flash

CTO-DTU-20200521-01A - COVID-19 IoCs.pdf

Status: finished
Submission Time: 21.05.2020 16:25:45
Malicious

Comments

Tags

Details

  • Analysis ID:
    232128
  • API (Web) ID:
    360515
  • Analysis Started:
    21.05.2020 16:31:20
  • Analysis Finished:
    21.05.2020 16:37:06
  • MD5:
    048e7b86eb7ee7afce1b35e3cbc64738
  • SHA1:
    8edeec8cb402a476ed2c985bfcf17b2cebb0050e
  • SHA256:
    45afc595af983781880bebf773559c12614d1e44aa282ba09f2622dabd9f0f6a
  • Technologies:
Full Report Engine Info Verdict Score Reports

Error: Incomplete analysis, please check the report for detailed error information
System: Windows 10 64 bit (version 1803) with Office 2016, Adobe Reader DC 19, Chrome 70, Firefox 63, Java 8.171, Flash 30.0.0.113

malicious
48/100

malicious
5/80

IPs

IP Country Detection
104.24.109.135
United States

Domains

Name IP Detection
maylnk.ml
104.24.108.135

URLs

Name Detection
http://maylnk.ml/DBY/five/fre.phpRoot
http://maylnk.ml/DBY/five/fre.php
http://www.wikipedia.com/
Click to see the 6 hidden entries
http://www.amazon.com/
http://www.nytimes.com/
http://www.live.com/
http://www.reddit.com/
http://www.twitter.com/
http://www.youtube.com/

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\info_48[1]
PNG image data, 47 x 48, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\ErrorPageTemplate[1]
UTF-8 Unicode (with BOM) text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\background_gradient[1]
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1x800, frames 3
#
Click to see the 28 hidden entries
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\httpErrorPagesScripts[1]
UTF-8 Unicode (with BOM) text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\http_404[1]
HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\bullet[1]
PNG image data, 15 x 15, 8-bit colormap, non-interlaced
#
C:\Users\user\AppData\Local\Temp\AdobeARM.log
ASCII text, with CRLF, CR line terminators
#
C:\Users\user\AppData\Local\Temp\ArmUI.ini
Little-endian UTF-16 Unicode text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Temp\~DF14885E9D577C4C0E.TMP
data
#
C:\Users\user\AppData\Local\Temp\~DFEC589F165BA7D3E6.TMP
data
#
C:\Users\user\AppData\Local\Temp\~DFF61DE5FC39039026.TMP
data
#
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Cache\data_1
data
#
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG
ASCII text
#
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Visited Links
data
#
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons\icon-200521233240Z-223.bmp
PC bitmap, Windows 3.x format, 107 x -152 x 32
#
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages
SQLite 3.x database, last written using SQLite version 3024000
#
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages-journal
data
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{7E6CEEE0-9BBB-11EA-AADD-C25F135D3C65}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{7E6CEEE2-9BBB-11EA-AADD-C25F135D3C65}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{84F6A0AB-9BBB-11EA-AADD-C25F135D3C65}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-17529550060\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-18270793970\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-21706820\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-4759708130\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-6757900\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-8760897390\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20259167780\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20332743330\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin8215062560\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\down[1]
PNG image data, 15 x 15, 8-bit colormap, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\errorPageStrings[1]
UTF-8 Unicode (with BOM) text, with CRLF line terminators
#