flash

jvnfring.msi

Status: finished
Submission Time: 02.06.2020 19:35:30
Malicious
Trojan
Evader
GuLoader

Comments

Tags

Details

  • Analysis ID:
    235069
  • API (Web) ID:
    366240
  • Analysis Started:
    02.06.2020 19:35:31
  • Analysis Finished:
    02.06.2020 19:44:08
  • MD5:
    9dc595745b7f64aab36db980651e9734
  • SHA1:
    23b77cc0f6db594bcb825b3d7893b7c94d7aefc0
  • SHA256:
    98238dda51c0fe9b75939b5c2e287e0ad6e6005a8817477b0e82fb20df0401d2
  • Technologies:
Full Report Engine Info Verdict Score Reports

System: Windows 7 SP1 (with Office 2010 SP2, IE 11, FF 54, Chrome 60, Acrobat Reader DC 17, Java 8.0.1440.1, Flash 30.0.0.113)

malicious
76/100

System: Windows 10 64 bit (version 1803) with Office 2016, Adobe Reader DC 19, Chrome 70, Firefox 63, Java 8.171, Flash 30.0.0.113
Run Condition: Potential for more IOCs and behavior

malicious
72/100

malicious
7/61

malicious
14/48

URLs

Name Detection
http://crl.pkioverheid.nl/DomOvLatestCRL.crl0
http://crl.entrust.net/server1.crl0
http://ocsp.entrust.net03
Click to see the 11 hidden entries
http://ocsp.pki.goog/gts1o10
http://crl.pkioverheid.nl/DomOrganisatieLatestCRL-G2.crl0
http://pki.goog/gsr2/GTS1O1.crt0
http://www.diginotar.nl/cps/pkioverheid0
http://crl.pki.goog/gsr2/gsr2.crl0?
http://ocsp.pki.goog/gsr202
https://pki.goog/repository/0
http://ocsp.entrust.net0D
https://secure.comodo.com/CPS0
http://crl.pki.goog/GTS1O1.crl0
http://crl.entrust.net/2048ca.crl0

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\YE6QQA4P.txt
ASCII text
#