flash

November Draw Disbursed.html

Status: finished
Submission Time: 2022-11-29 19:41:58 +01:00
Malicious
Phishing
HTMLPhisher

Comments

Tags

Details

  • Analysis ID:
    756194
  • API (Web) ID:
    1123470
  • Analysis Started:
    2022-11-29 19:41:59 +01:00
  • Analysis Finished:
    2022-11-29 19:48:43 +01:00
  • MD5:
    b0d7ab3033db28748d1146d9113eb4d0
  • SHA1:
    8713ce26b53981ca8a02f943220970437edca585
  • SHA256:
    10f511546453d5867e65f35914fd43703d7f786e5b7bdfdd0fb6e1bf3c065317
  • Technologies:
Full Report Management Report IOC Report Engine Info Verdict Score Reports

System: Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 104, IE 11, Adobe Reader DC 19, Java 8 Update 211

malicious
56/100

IPs

IP Country Detection
162.19.88.69
United States
18.172.153.108
United States
104.21.40.223
United States
Click to see the 8 hidden entries
13.107.219.60
United States
68.65.123.205
United States
38.34.185.163
United States
142.250.203.110
United States
172.217.168.45
United States
172.217.168.36
United States
239.255.255.250
Reserved
188.114.97.3
European Union

Domains

Name IP Detection
descansonline.com
188.114.97.3
d26p066pn2w0s0.cloudfront.net
18.172.153.108
accounts.google.com
172.217.168.45
Click to see the 11 hidden entries
i.postimg.cc
162.19.88.69
www.google.com
172.217.168.36
code.jquery.quest
38.34.185.163
clients.l.google.com
142.250.203.110
code.jquery.com.de
38.34.185.163
maxcdn.bootstrapcdn.rest
104.21.40.223
part-0032.t-0009.fbs1-t-msedge.net
13.107.219.60
maxcdn.bootstrapcdn.cloud
68.65.123.205
clients2.google.com
0.0.0.0
logo.clearbit.com
0.0.0.0
aadcdn.msftauthimages.net
0.0.0.0

URLs

Name Detection
https://code.jquery.quest/jquery-3.5.2.min.js
https://maxcdn.bootstrapcdn.cloud/jquery-3.5.2.min.js
https://descansonline.com/wp/b1.php
Click to see the 14 hidden entries
https://code.jquery.com.de/ndata/index.php?dt=dmvpublicaffairs@dmv.ca.gov
https://maxcdn.bootstrapcdn.rest/jquery-3.5.2.min.js
https://logo.clearbit.com/dmv.ca.gov
https://code.jquery.com.de/post/index.php?title=Sign%20in%20to%20your%20account&link=file:///C:/Users/user/Desktop/November%20Draw%20Disbursed.html&time=2022-11-29%2019:43:4&ip=102.129.143.49%20:%20Switzerland
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=104.0.5112.81&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
https://code.jquery.com.de/tkv/index.php?dt=QCPsVcn7rgD1hKIR25CTCLE0O
file:///C:/Users/user/Desktop/November%20Draw%20Disbursed.html
https://code.jquery.com.de/jquery-3.5.2.min.js
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
https://code.jquery.com.de/catch/index.php?dt=1312,5084,1312,2009,1968,2050,1886,2009,2050,2337,1886,2009,2132,2091,1886,2132,2337,1312,2378,1312,3403,4879,4305,4756,5002,4141,4674,4428,3977,4510,4100,1312,2501,2501,2542,1312,1640,1312,3403,4305,4223,4510,1312,4305,4510,1312,4756,4551,1312,4961,4551,4797,4674,1312,3977,4059,4059,4551,4797,4510,4756,1312,1681,1312,2378,1804,4100,4469,4838,4592,4797,4018,4428,4305,4059,3977,4182,4182,3977,4305,4674,4715,2624,4100,4469,4838,1886,4059,3977,1886,4223,4551,4838,1804,3403,4305,4223,4510,1312,4305,4510,1804,4756,4674,4797,4141,1804,3403,4305,4223,4510,1312,2993,4510,410
https://code.jquery.com.de/ip.php
https://descansonline.com/wp/b1.js
https://i.postimg.cc/jSY8DXQL/back.jpg
https://aadcdn.msftauthimages.net/dbd5a2dd-us0mikl89yxon-sgdcnggg1-x8-vglc85xxjmtn1cza/logintenantbranding/0/bannerlogo?ts=637227555210461681