flash

http://click.icptrack.com/icp/relay.php?r=30000099&msgid=6080008&act=F00B&c=1778479&destination=https%3A%2F%2F091020191045.azureedge.net/test

Status: finished
Submission Time: 10.10.2019 02:27:03
Malicious
Phishing

Comments

Tags

Details

  • Analysis ID:
    181820
  • API (Web) ID:
    262336
  • Analysis Started:
    10.10.2019 02:27:04
  • Analysis Finished:
    10.10.2019 02:32:19
  • Technologies:
Permalink Engine Info Verdict Score Reports

System: Windows 10 64 bit (version 1803) with Office 2016, Adobe Reader DC 19, Chrome 70, Firefox 63, Java 8.171, Flash 30.0.0.113

malicious
48/100

IPs

IP Country Detection
104.19.198.151
United States
95.216.15.24
Germany
152.199.23.37
United States
Click to see the 2 hidden entries
34.194.63.15
United States
40.123.16.21
United States

Domains

Name IP Detection
web.bn4prdstr05b.store.core.windows.net
40.123.16.21
cs1100.wpc.omegacdn.net
152.199.23.37
freeiconspng.com
95.216.15.24
Click to see the 12 hidden entries
cdnjs.cloudflare.com
104.19.198.151
icptrack-2048919965.us-east-1.elb.amazonaws.com
34.194.63.15
click.icptrack.com
0.0.0.0
stackpath.bootstrapcdn.com
0.0.0.0
secure.aadcdn.microsoftonline-p.com
0.0.0.0
code.jquery.com
0.0.0.0
maxcdn.bootstrapcdn.com
0.0.0.0
aadcdn.msftauth.net
0.0.0.0
login.microsoftonline.com
0.0.0.0
www.freeiconspng.com
0.0.0.0
aadcdn.msauth.net
0.0.0.0
09102019helpdesk20ticket-secondary.z19.web.core.windows.net
0.0.0.0

URLs

Name Detection
http://search.chol.com/favicon.ico
http://www.mercadolivre.com.br/
http://www.merlin.com.pl/favicon.ico
Click to see the 97 hidden entries
https://click.icptrack.com/icp/relay.php?r=30000099&msgid=60
https://certs.goda
http://www.dailymail.co.uk/
http://fr.search.yahoo.com/
http://in.search.yahoo.com/
http://img.shopzilla.com/shopzilla/shopzilla.ico
https://09102019helpdesk20ticket-secondary.z19.web.core.windows.net/favicon.ico
http://getbootstrap.com)
https://aadcdn.msauth.net/ests/2.1/content/images/backgrounds/0_a5dbd4393ff6a725c7e62b61df7e72f0.jpg
http://click.icptrack.com/icp/relay.php?r=30000099&msgid=6080008&act=F00B&c=
http://msk.afisha.ru/
http://www.twitter.c
http://www.reddit.com/
http://busca.igbusca.com.br//app/static/images/favicon.ico
http://www.ya.com/favicon.ico
https://aadcdn.msf
http://www.etmall.com.tw/favicon.ico
http://it.search.dada.net/favicon.ico
http://search.hanafos.com/favicon.ico
https://maxcdn.bootstrapcdn.com/
http://cgi.search.biglobe.ne.jp/favicon.ico
http://search.msn.co.jp/results.aspx?q=
http://buscar.ozu.es/
http://www.microsofttranslator.com/BVPrev.aspx?ref=IE8Activity
http://www.ask.com/
https://click.icptrack.com/icp/relay.php?r=30000099&msgid=6080008&act=F00B&c
http://www.google.it/
http://crl.godaddy.com/gdroot-g2.crl0F
http://search.auction.co.kr/
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js
http://www.amazon.de/
http://sads.myspace.com/
https://09102019hsk20ticket-secondary.z19.web.core.windows.net/#Root
http://www.pchome.com.tw/favicon.ico
http://browse.guardian.co.uk/favicon.ico
http://google.pchome.com.tw/
http://list.taobao.com/browse/search_visual.htm?n=15&q=
http://www.rambler.ru/favicon.ico
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_mbqre5pw01euigudkiyms
http://uk.search.yahoo.com/
http://www.ozu.es/favicon.ico
http://search.sify.com/
http://openimage.interpark.com/interpark.ico
http://search.yahoo.co.jp/favicon.ico
http://www.gmarket.co.kr/
https://secure.aadcdn.microsoftonline-p.com/ests/2.1.6468.8/content/images/favicon_a.ico
http://search.nifty.com/
http://certificates.godaddy.com/repository/0
http://www.google.si/
http://www.soso.com/
https://login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=5
http://busca.orange.es/
http://cnweb.search.live.com/results.aspx?q=
http://www.twitter.com/
http://auto.search.msn.com/response.asp?MT=
http://www.target.com/
https://secure.aadcdn.microsoftonline-p.com/ests/2.1.7230.10/content/images/picker_account_add.svg
http://search.orange.co.uk/favicon.ico
http://www.iask.com/
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.eot?v=4.7.0
http://search.centrum.cz/favicon.ico
http://service2.bfast.com/
http://ariadna.elmundo.es/
http://www.news.com.au/favicon.ico
http://www.cdiscount.com/
http://www.tiscali.it/favicon.ico
http://it.search.yahoo.com/
http://www.ceneo.pl/favicon.ico
http://www.servicios.clarin.com/
https://secure.aadcdn.microsoftonline-p.com/ests/2.1.6468.8/content/images/favicon_a.ico~
http://search.daum.net/favicon.ico
http://www.kkbox.com.tw/
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff?v=4.7.0
http://search.goo.ne.jp/favicon.ico
http://search.msn.com/results.aspx?q=
http://list.taobao.com/
http://www.nytimes.com/
http://www.taobao.com/favicon.ico
http://www.etmall.com.tw/
http://ie.search.yahoo.com/os?command=
http://www.cnet.com/favicon.ico
http://www.linternaute.com/favicon.ico
http://busca.u
http://www.amazon.co.uk/
http://www.cdiscount.com/favicon.ico
http://www.asharqalawsat.com/favicon.ico
http://www.google.fr/
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/jquery.1.11.min_3z194vh3l5oibjd0ejgm-q2.js
http://search.gismeteo.ru/
http://www.rtl.de/
http://www.soso.com/favicon.ico
http://www.univision.com/favicon.ico
http://gsgd.co.uk/sandbox/jquery/easing/
http://search.ipop.co.kr/
http://www.auction.co.kr/auction.ico
http://www.orange.fr/
http://video.globo.com/favicon.ico

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{42507B89-EB40-11E9-AADB-C25F135D3C65}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{42507B8B-EB40-11E9-AADB-C25F135D3C65}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{48AE3C68-EB40-11E9-AADB-C25F135D3C65}.dat
Microsoft Word Document
#
Click to see the 34 hidden entries
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-17529550060\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-18270793970\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-21706820\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-4759708130\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-6757900\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-8760897390\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20259167780\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20332743330\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin8215062560\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\6aw4uvh\imagestore.dat
data
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\aad.login.min_xjeoeaksimvuzj8iyg6erg2[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\bootstrap.min[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\font-awesome.min[1].css
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\jquery.1.11.min_3z194vh3l5oibjd0ejgm-q2[1].js
UTF-8 Unicode text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\picker_account_aad[1].png
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\picker_account_add[1].svg
SVG Scalable Vector Graphics image
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\test[1].htm
HTML document, ASCII text
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\bootstrap.min[1].css
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\converged.v2.login.min_mbqre5pw01euigudkiymsa2[1].css
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\favicon_a[1].ico
MS Windows icon resource - 6 icons, 128x128, 16 colors, 72x72, 16 colors
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\jquery-3.1.1.min[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\success-icon-10[1].png
PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\0-small_138bcee624fa04ef9b75e86211a9fe0d[1].jpg
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x28, frames 3
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\0RIJMPBX.htm
HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\0_a5dbd4393ff6a725c7e62b61df7e72f0[1].jpg
JPEG image data, baseline, precision 8, 1920x1080, frames 3
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\picker_more[1].png
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\popper.min[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\fontawesome-webfont[1].eot
Embedded OpenType (EOT), FontAwesome family
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\fontawesome-webfont[2].eot
data
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\logout[1].htm
HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\work_account_gwpgszjrdzmg9t-etotdlg2[1].png
PNG image data, 51 x 51, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Temp\~DF5634EAEA0BF99DFC.TMP
data
#
C:\Users\user\AppData\Local\Temp\~DFC6A4B8BDF3CE41D5.TMP
data
#
C:\Users\user\AppData\Local\Temp\~DFE9296F36DBFA3695.TMP
data
#