flash

https://somervoice.somervillema.gov/novel-coronavirus-resources-for-businesses/widgets/16897/videos/2327

Status: finished
Submission Time: 05.02.2021 15:06:23
Malicious

Comments

Tags

Details

  • Analysis ID:
    349157
  • API (Web) ID:
    600269
  • Analysis Started:
    05.02.2021 15:06:24
  • Analysis Finished:
    05.02.2021 15:11:51
  • Technologies:
Full Report Management Report IOC Report Engine Info Verdict Score Reports
New

System: Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211

malicious
48/100

IPs

IP Country Detection
172.217.23.66
United States
54.177.210.138
United States
104.16.18.94
United States

Domains

Name IP Detection
pagead46.l.doubleclick.net
172.217.23.66
or-nlb-v00-b47a3d3821d0abbe.elb.us-west-1.amazonaws.com
54.177.210.138
cdnjs.cloudflare.com
104.16.18.94
Click to see the 8 hidden entries
i.ytimg.com
172.217.22.246
photos-ugc.l.googleusercontent.com
172.217.23.33
d2gu4vothxmtom.cloudfront.net
143.204.15.131
yt3.ggpht.com
0.0.0.0
googleads.g.doubleclick.net
0.0.0.0
somervoice.somervillema.gov
0.0.0.0
www.youtube.com
0.0.0.0
static.doubleclick.net
0.0.0.0

URLs

Name Detection
https://youtu.be/Fn7Ou04BHvQ
https://www.youtube.com/watch?v=5GRcO6cLNs8
http://fontawesome.io
Click to see the 48 hidden entries
https://i.ytimg.com/vi/cuSif0I20vE/hqdefault.jpg
https://youtu.be/wtuxe7VPD3U
https://i.ytimg.com/vi/VFxvnJ7wwwU/hqdefault.jpg
https://s3-us-west-1.amazonaws.com/ehq-production-us-california/8cfcc1570c81e97a242433b94052e3e65b3c
https://ehq-production-us-california.imgix.net/b811435cc596009e6a357d66f662c1fff094b1f4/image_stores
http://youtube.com/streaming/otf/durations/112015
https://somervoice.somervillema.gov/novel-coronavirus-resources-for-businesses/widgets/16897/videos/
https://www.somervillema.gov/events
http://cps.letsencrypt.org
http://youtube.com/streaming/metadata/segment/102015
https://youtu.be/
http://r3.i.lencr.org/
http://somervillema.gov
https://admin.youtube.com
http://www.somervision2040.com
https://i.ytimg.com/vi/5GRcO6cLNs8/hqdefault.jpg
http://r3.o.lencr.org0
https://github.com/krux/postscribe/blob/master/LICENSE.
https://www.youtube.com/watch?v=KTb4H2DQcdc
https://stats.g.doubleclick.net/j/collect
https://www.youtube.com/watch?v=cuSif0I20vE
https://youtu.be/kaxh4pCyFss
http://cps.root-x1.letsencrypt.org0
http://r3.i.lencr.org/0&
https://i.ytimg.com/vi/kaxh4pCyFss/hqdefault.jpg
https://www.youtube.com/generate_204?cpn=
https://youtube.com/api/drm/fps?ek=uninitialized
http://cps.letsencrypt.org0
https://www.googletraveladservices.com/travel/clk/pagead/conversion/
http://www.bangthetable.com/
https://www.youtube.com/embed/wtuxe7VPD3U?feature=oembed
http://cps.letsencrypt.org=
http://youtube.com/yt/2012/10/10
https://cct.google/taggy/agent.js
http://fontawesome.io/license
https://i.ytimg.com/vi/KTb4H2DQcdc/hqdefault.jpg
https://i.ytimg.com/vi/wtuxe7VPD3U/hqdefault.jpg
https://s3-ap-southeast-2.amazonaws.com/ehq-static-assets/gt-simplified-us.js
https://www.youtube.com/watch?v=wtuxe7VPD3U
https://www.google.%/ads/ga-audiences
https://s3-us-west-1.amazonaws.co
http://www.youtube.com/videoplayback
http://www.somervillebydesign.com
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.6.1/css/font-awesome.min.css
http://youtube.com/drm/2012/10/10
https://i.ytimg.com/vi/Fn7Ou04BHvQ/hqdefault.jpg
http://cps.root-x1.letsencrypt.org
https://youtu.be/VFxvnJ7wwwU

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\DURNCK2N\www.youtube[1].xml
ASCII text, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{E57A1C93-6806-11EB-90E5-ECF4BB570DC9}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{E57A1C95-6806-11EB-90E5-ECF4BB570DC9}.dat
Microsoft Word Document
#
Click to see the 18 hidden entries
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\KFOkCnqEu92Fr1Mu51xIIzQ[1].woff
Web Open Font Format, TrueType, length 21528, version 1.1
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\KFOmCnqEu92Fr1Mu4mxM[1].woff
Web Open Font Format, TrueType, length 19824, version 1.1
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\www-embed-player[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\www-player[1].css
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\ad_status[1].js
ASCII text
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\font-awesome.min[1].css
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\js[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\base[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\fetch-polyfill[1].js
Pascal source, ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\KFOjCnqEu92Fr1Mu51S7ACc6CsI[1].woff
Web Open Font Format, TrueType, length 21564, version 1.1
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\KFOlCnqEu92Fr1MmEU9fBBc-[1].woff
Web Open Font Format, TrueType, length 20012, version 1.1
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\analytics[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\wtuxe7VPD3U[1].htm
HTML document, ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Temp\~DF945E8E7F0625E9E8.TMP
data
#
C:\Users\user\AppData\Local\Temp\~DFA17A083F6A4A7026.TMP
data
#
C:\Users\user\Desktop\cmdline.out
ASCII text, with CRLF line terminators
#
C:\Users\user\Desktop\download\.wget-hsts
ASCII text, with CRLF line terminators
#
C:\Users\user\Desktop\download\2327
HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
#