Click to jump to signature section
Source: https://topteamoscarlubricants.online/nba#ZGluYUBqdmRtLmNvLnph | Avira URL Cloud: detection malicious, Label: phishing |
Source: topteamoscarlubricants.online | Virustotal: Detection: 5% | Perma Link |
Source: https://topteamoscarlubricants.online/nba#ZGluYUBqdmRtLmNvLnph | Virustotal: Detection: 5% | Perma Link |
Source: Yara match | File source: 0.0.pages.csv, type: HTML |
Source: Yara match | File source: 0.1.pages.csv, type: HTML |
Source: Yara match | File source: 0.0.pages.csv, type: HTML |
Source: Yara match | File source: dropped/chromecache_72, type: DROPPED |
Source: https://pub-62009b09df5e4a61a73b8cb258f20f88.r2.dev/aqyywuwyhdhhhruemdkeelz.html?VGHBJGKFHVFJDKDFUVYFIUJNBTMRJKJ3ERUYFR89UBRNMEWJDUVY89EUIHJJRKDIUYCDGHBJIEUFYGHEBNJEWDUCYHBHUCDYWGHBNJFVIUYEGHBEJFIUYVG&#dina@jvdm.co.za | HTTP Parser: Number of links: 0 |
Source: https://pub-62009b09df5e4a61a73b8cb258f20f88.r2.dev/aqyywuwyhdhhhruemdkeelz.html?VGHBJGKFHVFJDKDFUVYFIUJNBTMRJKJ3ERUYFR89UBRNMEWJDUVY89EUIHJJRKDIUYCDGHBJIEUFYGHEBNJEWDUCYHBHUCDYWGHBNJFVIUYEGHBEJFIUYVG&#dina@jvdm.co.za | HTTP Parser: <input type="password" .../> found but no <form action="... |
Source: https://pub-62009b09df5e4a61a73b8cb258f20f88.r2.dev/aqyywuwyhdhhhruemdkeelz.html?VGHBJGKFHVFJDKDFUVYFIUJNBTMRJKJ3ERUYFR89UBRNMEWJDUVY89EUIHJJRKDIUYCDGHBJIEUFYGHEBNJEWDUCYHBHUCDYWGHBNJFVIUYEGHBEJFIUYVG&#dina@jvdm.co.za | HTTP Parser: Title: Email Server Update does not match URL |
Source: https://pub-62009b09df5e4a61a73b8cb258f20f88.r2.dev/aqyywuwyhdhhhruemdkeelz.html?VGHBJGKFHVFJDKDFUVYFIUJNBTMRJKJ3ERUYFR89UBRNMEWJDUVY89EUIHJJRKDIUYCDGHBJIEUFYGHEBNJEWDUCYHBHUCDYWGHBNJFVIUYEGHBEJFIUYVG&#dina@jvdm.co.za | HTTP Parser: <input type="password" .../> found |
Source: https://pub-62009b09df5e4a61a73b8cb258f20f88.r2.dev/aqyywuwyhdhhhruemdkeelz.html?VGHBJGKFHVFJDKDFUVYFIUJNBTMRJKJ3ERUYFR89UBRNMEWJDUVY89EUIHJJRKDIUYCDGHBJIEUFYGHEBNJEWDUCYHBHUCDYWGHBNJFVIUYEGHBEJFIUYVG&#dina@jvdm.co.za | HTTP Parser: No favicon |
Source: https://pub-62009b09df5e4a61a73b8cb258f20f88.r2.dev/aqyywuwyhdhhhruemdkeelz.html?VGHBJGKFHVFJDKDFUVYFIUJNBTMRJKJ3ERUYFR89UBRNMEWJDUVY89EUIHJJRKDIUYCDGHBJIEUFYGHEBNJEWDUCYHBHUCDYWGHBNJFVIUYEGHBEJFIUYVG&#dina@jvdm.co.za | HTTP Parser: No favicon |
Source: https://pub-62009b09df5e4a61a73b8cb258f20f88.r2.dev/aqyywuwyhdhhhruemdkeelz.html?VGHBJGKFHVFJDKDFUVYFIUJNBTMRJKJ3ERUYFR89UBRNMEWJDUVY89EUIHJJRKDIUYCDGHBJIEUFYGHEBNJEWDUCYHBHUCDYWGHBNJFVIUYEGHBEJFIUYVG&#dina@jvdm.co.za | HTTP Parser: No <meta name="author".. found |
Source: https://pub-62009b09df5e4a61a73b8cb258f20f88.r2.dev/aqyywuwyhdhhhruemdkeelz.html?VGHBJGKFHVFJDKDFUVYFIUJNBTMRJKJ3ERUYFR89UBRNMEWJDUVY89EUIHJJRKDIUYCDGHBJIEUFYGHEBNJEWDUCYHBHUCDYWGHBNJFVIUYEGHBEJFIUYVG&#dina@jvdm.co.za | HTTP Parser: No <meta name="author".. found |
Source: https://pub-62009b09df5e4a61a73b8cb258f20f88.r2.dev/aqyywuwyhdhhhruemdkeelz.html?VGHBJGKFHVFJDKDFUVYFIUJNBTMRJKJ3ERUYFR89UBRNMEWJDUVY89EUIHJJRKDIUYCDGHBJIEUFYGHEBNJEWDUCYHBHUCDYWGHBNJFVIUYEGHBEJFIUYVG&#dina@jvdm.co.za | HTTP Parser: No <meta name="copyright".. found |
Source: https://pub-62009b09df5e4a61a73b8cb258f20f88.r2.dev/aqyywuwyhdhhhruemdkeelz.html?VGHBJGKFHVFJDKDFUVYFIUJNBTMRJKJ3ERUYFR89UBRNMEWJDUVY89EUIHJJRKDIUYCDGHBJIEUFYGHEBNJEWDUCYHBHUCDYWGHBNJFVIUYEGHBEJFIUYVG&#dina@jvdm.co.za | HTTP Parser: No <meta name="copyright".. found |
Source: unknown | HTTPS traffic detected: 23.221.242.90:443 -> 192.168.2.16:49729 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 23.221.242.90:443 -> 192.168.2.16:49730 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.16:49731 version: TLS 1.2 |
Source: Traffic | Snort IDS: 2032514 ET CURRENT_EVENTS Generic Multibrand NewInjection Phishing Landing Template 104.18.3.35:443 -> 192.168.2.16:49707 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | TCP traffic detected without corresponding DNS query: 204.79.197.203 |
Source: unknown | TCP traffic detected without corresponding DNS query: 204.79.197.203 |
Source: unknown | TCP traffic detected without corresponding DNS query: 204.79.197.203 |
Source: unknown | TCP traffic detected without corresponding DNS query: 204.79.197.200 |
Source: unknown | TCP traffic detected without corresponding DNS query: 204.79.197.203 |
Source: unknown | TCP traffic detected without corresponding DNS query: 204.79.197.203 |
Source: unknown | TCP traffic detected without corresponding DNS query: 23.221.242.90 |
Source: unknown | TCP traffic detected without corresponding DNS query: 23.221.242.90 |
Source: unknown | TCP traffic detected without corresponding DNS query: 23.221.242.90 |
Source: unknown | TCP traffic detected without corresponding DNS query: 23.221.242.90 |
Source: unknown | TCP traffic detected without corresponding DNS query: 23.221.242.90 |
Source: unknown | TCP traffic detected without corresponding DNS query: 23.221.242.90 |
Source: unknown | TCP traffic detected without corresponding DNS query: 23.221.242.90 |
Source: unknown | TCP traffic detected without corresponding DNS query: 23.221.242.90 |
Source: unknown | TCP traffic detected without corresponding DNS query: 23.221.242.90 |
Source: unknown | TCP traffic detected without corresponding DNS query: 23.221.242.90 |
Source: unknown | TCP traffic detected without corresponding DNS query: 23.221.242.90 |
Source: unknown | TCP traffic detected without corresponding DNS query: 23.221.242.90 |
Source: unknown | TCP traffic detected without corresponding DNS query: 23.221.242.90 |
Source: unknown | TCP traffic detected without corresponding DNS query: 23.221.242.90 |
Source: unknown | TCP traffic detected without corresponding DNS query: 23.221.242.90 |
Source: unknown | TCP traffic detected without corresponding DNS query: 23.221.242.90 |
Source: unknown | TCP traffic detected without corresponding DNS query: 23.221.242.90 |
Source: unknown | TCP traffic detected without corresponding DNS query: 23.221.242.90 |
Source: unknown | TCP traffic detected without corresponding DNS query: 20.12.23.50 |
Source: unknown | TCP traffic detected without corresponding DNS query: 20.12.23.50 |
Source: unknown | TCP traffic detected without corresponding DNS query: 20.12.23.50 |
Source: unknown | TCP traffic detected without corresponding DNS query: 20.189.173.10 |
Source: unknown | TCP traffic detected without corresponding DNS query: 20.12.23.50 |
Source: unknown | TCP traffic detected without corresponding DNS query: 20.12.23.50 |
Source: unknown | TCP traffic detected without corresponding DNS query: 20.12.23.50 |
Source: unknown | TCP traffic detected without corresponding DNS query: 20.12.23.50 |
Source: unknown | TCP traffic detected without corresponding DNS query: 20.189.173.10 |
Source: unknown | TCP traffic detected without corresponding DNS query: 20.12.23.50 |
Source: unknown | TCP traffic detected without corresponding DNS query: 20.12.23.50 |
Source: unknown | TCP traffic detected without corresponding DNS query: 20.12.23.50 |
Source: unknown | TCP traffic detected without corresponding DNS query: 20.12.23.50 |
Source: unknown | TCP traffic detected without corresponding DNS query: 20.12.23.50 |
Source: unknown | TCP traffic detected without corresponding DNS query: 20.12.23.50 |
Source: unknown | TCP traffic detected without corresponding DNS query: 20.12.23.50 |
Source: unknown | TCP traffic detected without corresponding DNS query: 20.189.173.10 |
Source: unknown | TCP traffic detected without corresponding DNS query: 204.79.197.203 |
Source: unknown | DNS traffic detected: queries for: topteamoscarlubricants.online |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49722 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49721 |
Source: unknown | Network traffic detected: HTTP traffic on port 49706 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49731 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49678 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49727 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49704 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49729 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49722 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49701 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49688 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49709 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49732 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49731 |
Source: unknown | Network traffic detected: HTTP traffic on port 49707 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49673 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49730 |
Source: unknown | Network traffic detected: HTTP traffic on port 49732 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49705 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49730 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49728 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49721 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49723 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49709 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49707 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49729 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49706 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49728 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49705 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49727 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49704 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49701 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49723 |
Source: unknown | HTTPS traffic detected: 23.221.242.90:443 -> 192.168.2.16:49729 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 23.221.242.90:443 -> 192.168.2.16:49730 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.16:49731 version: TLS 1.2 |
Source: classification engine | Classification label: mal80.phis.win@14/18@22/89 |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps |
Source: unknown | Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://topteamoscarlubricants.online/nba#ZGluYUBqdmRtLmNvLnph |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2156 --field-trial-handle=1932,i,10420052389361484476,14335600393112672327,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2156 --field-trial-handle=1932,i,10420052389361484476,14335600393112672327,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |
Source: Window Recorder | Window detected: More than 3 window changes detected |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk |