top title background image
flash

New document 1.vbs

Status: finished
Submission Time: 2020-04-15 16:45:27 +02:00
Malicious
Evader

Comments

Tags

Details

  • Analysis ID:
    222760
  • API (Web) ID:
    342183
  • Analysis Started:
    2020-04-15 17:06:25 +02:00
  • Analysis Finished:
    2020-04-15 17:11:09 +02:00
  • MD5:
    178275dc6dcee8ec5a93dca4b13cbc80
  • SHA1:
    bbe5bc0886bb6035518fc89deb6687bf9d8ef8dd
  • SHA256:
    b8a2d5181b87d88392ce31d402641799d9c96d0dd7cdc50aee327a6bf009e6ba
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
malicious
Score: 60
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

IPs

IP Country Detection
104.171.122.125
United States

Domains

Name IP Detection
lic.jjlp.co.uk
104.171.122.125

URLs

Name Detection
https://lic.jjlp.co
https://lic.jjlp.co.uk/platform.html?id=405

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Platform.vbs
ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
data
#
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_odsram35.qkm.ps1
ASCII text, with no line terminators
#
Click to see the 2 hidden entries
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_qd3xtu4e.asd.psm1
ASCII text, with no line terminators
#
C:\Users\user\Documents\20200415\PowerShell_transcript.813848.rlo8QWkS.20200415170829.txt
UTF-8 Unicode (with BOM) text, with CRLF line terminators
#