Register Login

sloganpng

top title background image

Comuinicado-Covid19-Min-Saude-CGC-29-01-21-136.vbs

Status: finished

Submission Time: 2021-02-03 16:13:42 +01:00

Malicious

Evader

Comments

Tags

Details

Analysis ID:
348031
API (Web) ID:
597989
Analysis Started:

2021-02-03 16:13:42 +01:00
Analysis Finished:

2021-02-03 16:31:42 +01:00
MD5:
a7eaefeac82a762678b254c38f72a5a0
SHA1:
972982331616263fcb28fab209b150c6365068d7
SHA256:
7f3cd558f1963d4edf18c46b39a45ffc3d83257bd82ecf80e87e10c4cb1efba1
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
	Full Report Management Report IOC Report	malicious Score: 88	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

Open Full Report

malicious

Score: 15/59

IPs

IP	Country	Detection
172.217.23.16	United States
8.8.8.8	United States

Dropped files

Name	File Type	Hashes	Detection
C:\Users\user\AppData\Roaming\0.zip	Zip archive data, at least v2.0 to extract	#
C:\Users\user\AppData\Roaming\76941835522651\uwnxheepqiputvsut3285467922686.dll	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows	#
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\xsjfpdeuwh .lnk	MS Windows shortcut, Item id list present, Has Relative path, Has Working directory, Has command line arguments, ctime=Sun Dec 31 23:06:32 1600, mtime=Sun Dec 31 23:06:32 1600, atime=Sun Dec 31 23:06:32 1600, length=0, window=hide	#
Click to see the 3 hidden entries
C:\Users\user\AppData\Roaming\uwqybklmrhw.vbs	ASCII text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\P-4-17[1].dll	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\0[1].zip	Zip archive data, at least v2.0 to extract	#