flash

https://drive.google.com//uc?id=1ExbiBQm3R9DeKMtJJ7y4hk9h5s5yiyeZ&export=download

Status: finished
Submission Time: 04.05.2021 21:17:30
Malicious

Comments

Tags

Details

  • Analysis ID:
    404275
  • API (Web) ID:
    710707
  • Analysis Started:
    04.05.2021 21:22:50
  • Analysis Finished:
    04.05.2021 21:30:09
  • Technologies:
Full Report Management Report IOC Report Engine Info Verdict Score Reports

System: Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211

malicious
48/100

IPs

IP Country Detection
216.58.212.129
United States
239.255.255.250
Reserved

Domains

Name IP Detection
googlehosted.l.googleusercontent.com
216.58.212.129
clients2.googleusercontent.com
0.0.0.0

URLs

Name Detection
http://pki.goog/gsr1/gsr1.crt
https://dns.google
http://crl.pki.goog/gsr1/gsr1.crl0;
Click to see the 18 hidden entries
http://crl.pki.goog/gtsr1/gtsr1.crl-
https://lh3.googleusercontent.com/ogw/default-user=s96
https://lh3.googleusercontent.com/ogw/default-user=s24
http://crl.pki.goog/gsr1/gsr1.crl
http://crls.pki.goog/gts1c3/QqFxbi9M48c.crl
http://crl.pki.goog/gtsr1/gtsr1.crl0W
https://clients2.googleusercontent.com
http://pki.goog/gsr1/gsr1.crt02
http://pki.goog/repo/certs/gts1c3.der
http://crl.pki.goog/gtsr1/gtsr1.crly
https://pki.goog/repository/0
http://crls.pki.goog/gts1c3/QqFxbi9M48c.crl0
http://pki.goog/repo/certs/gtsr1.der
http://crl.pki.goog/gtsr1/gtsr1.crl
https://feedback.googleusercontent.com
http://crls.pki.g
http://pki.goog/repo/certs/gts1c3.der0
http://pki.goog/repo/certs/gtsr1.der04

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Temp\scoped_dir6800_1086792300\CRX_INSTALL\_locales\lv\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
#
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\19548808-9026-4350-9007-074347203bfc.tmp
data
#
Click to see the 97 hidden entries
C:\Users\user\AppData\Local\Google\Chrome\User Data\1a941a08-5a40-4357-91bf-5d4fc2b0fb6c.tmp
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\21994c25-2a5f-4560-a566-891198456391.tmp
SysEx File -
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\25482a5d-9881-4775-aeb9-175bb983abb0.tmp
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\48f7f3bf-900c-4fb1-a751-fb1d2f201828.tmp
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\91236d06-e52f-408f-98cd-6fcbf3acf767.tmp
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\0748d439-1798-4cf8-a982-28c10c22d939.tmp
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\0d123d0d-fb01-4b8b-b62e-440db238fc80.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\11d6aa61-131f-47d6-87e5-b02c372c24dd.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\4aa2863d-4eb1-42bb-8dc0-6a1e3ddabf97.tmp
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\53aec719-e121-419c-bf30-b536fb366d4a.tmp
very short file (no magic)
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\891c2c1c-ee3e-40ce-8f20-dc7bb71ce0bf.tmp
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies
SQLite 3.x database, last written using SQLite version 3032001
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
SQLite 3.x database, last written using SQLite version 3032001
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\1cea85ae-7fa5-4fe6-937e-4b41c395b45e.tmp
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\88b21d77-c83a-436a-91cc-853cdfec67e8.tmp
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Visited Links
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\aa6cacf3-217b-481f-9e23-6616e859d441.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\cba89b3d-518b-4167-a1a3-a0ac9efd4932.tmp
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004
MPEG-4 LOAS
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\f96c85a6-a601-49b5-a8bc-08e22ee85cf0.tmp
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\fabebae9-01e7-48a5-adf9-ff1c9673ea15.tmp
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
ASCII text, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\ddf0b04d-1b16-46ba-9ec9-d735d1ab0bad.tmp
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\f8881a1c-3d4f-41fa-9101-4ebc63b43873.tmp
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\f91a24d7-6a3e-40aa-8fb2-4df1736d319d.tmp
data
#
C:\Users\user\AppData\Local\Temp\0b202f1f-3bb0-46d8-ae4a-c5c64dc25809.tmp
Google Chrome extension, version 3
#
C:\Users\user\AppData\Local\Temp\107e86bb-2c6a-415f-b8dc-1fcaed3e1d88.tmp
very short file (no magic)
#
C:\Users\user\AppData\Local\Temp\45040fc5-b1d0-4b6a-be95-a5f4e016b916.tmp
Google Chrome extension, version 3
#
C:\Users\user\AppData\Local\Temp\6389ea05-8027-40a2-a1cf-d1647ead34c6.tmp
very short file (no magic)
#
C:\Users\user\AppData\Local\Temp\scoped_dir6800_1086792300\0b202f1f-3bb0-46d8-ae4a-c5c64dc25809.tmp
Google Chrome extension, version 3
#
C:\Users\user\AppData\Local\Temp\scoped_dir6800_1086792300\CRX_INSTALL\_locales\am\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Temp\scoped_dir6800_1086792300\CRX_INSTALL\_locales\ar\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Temp\scoped_dir6800_1086792300\CRX_INSTALL\_locales\bg\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Temp\scoped_dir6800_1086792300\CRX_INSTALL\_locales\bn\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Temp\scoped_dir6800_1086792300\CRX_INSTALL\_locales\ca\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Temp\scoped_dir6800_1086792300\CRX_INSTALL\_locales\cs\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Temp\scoped_dir6800_1086792300\CRX_INSTALL\_locales\da\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Temp\scoped_dir6800_1086792300\CRX_INSTALL\_locales\de\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Temp\scoped_dir6800_1086792300\CRX_INSTALL\_locales\el\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Temp\scoped_dir6800_1086792300\CRX_INSTALL\_locales\en\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Temp\scoped_dir6800_1086792300\CRX_INSTALL\_locales\es\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Temp\scoped_dir6800_1086792300\CRX_INSTALL\_locales\et\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Temp\scoped_dir6800_1086792300\CRX_INSTALL\_locales\fa\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Temp\scoped_dir6800_1086792300\CRX_INSTALL\_locales\fi\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Temp\scoped_dir6800_1086792300\CRX_INSTALL\_locales\fil\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Temp\scoped_dir6800_1086792300\CRX_INSTALL\_locales\fr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Temp\scoped_dir6800_1086792300\CRX_INSTALL\_locales\gu\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Temp\scoped_dir6800_1086792300\CRX_INSTALL\_locales\hi\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Temp\scoped_dir6800_1086792300\CRX_INSTALL\_locales\hr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Temp\scoped_dir6800_1086792300\CRX_INSTALL\_locales\hu\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Temp\scoped_dir6800_1086792300\CRX_INSTALL\_locales\id\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Temp\scoped_dir6800_1086792300\CRX_INSTALL\_locales\it\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Temp\scoped_dir6800_1086792300\CRX_INSTALL\_locales\ja\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Temp\scoped_dir6800_1086792300\CRX_INSTALL\_locales\kn\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Temp\scoped_dir6800_1086792300\CRX_INSTALL\_locales\ko\messages.json
UTF-8 Unicode text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Temp\scoped_dir6800_1086792300\CRX_INSTALL\_locales\lt\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
#