top title background image
flash

Comuinicado-Covid19-Min-Saude-VRC-03-02-21-210.vbs

Status: finished
Submission Time: 2021-02-10 11:44:02 +01:00
Malicious
Evader

Comments

Tags

  • lampion
  • trojan
  • portugal

Details

  • Analysis ID:
    351167
  • API (Web) ID:
    604278
  • Analysis Started:
    2021-02-10 11:45:40 +01:00
  • Analysis Finished:
    2021-02-10 12:05:36 +01:00
  • MD5:
    bef99a24632c89aa1676f0c5e5bfb11b
  • SHA1:
    335c3b6151df7e3e31b603bd55d24c0de56a8d5a
  • SHA256:
    64f6d8c5d529aa3ab6626a3b9be57c4b9e0c2130ec3358c12d53e3453a83a76c
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
malicious
Score: 100
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

malicious
Score: 18/59
malicious
Score: 10/47
malicious

IPs

IP Country Detection
172.217.168.48
United States
8.8.8.8
United States

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\P-2-19[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
#
C:\Users\user\AppData\Roaming\0.zip
Zip archive data, at least v2.0 to extract
#
C:\Users\user\AppData\Roaming\38695955395697\krdxnsceqxwvyknup17065344631671.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
#
Click to see the 2 hidden entries
C:\Users\user\AppData\Roaming\jbnusslocvu.vbs
ASCII text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\0[1].zip
Zip archive data, at least v2.0 to extract
#