flash

COVID_19_Test_Result_Doctor_Note.js

Status: finished
Submission Time: 09.03.2021 09:12:23
Malicious
Evader
Trojan

Comments

Tags

Details

  • Analysis ID:
    365159
  • API (Web) ID:
    632383
  • Analysis Started:
    09.03.2021 09:12:25
  • Analysis Finished:
    09.03.2021 09:27:54
  • MD5:
    0bca3422ec870f28791d61a4fa25367f
  • SHA1:
    36352478af11cdd59c55b8ef8ecf2cfacb2dcaaa
  • SHA256:
    7703889f1b2c6fd8a1fe0abc4a8b6a409d4e6eabe5943c4a5261dfc68fb973f6
  • Technologies:
Full Report Management Report IOC Report Engine Info Verdict Score Reports

System: Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211

malicious
52/100

System: Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
Run Condition: Without Instrumentation

malicious
80/100

IPs

IP Country Detection
104.21.48.50
United States
172.67.178.142
United States

Domains

Name IP Detection
adsclickboost.com
104.21.48.50

URLs

Name Detection
http://adsclickboost.com/key/license/gate.php
http://adsclickboost.com/U
http://adsclickboost.com/9aL
Click to see the 38 hidden entries
http://adsclickboost.com:80/key/license/gate.phpPJ
http://adsclickboost.com/12J
http://adsclickboost.com/key/license/gate.phph
http://adsclickboost.com:80/key/license/gate.phpP
http://adsclickboost.com/key/license/gate.php&
http://adsclickboost.com/key/license/gate.php.
http://adsclickboost.com:80/key/license/gate.phpPz
http://adsclickboost.com/key/license/gate.php/
http://adsclickboost.com/key/license/gate.php4
http://adsclickboost.com:80/key/license/gate.phpP4
http://adsclickboost.com/key/license/gate.php4d%2fb
http://adsclickboost.com:80/key/license/gate.phpW
http://adsclickboost.com/key/license/gate.phpv
http://adsclickboost.com/9
http://adsclickboost.com:80/key/license/gate.php
http://adsclickboost.com/key/license/gate.php;
https://waclickboost.com/
http://adsclickboost.com/key/license/gate.php4d%2fID_19_Test_Result_Doctor_Note.js
http://adsclickboost.com/key/license/gate.phpB
http://adsclickboost.com:80/key/license/gate.phpp
http://adsclickboost.com/e
http://adsclickboost.com:80/key/license/gate.phpPa
http://adsclickboost.com/
http://adsclickboost.com/key/license/gate.php12J
http://adsclickboost.com/i
http://adsclickboost.com/h
http://adsclickboost.com/key/license/gate.phpP
http://adsclickboost.com:80/key/license/gate.phpPcY
http://adsclickboost.com/er
http://adsclickboost.com:80/key/license/gate.phpy
http://adsclickboost.com/l
http://adsclickboost.com/key/license/gate.phpO
http://adsclickboost.com/RJ0
http://adsclickboost.com/zJH
http://adsclickboost.com/1
http://adsclickboost.com/key/license/gate.php0DUq1z
http://adsclickboost.com:80/key/license/gate.phpPW
http://adsclickboost.com:80/key/license/gate.phpw

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Roaming\COVID_19_Test_Result_Doctor_Note.js
ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Roaming\COVID_19_Test_Result_Doctor_Note.js:Zone.Identifier
ASCII text, with CRLF line terminators
#
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\COVID_19_Test_Result_Doctor_Note.js
ASCII text, with very long lines, with CRLF line terminators
#
Click to see the 1 hidden entries
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\COVID_19_Test_Result_Doctor_Note.js:Zone.Identifier
ASCII text, with CRLF line terminators
#