flash

November Draw Disbursed.html

Status: finished
Submission Time: 2022-11-29 19:58:14 +01:00
Malicious
Phishing
HTMLPhisher

Comments

Tags

Details

  • Analysis ID:
    756202
  • API (Web) ID:
    1123478
  • Analysis Started:
    2022-11-29 19:58:14 +01:00
  • Analysis Finished:
    2022-11-29 20:04:32 +01:00
  • MD5:
    c0d6d8acc86ed388214581788ec837d8
  • SHA1:
    c846ee109e9ee8e373ff09412a59e3aeec06fd44
  • SHA256:
    2209177e77a2dabd0c034500ee64ccca71d8985c7c564ce31898ca2326bb6d78
  • Technologies:
Full Report Management Report IOC Report Engine Info Verdict Score Reports

System: Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 104, IE 11, Adobe Reader DC 19, Java 8 Update 211

malicious
56/100

IPs

IP Country Detection
152.199.23.72
United States
68.65.123.205
United States
162.19.88.68
United States
Click to see the 8 hidden entries
38.34.185.163
United States
142.250.203.110
United States
18.172.153.55
United States
172.217.168.68
United States
172.217.168.45
United States
239.255.255.250
Reserved
188.114.96.3
European Union
172.67.188.128
United States

Domains

Name IP Detection
descansonline.com
188.114.96.3
d26p066pn2w0s0.cloudfront.net
18.172.153.55
accounts.google.com
172.217.168.45
Click to see the 11 hidden entries
i.postimg.cc
162.19.88.68
www.google.com
172.217.168.68
code.jquery.quest
38.34.185.163
clients.l.google.com
142.250.203.110
maxcdn.bootstrapcdn.rest
172.67.188.128
code.jquery.com.de
38.34.185.163
cs1025.wpc.upsiloncdn.net
152.199.23.72
maxcdn.bootstrapcdn.cloud
68.65.123.205
aadcdn.msauthimages.net
0.0.0.0
clients2.google.com
0.0.0.0
logo.clearbit.com
0.0.0.0

URLs

Name Detection
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=104.0.5112.81&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
https://maxcdn.bootstrapcdn.cloud/jquery-3.5.2.min.js
https://aadcdn.msauthimages.net/dbd5a2dd-us0mikl89yxon-sgdcnggg1-x8-vglc85xxjmtn1cza/logintenantbranding/0/bannerlogo?ts=637227555210461681
Click to see the 14 hidden entries
https://descansonline.com/wp/b1.php
https://maxcdn.bootstrapcdn.rest/jquery-3.5.2.min.js
https://logo.clearbit.com/dmv.ca.gov
https://maxcdn.bootstrapcdn.cloud/tkv/index.php?dt=QCPsVcn7rgD1hKIR25CTCLE0O
https://maxcdn.bootstrapcdn.cloud/ndata/index.php?dt=wendy.lang@dmv.ca.gov
https://maxcdn.bootstrapcdn.cloud/post/index.php?title=Sign%20in%20to%20your%20account&link=file:///C:/Users/user/Desktop/November%20Draw%20Disbursed.html&time=2022-11-29%2019:59:17&ip=102.129.143.49%20:%20Switzerland
file:///C:/Users/user/Desktop/November%20Draw%20Disbursed.html
https://code.jquery.quest/jquery-3.5.2.min.js
https://code.jquery.com.de/jquery-3.5.2.min.js
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
https://code.jquery.com.de/ip.php
https://descansonline.com/wp/b1.js
https://i.postimg.cc/jSY8DXQL/back.jpg
https://maxcdn.bootstrapcdn.cloud/catch/index.php?dt=1312,5084,1312,2009,1968,2050,1886,2009,2050,2337,1886,2009,2132,2091,1886,2132,2337,1312,2378,1312,3403,4879,4305,4756,5002,4141,4674,4428,3977,4510,4100,1312,2501,2501,2542,1312,1640,1312,3403,4305,4223,4510,1312,4305,4510,1312,4756,4551,1312,4961,4551,4797,4674,1312,3977,4059,4059,4551,4797,4510,4756,1312,1681,1312,2378,1804,4879,4141,4510,4100,4961,1886,4428,3977,4510,4223,2624,4100,4469,4838,1886,4059,3977,1886,4223,4551,4838,1804,3403,4305,4223,4510,1312,4305,4510,1804,4756,4674,4797,4141,1804,3403,4305,4223,4510,1312,2993,4510,410