flash

Comuinicado-Covid19-Min-Saude-CGC-29-01-21-136.vbs

Status: finished
Submission Time: 03.02.2021 16:13:42
Malicious
Evader

Comments

Tags

Details

  • Analysis ID:
    348031
  • API (Web) ID:
    597989
  • Analysis Started:
    03.02.2021 16:13:42
  • Analysis Finished:
    03.02.2021 16:31:42
  • MD5:
    a7eaefeac82a762678b254c38f72a5a0
  • SHA1:
    972982331616263fcb28fab209b150c6365068d7
  • SHA256:
    7f3cd558f1963d4edf18c46b39a45ffc3d83257bd82ecf80e87e10c4cb1efba1
  • Technologies:
Full Report Management Report IOC Report Engine Info Verdict Score Reports
New

System: Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211

malicious
88/100

malicious
15/59

IPs

IP Country Detection
172.217.23.16
United States
8.8.8.8
United States

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Roaming\0.zip
Zip archive data, at least v2.0 to extract
#
C:\Users\user\AppData\Roaming\76941835522651\uwnxheepqiputvsut3285467922686.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
#
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\xsjfpdeuwh .lnk
MS Windows shortcut, Item id list present, Has Relative path, Has Working directory, Has command line arguments, ctime=Sun Dec 31 23:06:32 1600, mtime=Sun Dec 31 23:06:32 1600, atime=Sun Dec 31 23:06:32 1600, length=0, window=hide
#
Click to see the 3 hidden entries
C:\Users\user\AppData\Roaming\uwqybklmrhw.vbs
ASCII text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\P-4-17[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\0[1].zip
Zip archive data, at least v2.0 to extract
#