CTO-DTU-20200521-01A - COVID-19 IoCs.pdf

Status: finished

Submission Time: 2020-05-21 16:25:45 +02:00

Malicious

Comments

Details

Analysis ID:
232128
API (Web) ID:
360515
Analysis Started:

2020-05-21 16:31:20 +02:00
Analysis Finished:

2020-05-21 16:37:06 +02:00
MD5:
048e7b86eb7ee7afce1b35e3cbc64738
SHA1:
8edeec8cb402a476ed2c985bfcf17b2cebb0050e
SHA256:
45afc595af983781880bebf773559c12614d1e44aa282ba09f2622dabd9f0f6a
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
	Full Report Management Report IOC Report	malicious Score: 48	Error: Incomplete analysis, please check the report for detailed error information System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

Open Full Report

malicious

Score: 5/80

IPs

IP	Country	Detection
104.24.109.135	United States

Domains

Name	IP	Detection
maylnk.ml	104.24.108.135

URLs

Name	Detection
http://maylnk.ml/DBY/five/fre.phpRoot
http://maylnk.ml/DBY/five/fre.php
http://www.wikipedia.com/
Click to see the 6 hidden entries
http://www.amazon.com/
http://www.nytimes.com/
http://www.live.com/
http://www.reddit.com/
http://www.twitter.com/
http://www.youtube.com/

Dropped files

Name	File Type	Hashes
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20259167780\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\~DFF61DE5FC39039026.TMP	data	#
C:\Users\user\AppData\Local\Temp\~DFEC589F165BA7D3E6.TMP	data	#
Click to see the 28 hidden entries
C:\Users\user\AppData\Local\Temp\~DF14885E9D577C4C0E.TMP	data	#
C:\Users\user\AppData\Local\Temp\ArmUI.ini	Little-endian UTF-16 Unicode text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\AdobeARM.log	ASCII text, with CRLF, CR line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\bullet[1]	PNG image data, 15 x 15, 8-bit colormap, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\http_404[1]	HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\httpErrorPagesScripts[1]	UTF-8 Unicode (with BOM) text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\background_gradient[1]	JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1x800, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\ErrorPageTemplate[1]	UTF-8 Unicode (with BOM) text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\info_48[1]	PNG image data, 47 x 48, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\errorPageStrings[1]	UTF-8 Unicode (with BOM) text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\down[1]	PNG image data, 15 x 15, 8-bit colormap, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin8215062560\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20332743330\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Cache\data_1	data	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-8760897390\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-6757900\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-4759708130\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-21706820\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-18270793970\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-17529550060\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{84F6A0AB-9BBB-11EA-AADD-C25F135D3C65}.dat	Microsoft Word Document	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{7E6CEEE2-9BBB-11EA-AADD-C25F135D3C65}.dat	Microsoft Word Document	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{7E6CEEE0-9BBB-11EA-AADD-C25F135D3C65}.dat	Microsoft Word Document	#
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages-journal	data	#
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages	SQLite 3.x database, last written using SQLite version 3024000	#
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons\icon-200521233240Z-223.bmp	PC bitmap, Windows 3.x format, 107 x -152 x 32	#
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Visited Links	data	#
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG	ASCII text	#

CTO-DTU-20200521-01A - COVID-19 IoCs.pdf

Comments

Tags

Available tags:

Details

Joe Sandbox

Third Party Analysis Engines

IPs

Domains

URLs

Dropped files

CTO-DTU-20200521-01A - COVID-19 IoCs.pdf Options

Comments

Tags

Available tags:

Details

Joe Sandbox

Third Party Analysis Engines

IPs

Domains

URLs

Dropped files

Search started

CTO-DTU-20200521-01A - COVID-19 IoCs.pdf