flash

http://amazoncoms.temp.swtest.ru/ap/amazon/

Status: finished
Submission Time: 30.07.2020 11:48:34
Malicious
Phishing
HTMLPhisher

Comments

Tags

Details

  • Analysis ID:
    253957
  • API (Web) ID:
    403471
  • Analysis Started:
    30.07.2020 11:52:09
  • Analysis Finished:
    30.07.2020 11:58:47
  • Technologies:
Full Report Engine Info Verdict Score Reports

System: w10x64 Windows 10 64 bit v1803 with Office Professional Plus 2016, IE 11, Adobe Reader DC 19, Java 8 Update 211

malicious
52/100

IPs

IP Country Detection
216.58.207.65
United States
77.222.61.114
Russian Federation

Domains

Name IP Detection
asf-ris-prod-neurope.northeurope.cloudapp.azure.com
168.63.67.155
amazoncoms.temp.swtest.ru
77.222.61.114
blogspot.l.googleusercontent.com
216.58.207.65
Click to see the 2 hidden entries
g.msn.com
0.0.0.0
amazon-scama.blogspot.com
0.0.0.0

URLs

Name Detection
https://amazon-scama.blogspot.com)
http://amazoncoms.temp.swtest.ru/ap/amazon/styel/style1.css
https://amazon-scama.blogspot.com/feeds/posts/default?alt=rss
Click to see the 34 hidden entries
http://www.nytimes.com/
http://amazoncoms.temp.swtest.ru/ap/amazon/Root
https://www.blogger.com/feeds/3688778480902325360/posts/default
http://amazoncoms.temp.swtest.ru/ap/amazon/style/img/icon.png
https://m.media-amazon.com/images/G/01/amazonui/loading/loading-2x-gray._V1_.gif)
https://m.media-amazon.com/images/G/01/amazonui/loading/spinner_2x._V1_.gif)
http://www.amazon.com/
http://amazoncoms.temp.swtest.ru/ap/amazon/js/sire.form.js
https://www.blogger.com/profile/10656310694057125592
https://m.media-amazon.com/images/G/01/AUIClients/AmazonUICarousel-arrows-c495a9b59afd9b35a08c12513d
http://www.twitter.com/
https://www.blogblog.com/indie/mspin_white_large.svg)
http://amazoncoms.temp.swtest.ru/ap/amazon/style/img/AmazonUIBaseCSS-sprite_1x-28bd59af93d9b1c745bb0aca4de58763b54df7cf._V2_.png
http://amazoncoms.temp.swtest.ru/ap/amazonRoot
http://amazoncoms.temp.swtest.ru/ap/amazon/x
https://m.media-amazon.com/images/G/01/amazonui/loading/spinner_4x._V1_.gif)
http://amazoncoms.temp.swtest.ru/ap/amazon/style/style2.css
http://amazoncoms.temp
http://amazoncoms.temp.swtest.ru/ap/amazon/
http://amazoncoms.temp.swtest.ru/help
http://www.youtube.com/
http://www.wikipedia.com/
https://amazon-scama.blogspot.com/favicon.ico
https://m.media-amazon.com/images/G/01/amazonui/loading/loading-4x-gray._V1_.gif)
http://www.live.com/
http://amazoncoms.temp.swtest.ru/ap/amazon/style/style3.css
http://amazoncoms.temp.swtest.ru/ap/amazon/js/jquery.min.js
http://www.reddit.com/
https://amazon-scama.blogspot.com/feeds/posts/default
https://m.media-amazon.com/images/G/01/amazonui/loading/spinner_1x._V1_.gif)
https://www.blogblog.com/indie/mspin_black_large.svg)
http://amazoncoms.temp.swtest.ru/ap/amazon/js/jquery.validate.min.js
http://amazon-scama.blogspot.com/
http://amazoncoms.temp.swtest.ru/helpazon/

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3Y2ADQKS\amazon[1].htm
HTML document, UTF-8 Unicode (with BOM) text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{E3258B60-D295-11EA-90E0-ECF4BB2D2496}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{E3258B62-D295-11EA-90E0-ECF4BB2D2496}.dat
Microsoft Word Document
#
Click to see the 23 hidden entries
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{EAE52EA2-D295-11EA-90E0-ECF4BB2D2496}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-17529550060\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-18270793970\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-21706820\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-314712940\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-4759708130\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-6757900\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-8760897390\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20259167780\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20332743330\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin8215062560\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\wlm7n14\imagestore.dat
data
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3Y2ADQKS\style2[1].css
ASCII text
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3Y2ADQKS\style3[1].css
ASCII text
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9QTQHWWN\AmazonUIBaseCSS-sprite_1x-28bd59af93d9b1c745bb0aca4de58763b54df7cf._V2_[1].png
PNG image data, 400 x 670, 8-bit colormap, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\G62TDH9B\MH00DGUK.htm
HTML document, ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\G62TDH9B\icon[1].png
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\G62TDH9B\sire.form[1].js
ASCII text
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\jquery.min[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\jquery.validate.min[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Temp\~DF189B30DC33437E59.TMP
data
#
C:\Users\user\AppData\Local\Temp\~DF32848DB003CFBD6D.TMP
data
#
C:\Users\user\AppData\Local\Temp\~DFED2A728E2CBF1AB2.TMP
data
#