Joe Sandbox Cloud Basic

Want to search on specific fields?


Try our:

Advanced Search

Want to search in depth on all Cloud Basic reports?

Try: Joe Sandbox View

Register Login
sloganpng
top title background image
flash

https://somervoice.somervillema.gov/novel-coronavirus-resources-for-businesses/widgets/16897/videos/2327

Status: finished
Submission Time: 2021-02-05 15:06:23 +01:00
Malicious

Comments

Tags

Details

  • Analysis ID:
    349157
  • API (Web) ID:
    600269
  • Analysis Started:
    2021-02-05 15:06:24 +01:00
  • Analysis Finished:
    2021-02-05 15:11:51 +01:00
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
Full Report Management Report IOC Report
malicious
Score: 48
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

IPs

IP Country Detection
172.217.23.66
 United States
54.177.210.138
 United States
104.16.18.94
 United States

Domains

Name IP Detection
pagead46.l.doubleclick.net
 172.217.23.66
or-nlb-v00-b47a3d3821d0abbe.elb.us-west-1.amazonaws.com
 54.177.210.138
cdnjs.cloudflare.com
 104.16.18.94
Click to see the 8 hidden entries
i.ytimg.com
 172.217.22.246
photos-ugc.l.googleusercontent.com
 172.217.23.33
d2gu4vothxmtom.cloudfront.net
 143.204.15.131
yt3.ggpht.com
 0.0.0.0
googleads.g.doubleclick.net
 0.0.0.0
somervoice.somervillema.gov
 0.0.0.0
www.youtube.com
 0.0.0.0
static.doubleclick.net
 0.0.0.0

URLs

Name Detection
https://i.ytimg.com/vi/KTb4H2DQcdc/hqdefault.jpg
http://r3.i.lencr.org/0&
https://i.ytimg.com/vi/kaxh4pCyFss/hqdefault.jpg
Click to see the 48 hidden entries
https://www.youtube.com/generate_204?cpn=
https://youtube.com/api/drm/fps?ek=uninitialized
http://cps.letsencrypt.org0
https://www.googletraveladservices.com/travel/clk/pagead/conversion/
http://www.bangthetable.com/
https://www.youtube.com/embed/wtuxe7VPD3U?feature=oembed
http://cps.letsencrypt.org=
http://youtube.com/yt/2012/10/10
https://cct.google/taggy/agent.js
http://fontawesome.io/license
http://cps.root-x1.letsencrypt.org0
https://i.ytimg.com/vi/wtuxe7VPD3U/hqdefault.jpg
https://s3-ap-southeast-2.amazonaws.com/ehq-static-assets/gt-simplified-us.js
https://www.youtube.com/watch?v=wtuxe7VPD3U
https://www.google.%/ads/ga-audiences
https://s3-us-west-1.amazonaws.co
http://www.youtube.com/videoplayback
http://www.somervillebydesign.com
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.6.1/css/font-awesome.min.css
http://youtube.com/drm/2012/10/10
https://i.ytimg.com/vi/Fn7Ou04BHvQ/hqdefault.jpg
http://cps.root-x1.letsencrypt.org
https://youtu.be/VFxvnJ7wwwU
https://youtu.be/
https://www.youtube.com/watch?v=5GRcO6cLNs8
http://fontawesome.io
https://i.ytimg.com/vi/cuSif0I20vE/hqdefault.jpg
https://youtu.be/wtuxe7VPD3U
https://i.ytimg.com/vi/VFxvnJ7wwwU/hqdefault.jpg
https://s3-us-west-1.amazonaws.com/ehq-production-us-california/8cfcc1570c81e97a242433b94052e3e65b3c
https://ehq-production-us-california.imgix.net/b811435cc596009e6a357d66f662c1fff094b1f4/image_stores
http://youtube.com/streaming/otf/durations/112015
https://somervoice.somervillema.gov/novel-coronavirus-resources-for-businesses/widgets/16897/videos/
https://www.somervillema.gov/events
http://cps.letsencrypt.org
http://youtube.com/streaming/metadata/segment/102015
https://youtu.be/Fn7Ou04BHvQ
http://r3.i.lencr.org/
http://somervillema.gov
https://admin.youtube.com
http://www.somervision2040.com
https://i.ytimg.com/vi/5GRcO6cLNs8/hqdefault.jpg
http://r3.o.lencr.org0
https://github.com/krux/postscribe/blob/master/LICENSE.
https://www.youtube.com/watch?v=KTb4H2DQcdc
https://stats.g.doubleclick.net/j/collect
https://www.youtube.com/watch?v=cuSif0I20vE
https://youtu.be/kaxh4pCyFss

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\base[1].js
 ASCII text, with very long lines
 #
C:\Users\user\Desktop\download\2327
 HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
 #
C:\Users\user\Desktop\download\.wget-hsts
 ASCII text, with CRLF line terminators
 #
Click to see the 18 hidden entries
C:\Users\user\Desktop\cmdline.out
 ASCII text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Temp\~DFA17A083F6A4A7026.TMP
 data
 #
C:\Users\user\AppData\Local\Temp\~DF945E8E7F0625E9E8.TMP
 data
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\wtuxe7VPD3U[1].htm
 HTML document, ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\analytics[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\KFOlCnqEu92Fr1MmEU9fBBc-[1].woff
 Web Open Font Format, TrueType, length 20012, version 1.1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\KFOjCnqEu92Fr1Mu51S7ACc6CsI[1].woff
 Web Open Font Format, TrueType, length 21564, version 1.1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\fetch-polyfill[1].js
 Pascal source, ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\DURNCK2N\www.youtube[1].xml
 ASCII text, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\js[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\font-awesome.min[1].css
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\ad_status[1].js
 ASCII text
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\www-player[1].css
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\www-embed-player[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\KFOmCnqEu92Fr1Mu4mxM[1].woff
 Web Open Font Format, TrueType, length 19824, version 1.1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\KFOkCnqEu92Fr1Mu51xIIzQ[1].woff
 Web Open Font Format, TrueType, length 21528, version 1.1
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{E57A1C95-6806-11EB-90E5-ECF4BB570DC9}.dat
 Microsoft Word Document
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{E57A1C93-6806-11EB-90E5-ECF4BB570DC9}.dat
 Microsoft Word Document
 #