flash

https://l.facebook.com/l.php?u=https%3A%2F%2Fpage.dagmaar.com%2Ftundra%2F%3Ffbclid%3DIwAR0ibFew8p_xPNe0PRhTlrDIVnOwzwLQrHRnimIhKKmR0VId6RXzV1BrzBg&h=AT3Z5D1122EKedyHgzhaptwcCVWeJbxG4qUO6AUjkcO0py0i04KmGRi0WyVA15reYwbTjwud0UkxJ2CWc_Qjy8focTcMyoKDNRkyIlIlhO3WzNYdk1kOBEDdCL-SFmvLd6-TG4PP1NEvZR-Z-hdPJSoVdr2Ua7tTxf8pJhsQSppD7KEyP18ORHGo0l9GGC6_nwGx0I4oZGhJn3LT1gN__z4lB1Qj3zd3LS0g-9sB9v5jK07zIQjwrNTfpy8_HrVMMwK9w5os1Eqtz0Gc6_cTl3lgX2HccPhOeG2AC-TDAMewir3l9SnAw5EwqHlqWxDRZpSZ__g_SvK-xrwFNncoSRpOAqeOMZAw0p2GOvgV_ZQlUh8tqxCyyV2IN6bW8V1eJYb-8iUC3B9_5Ii560g82q13nQJr6g8bsGP7LALH3FCYbSK20DXzuiq2zRv1tObbo3y5UPPrgGT0HEw7EUTABmBDPPPdTJiSK6kc_C-A2AcuZkIjEQ7X11mYBck7FccJIdRnf1XewJPiYYWca4g-KcroI6AZNVmC_-8iNAL9Ee0iMXn5-YTTQMLNdSq_USwLkwUvQrmfJp1bV0FXN4m0B6vEaKIIFoIUsBylb3u6VZCLhETTOrkigLnj9K_fVoDBrahiQn4qL_gABg

Status: finished
Submission Time: 18.05.2020 18:58:37
Malicious
Phishing
Phisher

Comments

Tags

Details

  • Analysis ID:
    231150
  • API (Web) ID:
    358614
  • Analysis Started:
    18.05.2020 18:59:38
  • Analysis Finished:
    18.05.2020 19:05:22
  • Technologies:
Full Report Management Report Engine Info Verdict Score Reports

System: Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211

malicious
56/100

IPs

IP Country Detection
50.23.131.235
United States
31.13.92.37
Ireland
151.101.12.193
United States
Click to see the 8 hidden entries
104.27.191.231
United States
162.213.251.209
United States
104.26.3.51
United States
104.18.222.81
United States
104.24.126.214
United States
67.202.94.94
United States
104.18.171.73
United States
104.16.132.229
United States

Domains

Name IP Detection
unlocklink.com
104.27.191.231
www.exclusiveyouroffers.com
104.24.126.214
cdnjs.cloudflare.com
104.16.132.229
Click to see the 12 hidden entries
whos.amung.us
67.202.94.94
routeserve.info
104.18.222.81
z-m.c10r.facebook.com
31.13.92.37
www.cpagrip.com
104.26.3.51
page.dagmaar.com
162.213.251.209
widgets.amung.us
50.23.131.235
spotdiets.com
104.18.171.73
ipv4.imgur.map.fastly.net
151.101.12.193
l.facebook.com
0.0.0.0
maxcdn.bootstrapcdn.com
0.0.0.0
code.jquery.com
0.0.0.0
i.imgur.com
0.0.0.0

URLs

Name Detection
https://page.dagmaar.com/tundra/wait.htmlRhttps://page.dagmaar.com/tundra/wait.html
https://github.com/BlackrockDigital/startbootstrap-heroic-features/blob/master/LICENSE)
http://www.nytimes.com/
Click to see the 41 hidden entries
https://page.dagmaar.com/tundra/wait.html
https://page.dagmaRoot
https://page.dagmaar.com/tundra/wait1.htmlTht/redirect/action/1Ind2My0uJSRhZzar.com/tundra/wait1.htm
https://page.dagmaar.com/tundra/wait1.htmlThtRoot
https://unlocklink.com/redirect/action/1Ind2My0uJSRhZzwiKHNmf3BlZ2E_eQ_Pyi?uc=1016191004&tsid=7420
https://static.hotjar.com/c/hotjar-
http://www.amazon.com/
https://page.dagmaar.c
https://page.dagmaar.com/tundra/?fbclid=IwAR0ibFeRoot
https://getbootstrap.com/)
http://www.twitter.com/
https://i.imgur.com/d17hczI.jpg
https://page.dagmaar.com/tundra/?fbclid=IwAR0ibFettps://page.dagmaar.com/tundra/?fbclid=IwAR0ibFew8p
https://spotdiets.com/img/assets/favicon.ico~
https://unlocklink.com
https://startbootstrap.com/template-overviews/heroic-features)
https://www.exclusiveyouroffers.com/DFBHL/2CTPL/?uid=44&sub2=18051831_19_0_16dc_684671_af0_206_5ec2b
https://page.dagmaar.com/tundra/wait1.htmlThtregistration?theme=f-2-fitness&var.com/tundra/wait1.htm
http://routeserve.info/fit?affid=2162rtty146&page=f-2-fitness&clickid=6dc7a59fe2dd4a30b403ef5409309466&pubid=9-1Ind2My0uJSRhZzwiKHNmf3BlZ2E_eQ_Pyi%3A%3A7420-
https://github.com/twbs/bootstrap/graphs/contributors)
https://page.dagmaar.com/tundra/wait1.htmlThtm/show.php?l=0&u=7420&id=7769Root
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
https://code.jquery.com/jquery-3.2.1.min.js
https://getbootstrap.com)
https://page.dagmaar.com/tundra/wait1.htmlThttps://page.dagmaar.com/tundra/wait1.html
https://www.cpagrip.co
https://www.cpagrip.com/show.php?l=0&u=7420&id=7769
http://www.youtube.com/
https://page.dagmaar.com/tundra/wait1.html
https://spotdiets.com/registration?theme=f-2-fitness&v_id=bd5da739-77ef-3160-f695-b0599716f68d&page=
https://i.imgur.com/pk1EcBw.gif
https://github.com/krux/postscribe/blob/master/LICENSE.
https://github.com/twbs/bootstrap/blob/master/LICENSE)
http://www.wikipedia.com/
http://www.live.com/
http://opensource.org/licenses/MIT).
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
http://www.reddit.com/
https://page.dagmaar.com/tundra/wait1.htmlThtar.com/tundra/wait1.html
https://spotdiets.com/
https://page.dagmaar.com/tundra/?fbclid=IwAR0ibFem/tundra/wait.html

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\wait1[1].htm
ASCII text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\show[1].htm
HTML document, ASCII text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{921968EC-9974-11EA-AADD-C25F135D3C65}.dat
Microsoft Word Document
#
Click to see the 67 hidden entries
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{921968EE-9974-11EA-AADD-C25F135D3C65}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{9846A536-9974-11EA-AADD-C25F135D3C65}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-17529550060\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-18270793970\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-21706820\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-4759708130\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-6757900\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-8760897390\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20259167780\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20332743330\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin8215062560\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\6aw4uvh\imagestore.dat
data
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\1Ind2My0uJSRhZzwiKHNmf3BlZ2E_eQ_Pyi[1].htm
HTML document, ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\bootstrap.min[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\classic[1].js
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\fit[1]
ASCII text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\img6[1].png
PNG image data, 36 x 17, 8-bit colormap, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\img7[1].png
PNG image data, 28 x 32, 8-bit colormap, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\img[1].png
PNG image data, 778 x 820, 8-bit colormap, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\jquery-3.2.1.min.ca7563da[1].js
UTF-8 Unicode text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\l[1].htm
HTML document, ASCII text, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\popper.min[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\regValidation.min.1a957052[1].js
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\tundra[1].htm
HTML document, ASCII text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\wait[1].htm
ASCII text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\bootstrap.min[1].css
ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\css[1].css
ASCII text
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\d17hczI[1].jpg
JPEG image data, progressive, precision 8, 1024x768, frames 3
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\da[1].png
PNG image data, 16 x 11, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\gtm[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\img1[1].png
PNG image data, 349 x 232, 8-bit colormap, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\img3[1].png
PNG image data, 349 x 232, 8-bit colormap, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\jquery.main.min.b9656064[1].js
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\mem5YaGs126MiZpBA-UN7rgOUuhv[1].woff
Web Open Font Format, TrueType, length 18900, version 1.1
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\mem5YaGs126MiZpBA-UN8rsOUuhv[1].woff
Web Open Font Format, TrueType, length 19072, version 1.1
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\mem5YaGs126MiZpBA-UN_r8OUuhv[1].woff
Web Open Font Format, TrueType, length 18668, version 1.1
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\mem5YaGs126MiZpBA-UNirkOUuhv[1].woff
Web Open Font Format, TrueType, length 18696, version 1.1
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\mem8YaGs126MiZpBA-UFVZ0d[1].woff
Web Open Font Format, TrueType, length 18100, version 1.1
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\pk1EcBw[1].gif
GIF image data, version 89a, 350 x 350
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\ar[1].png
PNG image data, 16 x 11, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\bootstrap.14d4753b[1].css
ASCII text
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\favicon[1].ico
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\heroic-features[1].css
ASCII text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\jquery.min[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\main.d9eaf96a[1].css
ASCII text
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\pingjs[1].js
ASCII text, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\pl[1].png
PNG image data, 16 x 11, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\registration[1].htm
HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\sv[1].png
PNG image data, 16 x 11, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\zh[1].png
PNG image data, 16 x 11, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\bootstrap.bundle.min[1].js
ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\de[1].png
PNG image data, 16 x 11, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\en[1].png
PNG image data, 16 x 11, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\es[1].png
PNG image data, 16 x 11, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\fr[1].png
PNG image data, 16 x 11, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\img2[1].png
PNG image data, 349 x 232, 8-bit colormap, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\img5[1].png
PNG image data, 36 x 27, 8-bit colormap, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\it[1].png
PNG image data, 16 x 11, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\ja[1].png
PNG image data, 16 x 11, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\jquery-3.2.1.min[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\jquery.min[1].js
ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\nl[1].png
PNG image data, 16 x 11, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\no[1].png
PNG image data, 16 x 11, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\pt[1].png
PNG image data, 16 x 11, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Temp\~DF3221657AE6454236.TMP
data
#
C:\Users\user\AppData\Local\Temp\~DF7ACBE8CBF521B15D.TMP
data
#
C:\Users\user\AppData\Local\Temp\~DF8FB6BD296836E842.TMP
data
#