top title background image
flash

https://l.facebook.com/l.php?u=https%3A%2F%2Fpage.dagmaar.com%2Ftundra%2F%3Ffbclid%3DIwAR0ibFew8p_xPNe0PRhTlrDIVnOwzwLQrHRnimIhKKmR0VId6RXzV1BrzBg&h=AT3Z5D1122EKedyHgzhaptwcCVWeJbxG4qUO6AUjkcO0py0i04KmGRi0WyVA15reYwbTjwud0UkxJ2CWc_Qjy8focTcMyoKDNRkyIlIlhO3WzNYdk1kOBEDdCL-SFmvLd6-TG4PP1NEvZR-Z-hdPJSoVdr2Ua7tTxf8pJhsQSppD7KEyP18ORHGo0l9GGC6_nwGx0I4oZGhJn3LT1gN__z4lB1Qj3zd3LS0g-9sB9v5jK07zIQjwrNTfpy8_HrVMMwK9w5os1Eqtz0Gc6_cTl3lgX2HccPhOeG2AC-TDAMewir3l9SnAw5EwqHlqWxDRZpSZ__g_SvK-xrwFNncoSRpOAqeOMZAw0p2GOvgV_ZQlUh8tqxCyyV2IN6bW8V1eJYb-8iUC3B9_5Ii560g82q13nQJr6g8bsGP7LALH3FCYbSK20DXzuiq2zRv1tObbo3y5UPPrgGT0HEw7EUTABmBDPPPdTJiSK6kc_C-A2AcuZkIjEQ7X11mYBck7FccJIdRnf1XewJPiYYWca4g-KcroI6AZNVmC_-8iNAL9Ee0iMXn5-YTTQMLNdSq_USwLkwUvQrmfJp1bV0FXN4m0B6vEaKIIFoIUsBylb3u6VZCLhETTOrkigLnj9K_fVoDBrahiQn4qL_gABg

Status: finished
Submission Time: 2020-05-18 18:58:37 +02:00
Malicious
Phishing
Phisher

Comments

Tags

Details

  • Analysis ID:
    231150
  • API (Web) ID:
    358614
  • Analysis Started:
    2020-05-18 18:59:38 +02:00
  • Analysis Finished:
    2020-05-18 19:05:22 +02:00
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
malicious
Score: 56
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

IPs

IP Country Detection
50.23.131.235
United States
31.13.92.37
Ireland
151.101.12.193
United States
Click to see the 8 hidden entries
104.27.191.231
United States
162.213.251.209
United States
104.26.3.51
United States
104.18.222.81
United States
104.24.126.214
United States
67.202.94.94
United States
104.18.171.73
United States
104.16.132.229
United States

Domains

Name IP Detection
unlocklink.com
104.27.191.231
www.exclusiveyouroffers.com
104.24.126.214
cdnjs.cloudflare.com
104.16.132.229
Click to see the 12 hidden entries
whos.amung.us
67.202.94.94
routeserve.info
104.18.222.81
z-m.c10r.facebook.com
31.13.92.37
www.cpagrip.com
104.26.3.51
page.dagmaar.com
162.213.251.209
widgets.amung.us
50.23.131.235
spotdiets.com
104.18.171.73
ipv4.imgur.map.fastly.net
151.101.12.193
l.facebook.com
0.0.0.0
maxcdn.bootstrapcdn.com
0.0.0.0
code.jquery.com
0.0.0.0
i.imgur.com
0.0.0.0

URLs

Name Detection
https://i.imgur.com/pk1EcBw.gif
https://page.dagmaar.com/tundra/wait1.htmlThtm/show.php?l=0&u=7420&id=7769Root
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
Click to see the 41 hidden entries
https://code.jquery.com/jquery-3.2.1.min.js
https://getbootstrap.com)
https://page.dagmaar.com/tundra/wait1.htmlThttps://page.dagmaar.com/tundra/wait1.html
https://www.cpagrip.co
https://www.cpagrip.com/show.php?l=0&u=7420&id=7769
http://www.youtube.com/
https://page.dagmaar.com/tundra/wait1.html
https://spotdiets.com/registration?theme=f-2-fitness&v_id=bd5da739-77ef-3160-f695-b0599716f68d&page=
https://github.com/twbs/bootstrap/graphs/contributors)
https://github.com/krux/postscribe/blob/master/LICENSE.
https://github.com/twbs/bootstrap/blob/master/LICENSE)
http://www.wikipedia.com/
http://www.live.com/
http://opensource.org/licenses/MIT).
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
http://www.reddit.com/
https://page.dagmaar.com/tundra/wait1.htmlThtar.com/tundra/wait1.html
https://spotdiets.com/
https://page.dagmaar.com/tundra/?fbclid=IwAR0ibFem/tundra/wait.html
https://page.dagmaar.com/tundra/?fbclid=IwAR0ibFeRoot
https://github.com/BlackrockDigital/startbootstrap-heroic-features/blob/master/LICENSE)
http://www.nytimes.com/
https://page.dagmaar.com/tundra/wait.html
https://page.dagmaRoot
https://page.dagmaar.com/tundra/wait1.htmlTht/redirect/action/1Ind2My0uJSRhZzar.com/tundra/wait1.htm
https://page.dagmaar.com/tundra/wait1.htmlThtRoot
https://unlocklink.com/redirect/action/1Ind2My0uJSRhZzwiKHNmf3BlZ2E_eQ_Pyi?uc=1016191004&tsid=7420
https://static.hotjar.com/c/hotjar-
http://www.amazon.com/
https://page.dagmaar.c
https://page.dagmaar.com/tundra/wait.htmlRhttps://page.dagmaar.com/tundra/wait.html
https://getbootstrap.com/)
http://www.twitter.com/
https://i.imgur.com/d17hczI.jpg
https://page.dagmaar.com/tundra/?fbclid=IwAR0ibFettps://page.dagmaar.com/tundra/?fbclid=IwAR0ibFew8p
https://spotdiets.com/img/assets/favicon.ico~
https://unlocklink.com
https://startbootstrap.com/template-overviews/heroic-features)
https://www.exclusiveyouroffers.com/DFBHL/2CTPL/?uid=44&sub2=18051831_19_0_16dc_684671_af0_206_5ec2b
https://page.dagmaar.com/tundra/wait1.htmlThtregistration?theme=f-2-fitness&var.com/tundra/wait1.htm
http://routeserve.info/fit?affid=2162rtty146&page=f-2-fitness&clickid=6dc7a59fe2dd4a30b403ef5409309466&pubid=9-1Ind2My0uJSRhZzwiKHNmf3BlZ2E_eQ_Pyi%3A%3A7420-

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\wait1[1].htm
ASCII text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\show[1].htm
HTML document, ASCII text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\heroic-features[1].css
ASCII text, with CRLF line terminators
#
Click to see the 67 hidden entries
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\zh[1].png
PNG image data, 16 x 11, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\sv[1].png
PNG image data, 16 x 11, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\registration[1].htm
HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\pl[1].png
PNG image data, 16 x 11, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\pingjs[1].js
ASCII text, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\main.d9eaf96a[1].css
ASCII text
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\jquery.min[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\de[1].png
PNG image data, 16 x 11, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\favicon[1].ico
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\bootstrap.14d4753b[1].css
ASCII text
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\ar[1].png
PNG image data, 16 x 11, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\pk1EcBw[1].gif
GIF image data, version 89a, 350 x 350
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\mem8YaGs126MiZpBA-UFVZ0d[1].woff
Web Open Font Format, TrueType, length 18100, version 1.1
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\mem5YaGs126MiZpBA-UNirkOUuhv[1].woff
Web Open Font Format, TrueType, length 18696, version 1.1
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\mem5YaGs126MiZpBA-UN_r8OUuhv[1].woff
Web Open Font Format, TrueType, length 18668, version 1.1
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\ja[1].png
PNG image data, 16 x 11, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Temp\~DF8FB6BD296836E842.TMP
data
#
C:\Users\user\AppData\Local\Temp\~DF7ACBE8CBF521B15D.TMP
data
#
C:\Users\user\AppData\Local\Temp\~DF3221657AE6454236.TMP
data
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\pt[1].png
PNG image data, 16 x 11, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\no[1].png
PNG image data, 16 x 11, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\nl[1].png
PNG image data, 16 x 11, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\jquery.min[1].js
ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\jquery-3.2.1.min[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\bootstrap.bundle.min[1].js
ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\it[1].png
PNG image data, 16 x 11, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\img5[1].png
PNG image data, 36 x 27, 8-bit colormap, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\img2[1].png
PNG image data, 349 x 232, 8-bit colormap, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\fr[1].png
PNG image data, 16 x 11, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\es[1].png
PNG image data, 16 x 11, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\en[1].png
PNG image data, 16 x 11, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\mem5YaGs126MiZpBA-UN8rsOUuhv[1].woff
Web Open Font Format, TrueType, length 19072, version 1.1
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20259167780\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\img6[1].png
PNG image data, 36 x 17, 8-bit colormap, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\fit[1]
ASCII text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\classic[1].js
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\bootstrap.min[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\1Ind2My0uJSRhZzwiKHNmf3BlZ2E_eQ_Pyi[1].htm
HTML document, ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\6aw4uvh\imagestore.dat
data
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin8215062560\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20332743330\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\img7[1].png
PNG image data, 28 x 32, 8-bit colormap, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-8760897390\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-6757900\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-4759708130\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-21706820\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-18270793970\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-17529550060\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{9846A536-9974-11EA-AADD-C25F135D3C65}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{921968EE-9974-11EA-AADD-C25F135D3C65}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\bootstrap.min[1].css
ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\mem5YaGs126MiZpBA-UN7rgOUuhv[1].woff
Web Open Font Format, TrueType, length 18900, version 1.1
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\jquery.main.min.b9656064[1].js
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\img3[1].png
PNG image data, 349 x 232, 8-bit colormap, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\img1[1].png
PNG image data, 349 x 232, 8-bit colormap, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\gtm[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\da[1].png
PNG image data, 16 x 11, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\d17hczI[1].jpg
JPEG image data, progressive, precision 8, 1024x768, frames 3
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\css[1].css
ASCII text
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{921968EC-9974-11EA-AADD-C25F135D3C65}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\wait[1].htm
ASCII text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\tundra[1].htm
HTML document, ASCII text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\regValidation.min.1a957052[1].js
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\popper.min[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\l[1].htm
HTML document, ASCII text, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\jquery-3.2.1.min.ca7563da[1].js
UTF-8 Unicode text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\img[1].png
PNG image data, 778 x 820, 8-bit colormap, non-interlaced
#