Register Login

sloganpng

top title background image

COVID-19FluA+B Antigen Combo Rapid Test.exe

Status: finished

Submission Time: 2020-10-28 08:51:48 +01:00

Malicious

Trojan

Evader

FormBook

Comments

Tags

Details

Analysis ID:
306415
API (Web) ID:
514611
Analysis Started:

2020-10-28 08:51:49 +01:00
Analysis Finished:

2020-10-28 09:03:54 +01:00
MD5:
2ec3db230ae7653f6af65e792717940c
SHA1:
9fed8d4822b64ef2e3900abfb6876affeb7a0062
SHA256:
000d893715e565a925e4dd98feb6b28461a6b1c51dc3a5ac0ea48b407ac85653
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
		malicious
	Full Report Management Report IOC Report	malicious Score: 100	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

Open Full Report

malicious

Score: 17/71

malicious

Score: 8/48

IPs

IP	Country	Detection
154.92.42.20	Seychelles
52.33.207.7	United States
184.168.131.241	United States

Domains

Name	IP	Detection
veronicaspeaks.net	184.168.131.241
uixie.porkbun.com	52.33.207.7
www.kuanchengxxg.com	154.92.42.20
Click to see the 2 hidden entries
www.veronicaspeaks.net	0.0.0.0
www.sentus.net	0.0.0.0

URLs

Name	Detection
http://www.sentus.net/esp5/?oXo=6lXd02j0&wPT=dWF+qqKU5IXlq2nNySySnjti9EsH/vZ2e/n0q4ORWK4BW8s796zQe1+5M+3ang6vhCkl
http://www.veronicaspeaks.net/esp5/?oXo=6lXd02j0&wPT=mtmLVtUB7R7NRluSq2ryYdVhH76V5AI+IHMX8WhlF2tthzHmvjv9T5+w17KcQhAgZKJk
http://www.kuanchengxxg.com/esp5/?wPT=Q869Z6rx2oD3hQ3Pu35UgJ6SdzpA/tInh9PrgF4S+FbAYYqKveqR+0DAbnrrKtHnhAUU&oXo=6lXd02j0

Dropped files

Name	File Type	Hashes	Detection
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\COVID-19FluA+B Antigen Combo Rapid Test.exe.log	ASCII text, with CRLF line terminators	#