flash

Coronavirus_Informations.doc

Status: finished
Submission Time: 20.05.2020 19:27:16
Malicious
Exploiter
Evader

Comments

Tags

Details

  • Analysis ID:
    231880
  • API (Web) ID:
    360039
  • Analysis Started:
    20.05.2020 19:27:18
  • Analysis Finished:
    20.05.2020 19:43:29
  • MD5:
    76f3c60b0b43fae102429089bac9534c
  • SHA1:
    be29d54e1afaea92533f298d8dd7eefebe0f5142
  • SHA256:
    ef3c121f331152da56729bd8d2cf2ebb4179d23a90c211c85b2600d729e4b81a
  • Technologies:
Full Report Engine Info Verdict Score Reports

malicious

System: Windows 7 SP1 (with Office 2010 SP2, IE 11, FF 54, Chrome 60, Acrobat Reader DC 17, Java 8.0.1440.1, Flash 30.0.0.113)

malicious
100/100

malicious
30/61

malicious
23/48

IPs

IP Country Detection
54.36.91.62
France

Domains

Name IP Detection
scjtt.fr
54.36.91.62

URLs

Name Detection
https://scjtt.fr/pdf/test.exe
https://scjtt.fr/pdf/
https://aka.ms/dotnet-core-applaunch?
Click to see the 2 hidden entries
https://github.com/dotnet/corefx/issues/13607
https://aka.ms/dotnet-core-applaunch?framework=&framework_version=missing_runtime=true&arch=&rid=%c

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T2GREE77\test[1].exe
PE32 executable (GUI) Intel 80386, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.Diagnostics.TextWriterTraceListener.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.Diagnostics.Tools.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
Click to see the 97 hidden entries
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.Diagnostics.TraceSource.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.Diagnostics.Tracing.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.Drawing.Common.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.Drawing.Primitives.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.Drawing.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.Dynamic.Runtime.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.Globalization.Calendars.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.Globalization.Extensions.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.Globalization.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.IO.Compression.Brotli.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.IO.Compression.FileSystem.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.IO.Compression.ZipFile.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.IO.Compression.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.IO.FileSystem.AccessControl.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.IO.FileSystem.DriveInfo.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.IO.FileSystem.Primitives.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.IO.FileSystem.Watcher.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.IO.FileSystem.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.IO.IsolatedStorage.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.IO.MemoryMappedFiles.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.IO.Pipes.AccessControl.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.IO.Pipes.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.IO.UnmanagedMemoryStream.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.IO.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.Linq.Expressions.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.Linq.Parallel.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.Linq.Queryable.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.Linq.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.Memory.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.Net.Http.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.Net.HttpListener.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.Net.Mail.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.Net.NameResolution.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.Net.NetworkInformation.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.Net.Ping.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.Net.Primitives.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.Net.Requests.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.Net.Security.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.Net.ServicePoint.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.Net.Sockets.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.Net.WebClient.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.Net.WebHeaderCollection.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.Net.WebProxy.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.Net.WebSockets.Client.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.Net.WebSockets.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.Net.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.Numerics.Vectors.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.Numerics.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.ObjectModel.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.Private.CoreLib.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.Private.DataContractSerialization.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
Microsoft Cabinet archive data, 57243 bytes, 1 file
#
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E0F5C59F9FA661F6F4C50B87FEF3A15A
data
#
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
data
#
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E0F5C59F9FA661F6F4C50B87FEF3A15A
data
#
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\C83F6BF3.wmf
Targa image data - Map - RLE 65536 x 65536 x 0 "\004"
#
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\FAF64D58.wmf
Targa image data - Map - RLE 65536 x 65536 x 0 "\004"
#
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{7C41DF5F-2596-49C6-9EEA-E50E89D356AA}.tmp
data
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\API-MS-Win-core-xstate-l2-1-0.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\Commun.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\Microsoft.CSharp.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\Microsoft.CodeAnalysis.CSharp.Scripting.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\Microsoft.CodeAnalysis.CSharp.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\Microsoft.CodeAnalysis.Scripting.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\Microsoft.CodeAnalysis.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\Microsoft.DiaSymReader.Native.x86.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\Microsoft.VisualBasic.Core.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\Microsoft.VisualBasic.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\Microsoft.Win32.Primitives.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\Microsoft.Win32.Registry.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\Microsoft.Win32.SystemEvents.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\SOS_README.md
ASCII text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.AppContext.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.Buffers.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.Collections.Concurrent.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.Collections.Immutable.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.Collections.NonGeneric.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.Collections.Specialized.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.Collections.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.ComponentModel.Annotations.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.ComponentModel.DataAnnotations.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.ComponentModel.EventBasedAsync.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.ComponentModel.Primitives.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.ComponentModel.TypeConverter.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.ComponentModel.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.Configuration.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.Console.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.Core.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.Data.Common.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.Data.DataSetExtensions.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.Data.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.Diagnostics.Contracts.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.Diagnostics.Debug.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.Diagnostics.DiagnosticSource.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.Diagnostics.FileVersionInfo.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.Diagnostics.Process.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\.net\battery\94c\System.Diagnostics.StackTrace.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
#