flash

http://www.yourube.com

Status: finished
Submission Time: 29.07.2020 22:31:48
Malicious
Phishing
Phisher

Comments

Tags

Details

  • Analysis ID:
    253609
  • API (Web) ID:
    403009
  • Analysis Started:
    29.07.2020 22:36:07
  • Analysis Finished:
    29.07.2020 22:39:26
  • Technologies:
Full Report Engine Info Verdict Score Reports

Error: Incomplete analysis, please check the report for detailed error information
System: w10x64 Windows 10 64 bit v1803 with Office Professional Plus 2016, IE 11, Adobe Reader DC 19, Java 8 Update 211

malicious
48/100

IPs

IP Country Detection
173.192.101.24
United States
85.239.35.8
Russian Federation
81.17.18.198
Switzerland
Click to see the 2 hidden entries
95.179.133.132
Netherlands
63.34.150.94
United States

Domains

Name IP Detection
www.yourube.com
81.17.18.198
p185689.infopicked.com
173.192.101.24
clickseu.pro
95.179.133.132
Click to see the 6 hidden entries
apprumbleapp.com
85.239.35.8
infopicked.com
173.192.101.24
ngmnetwork-elb5.go2cloud.org
63.34.150.94
g.msn.com
0.0.0.0
go.t500trck.com
0.0.0.0
bitcoinwebsystem.com
0.0.0.0

URLs

Name Detection
http://clickseu.pro/click.php?key=j9xass20oebllwj817h4&clickid=81765530978&bid=0.0216&source=63025241&ad=@@CREATIVE-ID@@
http://www.yourube.com/
http://go.t500trck.com/aff_c?offer_id=1028&aff_id=5220&aff_sub2=c107e17qn1z92d
Click to see the 6 hidden entries
http://clickseu.pro/nlp/index.php?offer_id=1028&aff_id=5220&aff_sub2=c107e1em.com/?click=101569434&m
https://bitcoinwebsystem.com/?click=101569434&mode=optin&api_url=%2F%2Fapprumbleapp.com%2Fapi%2Fv1&p
http://clickseu.pro/nlp/index.php?offer_id=1028&aff_id=5220&aff_sub2=c107e17qn1z92d&url_bnm_redirect=http://go.t500trck.com/aff_c
http://clickseu.pro/favicon.ico
http://clickseu.pro/nlp/index.php?offer_id=1028&aff_id=5220&aff_sub2=c107e17qn1z92d&url_bnm_redirect
https://bitcoinwebsystp/index.php?offer_id=1028&aff_id=5220&aff_sub2=c107e17qn1z92d&url_bnm_redirect

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\index[1].htm
ASCII text, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{AC978F70-D226-11EA-90E0-ECF4BB862DED}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{AC978F72-D226-11EA-90E0-ECF4BB862DED}.dat
Microsoft Word Document
#
Click to see the 12 hidden entries
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{B2AA0BBD-D226-11EA-90E0-ECF4BB862DED}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\ynfz0jx\imagestore.dat
data
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\dnserror[1]
HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\down[1]
PNG image data, 15 x 15, 8-bit colormap, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\favicon[1].ico
MS Windows icon resource - 1 icon, 39x34, 32 bits/pixel
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\httpErrorPagesScripts[1]
UTF-8 Unicode (with BOM) text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\NewErrorPageTemplate[1]
UTF-8 Unicode (with BOM) text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\YJ97D9MN
ASCII text, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\errorPageStrings[1]
UTF-8 Unicode (with BOM) text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Temp\~DF0A89D0681A70E405.TMP
data
#
C:\Users\user\AppData\Local\Temp\~DF7FCA13F23E7D7F5A.TMP
data
#
C:\Users\user\AppData\Local\Temp\~DF8DDC26625D79ECB9.TMP
data
#