We are hiring! Windows Kernel Developer (Remote), apply here!
flash

https://cloudfil.es/ly7mR8utBQ5

Status: finished
Submission Time: 2022-09-23 08:12:54 +02:00
Malicious
Phishing
HTMLPhisher

Comments

Tags

Details

  • Analysis ID:
    708252
  • API (Web) ID:
    1075711
  • Analysis Started:
    2022-09-23 08:13:19 +02:00
  • Analysis Finished:
    2022-09-23 08:23:21 +02:00
  • Technologies:
Full Report Management Report IOC Report Engine Info Verdict Score Reports

System: Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 104, IE 11, Adobe Reader DC 19, Java 8 Update 211

malicious
48/100

IPs

IP Country Detection
157.240.17.15
United States
239.255.255.250
Reserved
104.17.112.176
United States
Click to see the 31 hidden entries
172.217.16.195
United States
142.250.186.46
United States
108.138.32.174
United States
142.250.185.166
United States
216.239.32.36
United States
172.217.23.110
United States
142.250.185.110
United States
142.250.185.164
United States
216.58.212.173
United States
142.250.186.161
United States
104.17.202.204
United States
116.203.90.127
Germany
172.67.199.56
United States
104.17.69.176
United States
104.17.6.210
United States
108.177.15.156
United States
95.140.230.217
United Kingdom
104.18.33.171
United States
104.17.213.204
United States
157.240.17.35
United States
104.17.239.204
United States
142.250.184.226
United States
35.190.80.1
United States
104.19.155.83
United States
76.76.21.21
United States
104.17.240.204
United States
104.21.52.125
United States
104.19.154.83
United States
172.217.18.8
United States
142.250.186.182
United States
172.217.18.3
United States

Domains

Name IP Detection
cdn.segment.com
0.0.0.0
js-na1.hs-scripts.com
104.17.213.204
api.hubspot.com
104.19.154.83
Click to see the 46 hidden entries
googleads.g.doubleclick.net
142.250.184.226
play.google.com
142.250.185.110
api-na1.hubspot.com
104.19.154.83
api.hubapi.com
104.17.202.204
www.google.co.uk
172.217.18.3
cloudfiles.io
76.76.21.21
clients.l.google.com
142.250.186.46
cdn.cookie-script.com
116.203.90.127
yt3.ggpht.com
0.0.0.0
stats.g.doubleclick.net
0.0.0.0
youtube-ui.l.google.com
172.217.23.110
clients2.google.com
0.0.0.0
api.dmcdn.net
0.0.0.0
www.youtube.com
0.0.0.0
bam-cell.nr-data.net
0.0.0.0
www.facebook.com
0.0.0.0
www.linkedin.com
0.0.0.0
js-agent.newrelic.com
0.0.0.0
connect.facebook.net
0.0.0.0
px.ads.linkedin.com
0.0.0.0
static.doubleclick.net
0.0.0.0
snap.licdn.com
0.0.0.0
api.cloudfil.es
172.67.199.56
i.ytimg.com
142.250.186.182
js.hs-analytics.net
104.17.69.176
cloudfil.es
76.76.21.21
d296je7bbdd650.cloudfront.net
108.138.32.174
scontent.xx.fbcdn.net
157.240.17.15
track.hubspot.com
104.19.154.83
avatars.hubspot.net
104.17.240.204
dmotion.s.llnwi.net
95.140.230.217
photos-ugc.l.googleusercontent.com
142.250.186.161
www.google.com
142.250.185.164
js.usemessages.com
104.17.239.204
gstaticadssl.l.google.com
172.217.16.195
js.hs-banner.com
104.18.33.171
star-mini.c10r.facebook.com
157.240.17.35
a.nel.cloudflare.com
35.190.80.1
static.hsappstatic.net
104.17.6.210
accounts.google.com
216.58.212.173
stats.l.doubleclick.net
108.177.15.156
app.hubspot.com
104.19.155.83
www-googletagmanager.l.google.com
172.217.18.8
js.hsadspixel.net
104.17.112.176
region1.analytics.google.com
216.239.32.36
static-doubleclick-net.l.google.com
142.250.185.166

URLs

Name Detection
https://api.dmcdn.net/all.js
https://cloudfiles.io/_next/static/chunks/5ca00d41-f80dcc02233c86a3.js
https://app.hubspot.com/api/cartographer/v1/rhumb?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.13284
Click to see the 97 hidden entries
https://connect.facebook.net/signals/config/749116996109032?v=2.9.83&r=stable
https://www.youtube.com/embed/1rkTwk6PKdY?autoplay=0&mute=0&controls=0&origin=https%3A%2F%2Fcloudfiles.io&playsinline=1&showinfo=0&rel=0&iv_load_policy=3&modestbranding=1&enablejsapi=1&widgetid=1
https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.debb169c1abb431faaa6.js
https://cloudfiles.io/images/pages/home/features/secure-file-sharing.svg
https://cloudfil.es/_next/static/css/761d08517528cd55.css
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=104.0.5112.81&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
https://www.youtube.com/generate_204?uf-mSA
https://www.youtube.com/s/player/abfb84fe/fetch-polyfill.vflset/fetch-polyfill.js
https://api.cloudfil.es/api/ly7mR8utBQ5/files
https://www.google.co.uk/pagead/1p-user-list/10790155329/?random=1663946097413&cv=9&fst=1663945200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_his=1&u_tz=-420&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9l0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcloudfiles.io%2F&tiba=File%20Sharing%20Platform%20%7C%20Share%20Documents%20Online%20%7C%20CloudFiles&async=1&fmt=3&is_vtc=1&random=346257282&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
https://cloudfiles.io/logos/security/soc2.webp
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-188936264-1&cid=604035153.1663946092&jid=1865915276&_u=YADAAUAAAAAAAC~&z=1702222027
https://cloudfiles.io/_next/data/YJeXlCCpqKEI4BNvP_rQi/pricing.json?slug=pricing
https://cloudfiles.io/hog/decide?v=2&ip=1&_=1663946086126
https://cdn.cookie-script.com/s/61cbca8494eb3ac19b8548ecc52b65d8.js
https://cloudfiles.io/_next/static/chunks/545f34e4-eb701074efab5973.js
https://api-na1.hubspot.com/userpreferences/v1/avatar/af37eb0cf85adf85d80f9fda4baa0b45/100
https://www.google.com/pagead/1p-user-list/10783125194/?random=1663946097443&cv=9&fst=1663945200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_his=1&u_tz=-420&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9l0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcloudfiles.io%2F&tiba=File%20Sharing%20Platform%20%7C%20Share%20Documents%20Online%20%7C%20CloudFiles&async=1&fmt=3&is_vtc=1&random=1027656747&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-188936264-1&cid=604035153.1663946092&jid=1865915276&_u=YADAAUAAAAAAAC~&z=1702222027
https://cloudfiles.io/_next/static/chunks/390-8a0eaf13ec9db927.js
https://cloudfiles.io/_next/image?url=%2Fimages%2Fpages%2Fhome%2Ftestimonials%2Fg2-logo.png&w=3840&q=75
https://cloudfiles.io/icons/angellist.png
https://cloudfiles.io/_next/static/chunks/28-8667e3219650ddd1.js
https://cloudfil.es/images/logoWordmark.svg
https://cloudfiles.io/_next/static/chunks/b16bd182-2fce6d9e40c8c943.js
https://cloudfil.es/_next/static/chunks/838-e577e7ded876b417.js
https://cloudfiles.io/
https://static.hsappstatic.net/head-dlb/static-1.233/bundle.production.js
https://cloudfiles.io/images/pages/home/hero-image.svg
https://cloudfil.es/ly7mR8utBQ5
https://cloudfiles.io/_next/static/chunks/43a99af2-6a652ea0e41564d0.js
https://cloudfiles.io/_next/static/chunks/951-9933cd60a769c984.js
https://cloudfiles.io/images/pages/home/features/cloud-copy.svg
https://cloudfiles.io/images/pages/home/testimonials/5-star-rating.svg
https://track.hubspot.com/__ptq.gif?k=1&sd=1280x1024&cd=24-bit&cs=UTF-8&ln=en-us&bfp=4285505810&v=1.1&a=20182553&pu=https%3A%2F%2Fcloudfiles.io%2F&t=File+Sharing+Platform+%7C+Share+Documents+Online+%7C+CloudFiles&cts=1663946098472&vi=222eafc23c17f2f1f20b9c762dc2bdcf&nc=true&u=218584006.222eafc23c17f2f1f20b9c762dc2bdcf.1663946098461.1663946098461.1663946098461.1&b=218584006.1.1663946098463&cc=15
https://cloudfiles.io/logos/FullLogo-new.svg
https://avatars.hubspot.net/7baf5799201cac38d1c7a19dc11b89b1-100
https://yt3.ggpht.com/ytc/AMLnZu-FWsVbF8aAR_gls7ecgPiqYZt6-nIMTeclblUc=s68-c-k-c0x00ffffff-no-rj
https://www.google.com/js/th/A6NiJ4FpWdYb46YkL14Gb7YSsd_Y0OEDYbyMmxwlYE4.js
https://cloudfiles.io/images/pages/home/testimonials/Travis-White.jpg
https://cloudfiles.io/hog/e?ip=1&_=1663946086204
https://app.hubspot.com/api/cartographer/v1/performance?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.13284
https://www.youtube.com/s/player/abfb84fe/www-embed-player.vflset/www-embed-player.js
https://cloudfiles.io/_next/static/chunks/fc20e1c4-9e1761e40e9bca31.js
https://cloudfiles.io/_next/static/chunks/pages/index-54a1471851cf647f.js
https://cloudfiles.io/_next/static/chunks/framework-5f4595e5518b5600.js
https://cloudfiles.io/
https://cdn.segment.com/analytics-next/bundles/870.bundle.323974846b6d45afb45e.js
https://www.google.co.uk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HB9Z4JLXX4&cid=604035153.1663946092&gtm=2oe9l0&aip=1&z=1923764674
https://cloudfiles.io/images/pages/home/testimonials/1920px-HubSpot_Logo.svg.png
https://cloudfiles.io/icons/linkedin.png
https://connect.facebook.net/en_US/fbevents.js
https://cloudfiles.io/images/pages/home/testimonials/Chris-Moore.png
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-188936264-1&cid=604035153.1663946092&jid=1865915276&gjid=1491550274&_gid=405113668.1663946093&_u=YADAAUAAAAAAAC~&z=1482416094
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
https://cdn.segment.com/v1/projects/KUs1gEeIVanAKts76f3NenLgmETEQxxr/settings
https://cloudfiles.io/images/pages/home/testimonials/Architecture-Social.jpeg
https://www.youtube.com/iframe_api
https://avatars.hubspot.net/9da96031556358e4754625e37320e787-100
https://www.youtube.com/s/player/abfb84fe/player_ias.vflset/en_US/embed.js
https://cloudfiles.io/_next/static/YJeXlCCpqKEI4BNvP_rQi/_ssgManifest.js
https://cloudfiles.io/images/pages/home/testimonials/neighbourhood-logo.jpeg
https://cloudfiles.io/_next/static/YJeXlCCpqKEI4BNvP_rQi/_buildManifest.js
https://cloudfiles.io/icons/twitter.png
https://js.usemessages.com/conversations-embed.js
https://cloudfil.es/_next/static/chunks/main-96fa8ae7c24c9725.js
https://cloudfiles.io/images/pages/home/testimonials/Jordan-Harris.jpeg
https://www.google.com/pagead/1p-user-list/10790155329/?random=1663946097413&cv=9&fst=1663945200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_his=1&u_tz=-420&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9l0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcloudfiles.io%2F&tiba=File%20Sharing%20Platform%20%7C%20Share%20Documents%20Online%20%7C%20CloudFiles&async=1&fmt=3&is_vtc=1&random=346257282&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
https://api-na1.hubspot.com/userpreferences/v1/avatar/9da96031556358e4754625e37320e787/100
https://region1.analytics.google.com/g/collect?v=2&tid=G-HB9Z4JLXX4&gtm=2oe9l0&_p=932923266&cid=604035153.1663946092&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=2&sid=1663946091&sct=1&seg=1&dl=https%3A%2F%2Fcloudfiles.io%2F&dt=File%20Sharing%20Platform%20%7C%20Share%20Documents%20Online%20%7C%20CloudFiles&en=page_view&_ee=1
https://www.youtube.com/s/player/abfb84fe/player_ias.vflset/en_US/base.js
https://cloudfiles.io/logos/security/gdpr.png
https://cloudfiles.io/images/pages/home/buddha-banner.jpg
https://www.facebook.com/tr/?id=749116996109032&ev=Microdata&dl=https%3A%2F%2Fcloudfiles.io%2F&rl=&if=false&ts=1663946095810&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22File%20Sharing%20Platform%20%7C%20Share%20Documents%20Online%20%7C%20CloudFiles%22%2C%22meta%3Adescription%22%3A%22CloudFiles%20is%20a%20modern%20file%20sharing%20platform%20for%20businesses%20designed%20to%20reduce%20mundane%20tasks.%20Sign%20up%20and%20put%20your%20energy%20to%20things%20that%20matter.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1280&sh=1024&v=2.9.83&r=stable&ec=1&o=30&fbp=fb.1.1663946093092.1064301508&it=1663946090710&coo=false&es=automatic&tm=3&rqm=GET
https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=20182553
https://cdn.segment.com/analytics.js/v1/KUs1gEeIVanAKts76f3NenLgmETEQxxr/analytics.min.js
https://googleads.g.doubleclick.net/pagead/id
https://js.hsadspixel.net/fb.js
https://cloudfiles.io/_next/static/chunks/pages/_app-f171edb1f3175855.js
https://cloudfil.es/_next/static/chunks/pages/%5Bhash%5D-da6732468a64e9d9.js
https://static.doubleclick.net/instream/ad_status.js
https://cloudfiles.io/images/pages/home/features/detailed-analytics.png
https://static.hsappstatic.net/hubspot-dlb/static-1.318/bundle.production.js
https://app.hubspot.com/conversations-visitor/20182553/threads/utk/e86f3294fabf4298bfb6731338a898f9?uuid=9cb37ca1f6ae46778bde47f4ac4692ca&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=cloudfiles.io&inApp53=false&messagesUtk=e86f3294fabf4298bfb6731338a898f9&url=https%3A%2F%2Fcloudfiles.io%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hubspotUtk=222eafc23c17f2f1f20b9c762dc2bdcf
https://www.google.co.uk/pagead/1p-user-list/10783125194/?random=1663946097443&cv=9&fst=1663945200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_his=1&u_tz=-420&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9l0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcloudfiles.io%2F&tiba=File%20Sharing%20Platform%20%7C%20Share%20Documents%20Online%20%7C%20CloudFiles&async=1&fmt=3&is_vtc=1&random=1027656747&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
https://cloudfiles.io/_next/image?url=%2Fimages%2Fpages%2Fhome%2Ftestimonials%2Fhs-logo.png&w=1920&q=75
https://cloudfil.es/favicon.ico
https://cloudfiles.io/images/pages/home/testimonials/goreact-logo.svg
https://i.ytimg.com/vi_webp/1rkTwk6PKdY/sddefault.webp
https://api.cloudfil.es/api/views/632d4ec5c3d2310bbf142ae1/download
https://cloudfiles.io/images/pages/home/features/file-links.svg
https://api.cloudfil.es/api/ly7mR8utBQ5
https://app.hubspot.com/conversations-visitor/20182553/threads/utk/e86f3294fabf4298bfb6731338a898f9?uuid=9cb37ca1f6ae46778bde47f4ac4692ca&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=cloudfiles.io&inApp53=false&messagesUtk=e86f3294fabf4298bfb6731338a898f9&url=https%3A%2F%2Fcloudfiles.io%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
https://cloudfiles.io/_next/static/chunks/423-c466c32b0761d1c5.js
https://cloudfiles.io/_next/static/chunks/197-c096a3bf80407be8.js
https://js.hs-banner.com/20182553.js
https://cloudfiles.io/_next/static/chunks/pages/%5Bslug%5D-987d9e7f5dfae2bd.js

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Temp\evppz250.yan\SARS OUTSTANDING LETTER OF DEMAND.html
HTML document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Temp\fsnnqwuj.h1e\SARS OUTSTANDING LETTER OF DEMAND.html
HTML document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Temp\oluilyf2.xu4\SARS OUTSTANDING LETTER OF DEMAND.html
HTML document, ASCII text, with very long lines, with CRLF line terminators
#
Click to see the 9 hidden entries
C:\Users\user\AppData\Local\Temp\unarchiver.log
ASCII text, with CRLF line terminators
#
C:\Users\user\Downloads\22e8244c-6e16-464c-801c-35bec625d846.tmp
Zip archive data, at least v2.0 to extract
#
C:\Users\user\Downloads\97f61521-b3dd-4003-bb1c-5ea026c9e45a.tmp
Zip archive data, at least v2.0 to extract
#
C:\Users\user\Downloads\SARS OUTSTANDING LETTER OF DEMAND (1).zip (copy)
Zip archive data, at least v2.0 to extract
#
C:\Users\user\Downloads\SARS OUTSTANDING LETTER OF DEMAND (1).zip.crdownload
Zip archive data, at least v2.0 to extract
#
C:\Users\user\Downloads\SARS OUTSTANDING LETTER OF DEMAND (2).zip (copy)
Zip archive data, at least v2.0 to extract
#
C:\Users\user\Downloads\SARS OUTSTANDING LETTER OF DEMAND (2).zip.crdownload
Zip archive data, at least v2.0 to extract
#
C:\Users\user\Downloads\SARS OUTSTANDING LETTER OF DEMAND.zip (copy)
Zip archive data, at least v2.0 to extract
#
C:\Users\user\Downloads\SARS OUTSTANDING LETTER OF DEMAND.zip.crdownload
Zip archive data, at least v2.0 to extract
#