flash

alibaba_account_verification_file.html

Status: finished
Submission Time: 30.07.2020 11:18:55
Malicious
Phishing
HTMLPhisher

Comments

Tags

Details

  • Analysis ID:
    253937
  • API (Web) ID:
    403417
  • Analysis Started:
    30.07.2020 11:18:56
  • Analysis Finished:
    30.07.2020 11:25:54
  • MD5:
    c820e06558eb6e0ba161e32ed0309bcd
  • SHA1:
    1f781a4f17034249007441365671c94691fcd4fc
  • SHA256:
    f8301b193f1ce8f5fc20965328402c4097638531ac99bbe77a343e00a297fa7e
  • Technologies:
Full Report Engine Info Verdict Score Reports

System: w10x64 Windows 10 64 bit v1803 with Office Professional Plus 2016, IE 11, Adobe Reader DC 19, Java 8 Update 211

malicious
56/100

IPs

IP Country Detection
198.11.132.198
United States

Domains

Name IP Detection
gj.gds.mmstat.com
205.204.101.182
cloud-us-scproxy.alibaba.com.gds.alibabadns.com
198.11.132.198
u.alicdn.com
0.0.0.0
Click to see the 5 hidden entries
g.msn.com
0.0.0.0
style.alibaba.com
0.0.0.0
login.alibaba.com
0.0.0.0
img.alibaba.com
0.0.0.0
gj.mmstat.com
0.0.0.0

URLs

Name Detection
http://i02.i.aliimg.com/images/eng/style/css_images/sprites/sprites_subNav.gif)
http://us.my.alibaba.com
http://i02.i.aliimg.com/images/eng/style/css_images/myalibaba/bg_uploader_box.gif)
Click to see the 97 hidden entries
http://i02.i.aliimg.com/images/eng/style/css_images/myalibaba/more_help_arrow.gif)
http://i02.i.aliimg.com/images/eng/style/css_images/sprites/sprites-ma-icon.png)
http://i02.i.aliimg.com/images/eng/style/css_images/aliSearchB_tabsBg.gif)
http://news.aliba60
http://stat.alibaba.com/ued/favorites.html
http://cmap.alibaba.com/ml.html
http://i02.i.aliimg.com/images/eng/style/css_images/addsearch_icon.gif)
http://www.reddit.com/
http://i02.i.aliimg.com/images/eng/style/css_images/sprites/ali_search_bar.png)
http://i02.i.aliimg.com/images/eng/style/css_images/sprites/newSearchBar.png)
http://resources.alibaba.com/trade_safe/home.htm
http://style.alibaba.com/css/4v/myalibaba.css?c=20110530
http://style.aliunicorn.com/
http://www.alibaba.com/sitemap.htmlutalibaba/index.html
http://i02.i.aliimg.com/images/eng/style/css_images/myalibaba/left_menu_mail_bg.gif)
http://i02.i.aliimg.com/images/eng/style/css_images/search_bg.gif)
http://i02.i.aliimg.com/images/cms/upload/gold_supplier/mya_ifmvsggs_upgrade_now.jpg)
http://i02.i.aliimg.com/images/eng/style/css_images/sprites/sprites-ma-v.png)
http://i02.i.aliimg.com/images/images/eng/style/css_images/sprites/sprites-ma-v.png
http://www.yahoo.com.cn
http://message.alibaba.com
http://i02.i.aliimg.com/simg/sprites/app/sms_validate.gif)
http://img.alibaba.com/images/eng/style/icon/close.gif
http://i02.i.aliimg.com/images/eng/style/icon/success_a.gif
http://www.alibaba.com/help/research-panel.html?tracelog=24581_research_panel
http://i02.i.aliimg.com/images/cms/upload/gold_supplier/mya_ifmvsggs_table_icon_bg.png)
http://i02.i.aliimg.com/images/cms/upload/myalibaba/service/16x16_20120208_weibo.gif)
http://i02.i.aliimg.com/images/eng/style/button/button_skin_d.gif)
http://www.alibaba.com/aboutalibaba/aligroup/index.html
http://www.alibaba.com/help/trade_safe/home.htmners
http://www.taobao.com
http://i02.i.aliimg.com/images/eng/p4p/loading.gif)
http://www.tmall.com
http://i02.i.aliimg.com/images/eng/style/css_images/sprites/main_navig_sprites.gif)
http://style.alibaba.com/js/language/en.js
http://www.youtube.com/
http://www.alibaba.com/help/contact-us.html#askquestion
http://www.etao.com
http://i02.i.aliimg.com/images/eng/style/css_images/sprites/sprites_ggs_home_nav.gif)
http://i02.i.aliimg.com/images/eng/style/css_images/sprites/sprites_menu.gif)
http://resources.alibaba.com/EFGHIJKLMNOPQ
http://i02.i.aliimg.com/images/cms/upload/others/home/23x22_080710_sdicon.jpg)
http://i02.i.aliimg.com/images/cms/upload/gold_supplier/mya_ifmvsggs_table_bg.jpg)
http://i02.i.aliimg.com/images/eng/style/css_images/addsearch_pop_bg_ie.gif)
http://stat.alibaba.com/p4p/list.html
http://tradeshow.alibaba.com/
http://us.my.alibaba.com/mcadmin/bulkfolder/bulkfolder_list.htm
http://www.alibaba.com/
http://style.alibaba.com/css/4v/relateJS.css?c=200810221400
http://tradeshow.alibaba.com/s/aboutalibaba/partners
http://resources.alibaba.com/trade_safe/home.htmIEFRAME.dll
https://stylessl.aliunicorn.com/
http://news.alibaba.com/specials/aboutalibaba/index.htmlle.html
http://importer.alibaba.com/
http://i02.i.aliimg.com/images/eng/style/css_images/aliSearch_current_tabs.gif)
http://www.amazon.com/
http://topmsg.alibaba.com/getStatus.js
http://i02.i.aliimg.com/images/eng/style/css_images/arrow_right.gif)
http://resources.alibaba.com/s/aboutalibaba/partners
http://www.twitter.com/
http://www.alisoft.com
http://news.alibaba.com/specials/aboutalibaba/index.htmlP
http://www.alibaba.com/help/trade_safe/home.htm
http://i02.i.aliimg.com/images/eng/style/css_images/sprites/sprites_homeIcon.gif)
http://i02.i.aliimg.com/images/eng/style/css_images/sprites/sprites_tabs.gif)
http://i02.i.aliimg.com/images/eng/style/css_images/main_reg_join.gif)
http://style.alibaba.com/css/4v/common.css?c=201012162100
http://us.my.alibaba.com/
http://style.alibaba.com/css/4v/navigat.css?c=201009032100
http://developer.yahoo.net/yui/license.txt
https://sha256.daily.1688.com/sha256test.js
http://i02.i.aliimg.com/images/eng/style/css_images/join_current.gif)
http://i02.i.aliimg.com/images/eng/style/css_images/home_new/homeSpritesV6.gif)
http://style.alibaba.com/js/myalibaba.js?c=200810221400
http://resources.alibaba.com/s/aboutalibaba/partnership_with_alibaba.html
http://us.my.alibaba.com/m/s/aboutalibaba/partnership_with_alibaba.html
http://i02.i.aliimg.com/images/eng/style/css_images/sprites/sprites_main_navi.gif)
http://i02.i.aliimg.com/images/eng/style/css_images/btm_searchbar.gif)
http://i02.i.aliimg.com/images/cms/upload/sourcing/groupsourcing/common/35x35.jpg)
http://www.alibaba.com/Products
http://i02.i.aliimg.com/images/eng/style/css_images/myalibaba/arrow_left.gif)
http://us.my.alibaba.com/m/s/aboutalibaba/partnership_with_alibaba.htmlr.htm?ErrorStatus=0x800C0005&
http://www.alibaba.com/Products/aboutalibaba/partnership_with_alibaba.html
http://style.alibaba.com/css/4v/myalibaba/sns.css?c=200810221400
http://i02.i.aliimg.com/images/eng/style/css_images/levelflag.gif)
http://news.alibaba.com/article/detail/help/100454423-1-product-listing-policy.html
https://login.alibaba.com
http://importer.alibaba.com
http://www.alibaba.com/trade/servlet/page/static/copyright_policy
http://i02.i.aliimg.com/images/cms/upload/gold_supplier/mya_ifmvsggs_apply_now.jpg)
http://i02.i.aliimg.com/images/eng/style/icon/icon_treasure_chest_pop.gif)
http://us.my.alib
http://my.alibaba.com
http://dmtracking2.alibaba.com/b.jpg?cD0xJnU9ey91cy5teS5hbGliYWJhLmNvbS91c2VyL2NvbXBhbnkvZm9yZ2V0X3B
http://i02.i.aliimg.com/images/eng/style/css_images/ul_dot_style.gif)
http://style.alibaba.com/css/4v/navCGS.css?c=201009032100
http://tradeshow.alibaba.com/g

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{3CCD7A1D-D291-11EA-90E0-ECF4BB862DED}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{3CCD7A1F-D291-11EA-90E0-ECF4BB862DED}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{46BD655A-D291-11EA-90E0-ECF4BB862DED}.dat
Microsoft Word Document
#
Click to see the 45 hidden entries
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-17529550060\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-18270793970\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-21706820\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-314712940\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-4759708130\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-6757900\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-8760897390\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20259167780\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20332743330\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin8215062560\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\NewErrorPageTemplate[1]
UTF-8 Unicode (with BOM) text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\beacon_en[1].js
exported SGML document, UTF-8 Unicode text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\dnserror[1]
HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\down[1]
PNG image data, 15 x 15, 8-bit colormap, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\en[1].js
UTF-8 Unicode text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\errorPageStrings[1]
UTF-8 Unicode (with BOM) text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\httpErrorPagesScripts[1]
UTF-8 Unicode (with BOM) text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\ae[1].js
ASCII text, with very long lines, with CRLF, LF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\myalibaba[1].js
ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\navCGS[1].css
ASCII text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\navigat[1].css
UTF-8 Unicode text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\NewErrorPageTemplate[1]
UTF-8 Unicode (with BOM) text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\common[1].css
ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\dnserror[1]
HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\down[1]
PNG image data, 15 x 15, 8-bit colormap, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\errorPageStrings[1]
UTF-8 Unicode (with BOM) text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\forget_pwd_images[1].gif
GIF image data, version 89a, 100 x 220
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\httpErrorPagesScripts[1]
UTF-8 Unicode (with BOM) text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\relateJS[1].css
assembler source, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\NewErrorPageTemplate[1]
UTF-8 Unicode (with BOM) text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\NewErrorPageTemplate[2]
UTF-8 Unicode (with BOM) text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\dnserror[1]
HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\dnserror[2]
HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\down[1]
PNG image data, 15 x 15, 8-bit colormap, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\down[2]
PNG image data, 15 x 15, 8-bit colormap, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\errorPageStrings[1]
UTF-8 Unicode (with BOM) text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\errorPageStrings[2]
UTF-8 Unicode (with BOM) text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\httpErrorPagesScripts[1]
UTF-8 Unicode (with BOM) text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\httpErrorPagesScripts[2]
UTF-8 Unicode (with BOM) text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\myalibaba[1].css
ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\sns[1].css
ASCII text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Temp\~DF1857E3BEC1A5DC47.TMP
data
#
C:\Users\user\AppData\Local\Temp\~DF1DFC69B8CB59BE13.TMP
data
#
C:\Users\user\AppData\Local\Temp\~DFD48430536F0DDB59.TMP
data
#
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\Z2TWPPV1AUNWIJMRL22O.temp
data
#