flash

Comuinicado-Covid19-Min-Saude-VRC-03-02-21-210.vbs

Status: finished
Submission Time: 10.02.2021 11:44:02
Malicious
Evader

Comments

Tags

  • lampion
  • trojan
  • portugal

Details

  • Analysis ID:
    351167
  • API (Web) ID:
    604278
  • Analysis Started:
    10.02.2021 11:45:40
  • Analysis Finished:
    10.02.2021 12:05:36
  • MD5:
    bef99a24632c89aa1676f0c5e5bfb11b
  • SHA1:
    335c3b6151df7e3e31b603bd55d24c0de56a8d5a
  • SHA256:
    64f6d8c5d529aa3ab6626a3b9be57c4b9e0c2130ec3358c12d53e3453a83a76c
  • Technologies:
Full Report Management Report IOC Report Engine Info Verdict Score Reports
New

System: Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211

malicious
100/100

malicious
18/59

malicious
10/47

malicious

IPs

IP Country Detection
172.217.168.48
United States
8.8.8.8
United States

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\P-2-19[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
#
C:\Users\user\AppData\Roaming\0.zip
Zip archive data, at least v2.0 to extract
#
C:\Users\user\AppData\Roaming\38695955395697\krdxnsceqxwvyknup17065344631671.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
#
Click to see the 2 hidden entries
C:\Users\user\AppData\Roaming\jbnusslocvu.vbs
ASCII text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\0[1].zip
Zip archive data, at least v2.0 to extract
#