General Information

  • Date:03.12.2019
  • Duration:0h 3m 42s
  • Sample URL:http://gmial.com
  • Cookbook:browseurl.jbs
  • Icon:No Icon
  • Filetype:unknown

Detection

MALICIOUS
    • Found 1 malicious signature
    • Contacts 5 domains/IPs
    • Launches 2 processes
    • Drops 20 files

Signature Overview

    • No. of IPs < 25%
    • 25% < No. of IPs < 50%
    • 50% < No. of IPs < 75%
    • 75% < No. of IPs

    Contacted Public IPs

    IP Country Flag ASN ASN Name Malicious
    34.196.13.28
    United States
    14618 unknown false
    104.24.104.5
    United States
    13335 unknown true

    Contacted Domains

    Name IP Active
    gmial.com 104.24.104.5 true
    granatevie.xyz 34.196.13.28 true
    bittertester.com 34.196.13.28 true

    Contacted URLs

    Name Malicious Antivirus Detection Reputation
    http://granatevie.xyz/?k=a6cfd3ba17ce368bf13b8a684a95a74c.1575357372.398.2.0.Z21pYWwuY29t.&r=&z=480 false
    • Avira URL Cloud: safe
    unknown
    Hide Legend

    Legend:

    • Process
    • Signature
    • Created File
    • DNS/IP Info
    • Is Dropped
    • Is Windows Process
    • Number of created Registry Values
    • Number of created Files
    • Visual Basic
    • Delphi
    • Java
    • .Net C# or VB.NET
    • C, C++ or other language
    • Is malicious
    • Internet
    behaviorgraph top1 signatures2 2 Behavior Graph ID: 193302 URL: http://gmial.com Startdate: 03/12/2019 Architecture: WINDOWS Score: 48 17 Multi AV Scanner detection for domain / URL 2->17 6 iexplore.exe 6 85 2->6         started        process3 process4 8 iexplore.exe 2 34 6->8         started        dnsIp5 11 gmial.com 104.24.104.5, 49735, 49736, 80 unknown United States 8->11 13 bittertester.com 34.196.13.28, 49737, 49738, 49739 unknown United States 8->13 15 granatevie.xyz 8->15