF0FA86511D80FFC2F97AB78F7	683C90E101EDAFA8EDE2A4ED1BEAFE1CB221D18B	35E11A03B9B87803BF25443AA99006D9723D14ACE92C97E549F141CE3851EE0F
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin8215062560\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	D8B1C9D3757847AAC8B506AE54D1EA42	EBD76040CD4470E5BDB4D94B868A9D1540225651	CE3DC80EC25A4752B76E49FE757A45B3AD8E32777BF4F2C692D16507CDA03FE2
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\6X5N4J9G.htm	HTML document, ASCII text, with CRLF line terminators	CA4061A139C209DD4AF9528B4B9EE895	D14FF75707DF7D8C672599B1005D3B6F728BE68B	2F96A05DEBBE4E482069B6405FC1D7CF9D8D1E7079A8B49B0220F6C3482566B0
C:\Users\user\AppData\Local\Temp\~DF301266EA2ECCB129.TMP	data	79936D0AD397D8A67D39689CCF284644	74A53D42D9D9592C1515B323EA84D47494398CBA	B2C6C128089C472125EE90D8B935F86A0098157DCADD4C955906C898BFE4ACA5
C:\Users\user\AppData\Local\Temp\~DF48DCC426396F21C1.TMP	data	8CFC9345FBA5CAE19B31F189C1D86C56	D3DCCCAA29879993F1DCBE59DC65A8FB253AE3CD	C751FD6E29F4492B7369235A5054D798FC44802A89E02D6690C4A53EB8107CCC
C:\Users\user\AppData\Local\Temp\~DFFA15A93B6260BE21.TMP	data	1F76B39AD2308966BA9697CF8A97645A	2702124E771626E00C77D42F16BE5DD10D640EC0	B8F8DEE2CCCF8AF865186E11C88C4F9797ABAE05DAF47606EE59807CB6E0A2B2

Networking:

System Summary: