Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
SecureMessageAtt.html
|
HTML document, ASCII text, with CRLF line terminators
|
initial sample
|
||
Chrome Cache Entry: 82
|
GIF image data, version 89a, 90 x 68
|
dropped
|
||
Chrome Cache Entry: 83
|
GIF image data, version 89a, 187 x 42
|
dropped
|
||
Chrome Cache Entry: 84
|
GIF image data, version 89a, 90 x 68
|
downloaded
|
||
Chrome Cache Entry: 85
|
HTML document, ASCII text, with very long lines (455), with CRLF line terminators
|
downloaded
|
||
Chrome Cache Entry: 86
|
GIF image data, version 89a, 187 x 42
|
downloaded
|
||
Chrome Cache Entry: 87
|
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
|
dropped
|
||
Chrome Cache Entry: 88
|
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
|
downloaded
|
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "C:\Users\user\Desktop\SecureMessageAtt.html"
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2060 --field-trial-handle=1996,i,3822043218176268392,2533187350089635544,262144
/prefetch:8
|
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
file:///C:/Users/user/Desktop/SecureMessageAtt.html
|
|||
https://securemail.americanfidelity.com/help/enus_encryption.htm
|
|||
https://securemail.americanfidelity.com/formpostdir/safeformpost.aspx
|
unknown
|
||
https://securemail.americanfidelity.com/help/enus_encryption.htm#Reading_a_Secure_Message_on_a_Smart_Phone
|
|||
https://securemail.americanfidelity.com/help/enus_encryption.htm#Troubleshooting
|
|||
https://securemail.americanfidelity.com/securereader/help.jsf?lang=enus
|
|||
https://securemail.americanfidelity.com/help/enus_encryption.htm#Adding_Recipients
|
|||
https://securemail.americanfidelity.com/favicon.ico
|
67.231.149.122
|
||
https://securemail.americanfidelity.com/securereader/Image?c=logo&b=1&i=0&rnd=9.80372576023722
|
67.231.149.122
|
||
https://securemail.americanfidelity.com/help/enus_encryption.htm#Replying_or_Forwarding
|
|||
https://securemail.americanfidelity.com/securereader/Image?c=lock&b=1&rnd=2.99930044764984
|
67.231.149.122
|
There are 1 hidden URLs, click here to show them.
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
www.google.com
|
172.253.124.147
|
||
pe-0018f201.gslb.pphosted.com
|
67.231.149.122
|
||
securemail.americanfidelity.com
|
unknown
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
67.231.149.122
|
pe-0018f201.gslb.pphosted.com
|
United States
|
||
239.255.255.250
|
unknown
|
Reserved
|
||
192.168.2.4
|
unknown
|
unknown
|
||
192.168.2.6
|
unknown
|
unknown
|
||
172.253.124.147
|
www.google.com
|
United States
|
DOM / HTML
URL
|
Malicious
|
|
---|---|---|
file:///C:/Users/user/Desktop/SecureMessageAtt.html
|
||
https://securemail.americanfidelity.com/securereader/help.jsf?lang=enus
|
||
https://securemail.americanfidelity.com/help/enus_encryption.htm
|
||
https://securemail.americanfidelity.com/help/enus_encryption.htm#Replying_or_Forwarding
|
||
https://securemail.americanfidelity.com/help/enus_encryption.htm#Adding_Recipients
|
||
https://securemail.americanfidelity.com/help/enus_encryption.htm#Reading_a_Secure_Message_on_a_Smart_Phone
|
||
https://securemail.americanfidelity.com/help/enus_encryption.htm#Resetting_Your_Expired_Password
|
||
https://securemail.americanfidelity.com/help/enus_encryption.htm#Troubleshooting
|