flash

http://fingahvf.top/advertisers.js

Status: finished
Submission Time: 28.05.2020 17:12:00
Malicious

Comments

Tags

Details

  • Analysis ID:
    233909
  • API (Web) ID:
    363969
  • Analysis Started:
    28.05.2020 17:12:01
  • Analysis Finished:
    28.05.2020 17:15:57
  • Technologies:
Full Report Engine Info Verdict Score Reports

System: Windows 10 64 bit (version 1803) with Office 2016, Adobe Reader DC 19, Chrome 70, Firefox 63, Java 8.171, Flash 30.0.0.113

malicious
56/100

malicious
5/80

IPs

IP Country Detection
142.0.197.108
United States

Domains

Name IP Detection
fingahvf.top
142.0.197.108

URLs

Name Detection
http://fingahvf.top/advertisers.js

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{1163FBAC-A141-11EA-AADD-C25F135D3C65}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{1163FBAE-A141-11EA-AADD-C25F135D3C65}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\advertisers.js.o3aw515.partial:Zone.Identifier
ASCII text, with CRLF line terminators
#
Click to see the 4 hidden entries
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\advertisers.js:Zone.Identifier
very short file (no magic)
#
C:\Users\user\AppData\Local\Temp\JavaDeployReg.log
ASCII text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Temp\~DF8ABBD08CCB4452D7.TMP
data
#
C:\Users\user\AppData\Local\Temp\~DFDB46AEB8125D9DC6.TMP
data
#