7tE6fC9z6PN7.vbs

Status: finished

Submission Time: 2020-09-17 18:37:49 +02:00

Malicious

Trojan

Evader

Ursnif

Comments

Details

Analysis ID:
287084
API (Web) ID:
469320
Analysis Started:

2020-09-17 18:37:50 +02:00
Analysis Finished:

2020-09-17 18:51:01 +02:00
MD5:
2485093f3b38013cef6bfca5c964a26a
SHA1:
ffe5742583b86f687372d848f3afab29002c87a8
SHA256:
38c962bd221e0017ca95d0de62fc78f9537c83f3d9db90d0c91ffbf3ed3bba1c
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
	Full Report Management Report IOC Report	malicious Score: 100	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

Open Full Report

malicious

Score: 9/55

IPs

IP	Country	Detection
8.208.101.13	Singapore

Domains

Name	IP	Detection
api10.laptok.at	8.208.101.13

URLs

Name	Detection
http://api10.laptok.at/api1/VOM7yt7FipnIilnrg/uU4p_2BFNCif/XRkXwZZdzCM/Y3sfZBS_2FLe0H/l1qUWacHg0R_2BoMFlwUy/C1HHnvF8_2FIkkQE/EDzvTsJfidl_2BC/kEz75JYE_2BtorIaOK/DArTWR0WK/uJ_2Fj3VbnL1_2B3PYTY/J4XCb0oiLC7u5WAe5ut/GD2Ya_2F2NYX9CZ61U43bi/vfdeDtF6Myq0R/_2Bjlyzl/_2FMLapIwfDL_2BTXuO0ZQd/ZZLWlimmdK/h3_2F_2BHE7HoXEbZ/m2CKmuvXLMNd/cIU_0A_0De5/MuJvdSLVe453gy/gCSlw_2B8DnYZE43MpX3T/e32rLfLFwANEj3UL/8ShF_2BIN8UEbLdX/n0R
http://api10.laptok.at/api1/_2FV_2BRbjGwKFVCh/cEw3fpEWFW8q/i9iRKawpQQq/hAtirlHFny9xio/pYErCMikU89OICHWiSytt/ACac6j90WxmhSGcf/IdUL4alcAWy_2BU/qGD_2Fu6EFRieBije0/J_2F7cQKi/3obgdv1nmt9KWIYEGOuk/bQq_2Bs7C_2BG3wG8uI/nhPH_2BRIM5IgtgzDtZvdd/sdBRdyDPCsz6E/xmzmKrZm/83_2FAL1j6TV6VFwm5GKyoe/QMJMzT_2Bc/yJI2Gq3O8bKLXM_2F/rModWHkxK_0A/_0DaFbYD09n/LfZ7DwcKcNMzPg/NdVJvo58cnd6bi2iKpllP/zZ60rOzsZVVd2Ywa/b8kRyL4H/8
http://api10.laptok.at/api1/Bqf_2FpKuEpdRLn/XNGdL2KtZ1_2BMMSqj/klae0zza4/tCFMaTYdNqrPD10Iz93e/MbW6RJaqNjdggqJxMQZ/A_2FGBf3sHdO9h2sbMvqtK/2uDJABl0StaIz/_2Bwtm9t/GWsnR23Ug8c2fxLlw2AnD8b/LfnrSMnxUM/CLa4_2BP8dSTbqicn/dlafNZUA2Nep/pxktGQC32qA/9iPf0jETYvpHn_/2FkaN_2BiCBKbL3jwsTwd/TAgg0LWdlu7_2Bsq/n5CH8LiQOII60G2/gzMYE_0A_0DC30A83I/_2BNyL3mP/KJRJ1sm0SpGqDMXdA1HJ/bPoPh_2BaUc4ZVqzX3f/AF5Owscvp5SR7ax/jC
Click to see the 20 hidden entries
http://api10.laptok.at/api1/VOM7yt7FipnIilnrg/uU4p_2BFNCif/XRkXwZZdzCM/Y3sfZBS_2FLe0H/l1qUWacHg0R_2B
http://api10.laptok.at/api1/36imwEM15sfuVXNH/_2FHif617F2CqrT/3A2yUnzPQHHbmibMq3/oJ1naKYrV/_2FbRzrfaq
http://api10.laptok.at/api1/vneWXWsUaw0/NO0PofGBRaxvag/dy5F9_2Fud_2F8g3P5SHa/jRVfdi2KC6QRM62v/QyczX_2BzrObXRX/L3ToSTV1vhPmQpkx5N/jzmiZRdf_/2FNG6Ad59ohGbuZkLk0j/M5SPQlyQgPXxXVhxEFn/i6NY6DUXk9MXVrZWrVMVY_/2FOY79Idx_2F8/q7cKj7sh/g0_2FF93m1V0K4l4mzRQJBh/1i7KkmzH1r/qhNx9LWGM0HG4GaHF/ecrMyv8OII86/FXlTJra_2FO/BvYo94cOj_0A_0/D3R7letsBBcdDdBHTsDvk/uje9Dfjr0aRVrKwG/KLBKNtHI50vVgvF/vlkWBLM2V/BU4rkjwT
http://api10.laptok.at/api1/mpN4Iyg7GnvL_2FW/yjL_2F3dEH1FMAG/kdCYENDeFPFLTWkGvh/rJz4yzMSy/_2FnlfC92R
http://api10.laptok.at/api1/aZkGgPItQCViOb5/TcY999_2BQl2Tvr6tM/bE2CA2hz4/M6bOAaNJuXGdza0OUSdE/wGnTn7qiBNIYh6LxRYc/dadejFuVJRLRb0CFmleR16/u2D_2B_2BA10e/B4fQAh8K/5zdznMQ7sxhOgf5Vc22Rk6J/EVRUgWibFi/W9BbpYMwKJUFYnztB/cbK4N8B_2FuS/1irnSisrTmu/aEaUHaIUc44ykk/2HKQEra0Ku3PasZnDqDLc/YeHIzJqtIkEcyIzH/UGWpRvo2vZpy_0A/_0DV3jl48YbQEyCxbB/9elY3H6Mv/OUvXJCxsfk4oIVImqu/TL2E3
http://api10.laptok.at/api1/ZEfaca4GmVTTaSwWNT/sTPLpD7bp/pKzr87qLwhyqQlBq6_2F/CrivbAaVh6ULkHm1nA0/eBAyr7jn61gMH_2BbLQCg2/qyNJRkfYYPss8/Eopx4Gsh/p0KBs5ZnFncexNX5mN9Z7n5/IrPdhUF6JQ/WjG9_2FGyl4_2Fhaa/444YqHq7gahn/VKvNzC6XDNF/1EoZVmfrRQCPvT/L52w0_2FmyTO2VRCG1ibi/pN1UbkNxajSQN0_2/B4QC_2FSKDEnqP_/2FeLoyzwhkx86mrbjj/8x_0A_0D7/qY1aoBykg96n7tvy_2Bz/09_2FiiGRDv5y_2B2U7/cvzaz89_2F4VUHDWsUn_2B/OjDiZsqfU_2/Bgz2flM
http://api10.laptok.at/api1/36imwEM15sfuVXNH/_2FHif617F2CqrT/3A2yUnzPQHHbmibMq3/oJ1naKYrV/_2FbRzrfaq2C_2BDL5Da/3ZV7DLiRzY4E5ttR5N0/C49KikDWU58USwAegJ9QF5/fmP5eskvtIp90/XeCPgEx3/ZlycYSIqAeaG_2FZhdtWr_2/FIv4JHA0v7/Q_2BKu4c2bpTQpMJJ/6EOM1iVas56I/3D6g7OgCSj8/yEToNqroCG9k5y/3f2Xqy4DoJLKW_2F4r36v/eMKsIBWbeH_2FLKL/4gtF_0A_0D7sqip/oOwfHm39ol1SSM2r2F/9dazBTGH0/q9hZg2mcFCcY5kL9Ugfb/m_2FANC3tdJ/jS_2FTv2/L
http://api10.laptok.at/api1/Gbaa1_2BEgT3wMEzkG/jpyTdqzh9/zCAoWlKrKbM7W_2BKLdP/lW7416LzPL2tPiSB1ac/PNRdrpcCtrf8C028VaRyXQ/92vBe4OodaKCB/HI7vvqow/q3RDOlLcX6YXwtTx9nPFQYi/_2F_2Bx2bL/mbmAO_2Fo3_2FZIQt/A3OCQgeAy80_/2BDUJpa9SeC/CpxtcrdMtmBeyw/U9QzEjT_2Fy0RN_2BvvR3/0D6l7idSa2VFurQj/qiOCVlxT8jFhGy1/qbp3IQQYlHnrCWHnyg/woEu_0A_0/DqLMgegMGzGFefKKjHaU/f5_2FN5tG5Xibz0joc3/N1OSf6qho/ZS
http://api10.laptok.at/api1/eqylrP2S3p1iQjeimwv_/2Fiud2pRldKoxstyA1G/PV2dX2_2BT658iOKeF7m64/aiUidsQczb4gW/aItRlUmR/dIncfJNfHANjIlS5vGWvjn2/yQDbnCa8qm/E4U_2F1qqxAEjfx8G/b89VsTIzxMCj/3xoqmtzJ_2F/R4_2FiodRKcbLw/4dWJKGUVPfq8_2FC6gzZ7/7qZFw1bhIJ7SJsRb/Gmg3cp6XrTE9_2F/b_2FqvplqYD0p4t8ri/5oenvi2k9/Ma7rlwyOyCPo4tTrxEV_/2B_0A_0DaJW_2FB3po8/SwHB6ZjMq04PIyVp420mNp/xYvfPQXylJI17/f7YFVjTf/o6QrQceaAIqhvFG/O
http://api10.laptok.at/api1/439W358DyVRY5TG/ZLAacXqHPj1Z_2F05V/xzRR4yeyD/hSJ9qqHE62M6R4boLFuw/X1IwFpiFBSlir3ecr_2/FzKtnARCN_2FkTgtOfB1CW/pItjr4pjeIYxv/EF_2BXS7/O_2FKF85TjHT611rw0wL62i/_2Ft_2FP_2/BnpwXD9fm_2B6wbbL/iuBayH9ztMax/ciYj9bLTH6b/dqGmvnwEER5ceL/Y_2FwTRnNCupyDl7NMV4U/7KHzax9aVsIc44nG/2EeZ0igpOey_2BI/hlvl3Zn76Rw_0A_0DI/FwCUtb6zJ/HN5fFFc2RTW_2BqZVK6i/X59I_2Bm4LsgaaTg0X/eq8
http://api10.laptok.at/api1/vneWXWsUaw0/NO0PofGBRaxvag/dy5F9_2Fud_2F8g3P5SHa/jRVfdi2KC6QRM62v/QyczX_
http://api10.laptok.at/api1/dpSUwbfjli/Lwm1kGtAP53eVDyEj/6byKNJQUifB3/_2FdNFXecEG/EKGvgP4h1P_2B6/kY8_2Fy0ETLIr3GTK8tMf/LXMhsOSQEvcHZaBU/_2FY3zTq7z5E4EH/qPJNDvp8btYQYPP88V/bDO5p3D5q/LqeUJ5Dd2208ux3fvMUX/RFDLkdl7jpaCiidmLll/fQVNrr2B5hLGPi8mnzgern/LZ52_2BMrHkNg/kQNNZi_2/BnfVBQN_2BvLXDjsF4M0XDH/dNFqwLfFw3/MSx_2BXVCV_0A_0Dk/DpqJPskcllWK/hqgUALUd4Pt/FtvicGyald_2Be/bfq2Z4p_2BEroS_2FdXS1/lABDuV6hqDuNJ/l4
http://api10.laptok.at/api1/cCqlk_2Bpk_2BTp/tTtH_2BAs87EVy_2Fe/XwD5J57F0/wFFujMxzpkfIo75MuZz1/R4DglAzgughi0ZYZuR9/aymqJsw3AwMCwBWsUo3Uh1/Uuuh9iHBxh15S/a0QTpkrn/fB7mirIlDH_2BhrHbcDB25H/WZTfQ4lEa0/xq60qAtaFdnOtpuQM/oufEnp4J_2FL/J6PFibYMvi4/ljdCAGmdBcfkMI/_2BK0X7ztPXAjRa3ChMAY/NUSQUxfMuYJ951ZO/V5Yl4VvVC8fyCAi/5kX_0A_0DRO73Qh5_2/FfpLfmDTs/X8SAp4A35ek3zkREHdGE/XSKxbdsSXD3jRDpY4Zp/dt7_2BhQI/dA5_2F1a
http://www.wikipedia.com/
http://www.twitter.com/
http://www.reddit.com/
http://www.live.com/
http://www.amazon.com/
http://www.youtube.com/
http://www.nytimes.com/

Dropped files

Name	File Type	Hashes
C:\Users\user\AppData\Local\Temp\paymaster.cpp	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows	#
C:\Users\user\AppData\Local\Temp\prestige.zip	Zip archive data, at least v2.0 to extract	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Low\IE\X2GCHJOK\bullet[1]	PNG image data, 15 x 15, 8-bit colormap, non-interlaced	#
Click to see the 64 hidden entries
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Low\IE\X2GCHJOK\http_404[2]	HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Low\IE\X2GCHJOK\http_404[1]	HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Low\IE\X2GCHJOK\httpErrorPagesScripts[1]	UTF-8 Unicode (with BOM) text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Low\IE\X2GCHJOK\errorPageStrings[2]	UTF-8 Unicode (with BOM) text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Low\IE\X2GCHJOK\errorPageStrings[1]	UTF-8 Unicode (with BOM) text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Low\IE\X2GCHJOK\down[1]	PNG image data, 15 x 15, 8-bit colormap, non-interlaced	#
C:\Users\user\AppData\Local\Temp\Gandhian.rpm	ASCII text, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Low\IE\X2GCHJOK\background_gradient[1]	JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1x800, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Low\IE\X2GCHJOK\ErrorPageTemplate[2]	UTF-8 Unicode (with BOM) text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Low\IE\X2GCHJOK\ErrorPageTemplate[1]	UTF-8 Unicode (with BOM) text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Low\IE\OHV7M0FR\info_48[1]	PNG image data, 47 x 48, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Low\IE\OHV7M0FR\httpErrorPagesScripts[1]	UTF-8 Unicode (with BOM) text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Low\IE\OHV7M0FR\errorPageStrings[1]	UTF-8 Unicode (with BOM) text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Low\IE\OHV7M0FR\down[1]	PNG image data, 15 x 15, 8-bit colormap, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Low\IE\OHV7M0FR\bullet[1]	PNG image data, 15 x 15, 8-bit colormap, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Low\IE\X2GCHJOK\info_48[1]	PNG image data, 47 x 48, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Low\IE\OHV7M0FR\background_gradient[1]	JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1x800, frames 3	#
C:\Users\user\AppData\Local\Temp\Hungarian.rmvb	ASCII text, with no line terminators	#
C:\Users\user\AppData\Local\Temp\Low\JavaDeployReg.log	ASCII text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\Parisian.log	ASCII text, with no line terminators	#
C:\Users\user\AppData\Local\Temp\adobe.url	MS Windows 95 Internet shortcut text (URL=<https://adobe.com/>), ASCII text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\bullyboy.m2v	ASCII text, with no line terminators	#
C:\Users\user\AppData\Local\Temp\teacart.ogv	ASCII text, with no line terminators	#
C:\Users\user\AppData\Local\Temp\~DF175856F6C604DC11.TMP	data	#
C:\Users\user\AppData\Local\Temp\~DF22475057A23881DD.TMP	data	#
C:\Users\user\AppData\Local\Temp\~DF26CEE848391960A1.TMP	data	#
C:\Users\user\AppData\Local\Temp\~DF2832391E2024B38B.TMP	data	#
C:\Users\user\AppData\Local\Temp\~DF379CA16D6281822A.TMP	data	#
C:\Users\user\AppData\Local\Temp\~DF37CA46686A8472F2.TMP	data	#
C:\Users\user\AppData\Local\Temp\~DFAE8E0924D98C065E.TMP	data	#
C:\Users\user\AppData\Local\Temp\~DFBBA1BE4F47B99245.TMP	data	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-17529550060\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20332743330\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20259167780\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-8760897390\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-6757900\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-4759708130\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-314712940\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-21706820\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-18270793970\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin8215062560\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{F3810A4D-F94F-11EA-90E2-ECF4BB862DED}.dat	Microsoft Word Document	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{D871C977-F94F-11EA-90E2-ECF4BB862DED}.dat	Microsoft Word Document	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{0FDCD598-F950-11EA-90E2-ECF4BB862DED}.dat	Microsoft Word Document	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{01E6F71C-F950-11EA-90E2-ECF4BB862DED}.dat	Microsoft Word Document	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{F3810A4B-F94F-11EA-90E2-ECF4BB862DED}.dat	Microsoft Word Document	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{D871C975-F94F-11EA-90E2-ECF4BB862DED}.dat	Microsoft Word Document	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{0FDCD596-F950-11EA-90E2-ECF4BB862DED}.dat	Microsoft Word Document	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{01E6F71A-F950-11EA-90E2-ECF4BB862DED}.dat	Microsoft Word Document	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Low\IE\86B850Z5\ErrorPageTemplate[1]	UTF-8 Unicode (with BOM) text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Low\IE\86B850Z5\background_gradient[1]	JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1x800, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Low\IE\86B850Z5\bullet[1]	PNG image data, 15 x 15, 8-bit colormap, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Low\IE\86B850Z5\down[1]	PNG image data, 15 x 15, 8-bit colormap, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Low\IE\86B850Z5\httpErrorPagesScripts[1]	UTF-8 Unicode (with BOM) text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Low\IE\86B850Z5\http_404[1]	HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Low\IE\86B850Z5\info_48[1]	PNG image data, 47 x 48, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Low\IE\KD8PQN1H\background_gradient[1]	JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1x800, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Low\IE\KD8PQN1H\bullet[1]	PNG image data, 15 x 15, 8-bit colormap, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Low\IE\KD8PQN1H\down[1]	PNG image data, 15 x 15, 8-bit colormap, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Low\IE\KD8PQN1H\errorPageStrings[1]	UTF-8 Unicode (with BOM) text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Low\IE\KD8PQN1H\httpErrorPagesScripts[1]	UTF-8 Unicode (with BOM) text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Low\IE\KD8PQN1H\http_404[1]	HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Low\IE\KD8PQN1H\info_48[1]	PNG image data, 47 x 48, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Low\IE\OHV7M0FR\ErrorPageTemplate[1]	UTF-8 Unicode (with BOM) text, with CRLF line terminators	#

7tE6fC9z6PN7.vbs

Comments

Tags

Available tags:

Details

Joe Sandbox

Third Party Analysis Engines

IPs

Domains

URLs

Dropped files

7tE6fC9z6PN7.vbs Options

Comments

Tags

Available tags:

Details

Joe Sandbox

Third Party Analysis Engines

IPs

Domains

URLs

Dropped files

Search started

7tE6fC9z6PN7.vbs