flash

https://u1699748.ct.sendgrid.net/ls/click?upn=Tq6yiGCKpWixGK98qoglKwLmWWZ7F1kMSDKBQKR12McrgLNWJUOUG7NxrQzNoTrRucxGrGxGPuTuX1OknPhquXK1I9uYaWi3MVAI4pnRHHE-3DlvvT_UBYKePGbZonskOFro-2B-2FRipPoVkAMfcu9G29-2FWY6jkNHo5mjR4L96sFfG2-2FxxWI655ZcWALjXo8fCy5-2Frx2g4sasITMRZp4PV9m5Zlzk0G62LxxLUzSiyskyXlPPZjRbEzbMygCZA7HCBTB7z6unreGk4sK373mPpJP7z9-2FdWka-2Bf-2FxMVck7b5oRzTGYeGr952xN4f7-2BGxu8njwri-2BqzQ8Q-3D-3D

Status: finished
Submission Time: 25.06.2020 13:54:07
Malicious
Phishing
Phisher

Comments

Tags

Details

  • Analysis ID:
    241451
  • API (Web) ID:
    378625
  • Analysis Started:
    25.06.2020 13:54:09
  • Analysis Finished:
    25.06.2020 13:58:25
  • Technologies:
Full Report Engine Info Verdict Score Reports

System: Windows 10 64 bit (version 1803) with Office 2016, Adobe Reader DC 19, Chrome 70, Firefox 63, Java 8.171, Flash 30.0.0.113

malicious
64/100

malicious

IPs

IP Country Detection
143.204.94.129
United States
23.235.196.205
United States
167.89.118.35
United States
Click to see the 2 hidden entries
160.153.143.19
United States
81.17.254.5
Ireland

Domains

Name IP Detection
sampension.dk
143.204.94.129
codlagnostics.com
23.235.196.205
malarouge.com
160.153.143.19
Click to see the 2 hidden entries
u1699748.ct.sendgrid.net
167.89.118.35
altmail.blacknight.com
81.17.254.5

URLs

Name Detection
http://docs.jquery.com/UI/Progressbar
http://jquery.com/
https://altmail.blacknight.com/js/rememberme.js
Click to see the 46 hidden entries
http://docs.jquery.com/UI/Dialog
http://docs.jquery.com/UI/Effects/Clip
https://altmail.blacknight.com/css/jquery.ui.dialog.css
https://sampension.dk/images/favicon.ico
http://sizzlejs.com/
http://docs.jquery.com/UI/Effects/Transfer
https://codlagnostics.com/general/?email=msh
https://altmail.blacknight.com/js/jQuery/jquery-1.3.2.min.js
http://www.amazon.com/
http://docs.jquery.com/UI/Accordion
https://altmail.blacknight.com/js/jQuery/ui/jquery-ui-1.7.2.custom.min.js
http://www.twitter.com/
https://codlagnostics.wp-content/themes/cn.php?e=msh
http://docs.jquery.com/UI/Tabs
http://webbasedemail.com/question.ehtml?admin=
http://docs.jquery.com/UI/Resizables
http://docs.jquery.com/UI/Effects/Shake
https://malarouge.com/favicon.icoa
http://docs.jquery.com/UI/Datepicker
http://docs.jquery.com/UI/Droppables
http://docs.jquery.com/UI/Effects/Blind
https://altmail.blacknight.com/js/browsercheck.js
http://www.reddit.com/
https://altmail.blacknight.com/css/lang.css?6.20.13
http://www.nytimes.com/
http://docs.jquery.com/UI
http://docs.jquery.com/UI/Effects/Bounce
http://docs.jquery.com/UI/Effects/Highlight
http://docs.jquery.com/UI/Slider
http://docs.jquery.com/UI/Effects/Pulsate
http://docs.jquery.com/UI/Effects/
https://malarouge.com/wp-content/themes/cn.php?e=msh
http://docs.jquery.com/UI/Effects/Fold
http://docs.jquery.com/UI/Effects/Scale
http://docs.jquery.com/UI/Draggables
http://docs.jquery.com/UI/Effects/Drop
http://docs.jquery.com/License
http://docs.jquery.com/UI/Sortables
http://www.youtube.com/
http://sampension.dk/favicon.ico
http://jqueryui.com/about)
http://docs.jquery.com/UI/Selectables
http://www.wikipedia.com/
https://sampension.dk/favicon.ico
http://www.live.com/
http://docs.jquery.com/UI/Effects/Slide

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\cn[1].htm
ASCII text, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\general[1].htm
HTML document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{A46B0B98-B6DA-11EA-AAE7-9CC1A2A860C6}.dat
Microsoft Word Document
#
Click to see the 27 hidden entries
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{A46B0B9A-B6DA-11EA-AAE7-9CC1A2A860C6}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{AB4783E1-B6DA-11EA-AAE7-9CC1A2A860C6}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-17529550060\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-18270793970\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-21706820\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-4759708130\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-6757900\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-8760897390\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20259167780\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20332743330\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin8215062560\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\v8bxa9r\imagestore.dat
data
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\jquery-1.3.2.min[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\jquery-ui-1.7.2.custom.min[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\xp[1].js
exported SGML document, ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\25[1].gif
GIF image data, version 89a, 26 x 26
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\favicon[1].ico
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\logo[1].gif
GIF image data, version 89a, 190 x 43
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\browsercheck[1].js
ASCII text
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\orig-btn[1].png
PNG image data, 83 x 40, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\original[1].css
ASCII text
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\rememberme[1].js
C source, ASCII text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PKAQFTEH\favicon[1].htm
HTML document, ASCII text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PKAQFTEH\orig-content_[1].png
PNG image data, 474 x 414, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Temp\~DF06F7737DF7124EC7.TMP
data
#
C:\Users\user\AppData\Local\Temp\~DF323550280A322CE6.TMP
data
#
C:\Users\user\AppData\Local\Temp\~DF5B9914C35EF996C1.TMP
data
#