Register Login

sloganpng

top title background image

http://fingahvf.top/advertisers.js

Status: finished

Submission Time: 2020-05-28 17:12:00 +02:00

Malicious

Comments

Tags

Details

Analysis ID:
233909
API (Web) ID:
363969
Analysis Started:

2020-05-28 17:12:01 +02:00
Analysis Finished:

2020-05-28 17:15:57 +02:00
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
	Full Report Management Report IOC Report	malicious Score: 56	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

Open Full Report

malicious

Score: 5/80

IPs

IP	Country	Detection
142.0.197.108	United States

Domains

Name	IP	Detection
fingahvf.top	142.0.197.108

URLs

Name	Detection
http://fingahvf.top/advertisers.js

Dropped files

Name	File Type	Hashes	Detection
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{1163FBAC-A141-11EA-AADD-C25F135D3C65}.dat	Microsoft Word Document	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{1163FBAE-A141-11EA-AADD-C25F135D3C65}.dat	Microsoft Word Document	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\advertisers.js.o3aw515.partial:Zone.Identifier	ASCII text, with CRLF line terminators	#
Click to see the 4 hidden entries
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\advertisers.js:Zone.Identifier	very short file (no magic)	#
C:\Users\user\AppData\Local\Temp\JavaDeployReg.log	ASCII text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\~DF8ABBD08CCB4452D7.TMP	data	#
C:\Users\user\AppData\Local\Temp\~DFDB46AEB8125D9DC6.TMP	data	#