flash

https://us17.campaign-archive.com/?u=ca192dc58b08f26519f675cd5&id=a3992a569c

Status: finished
Submission Time: 30.07.2020 15:19:34
Malicious
Phishing
HTMLPhisher

Comments

Tags

Details

  • Analysis ID:
    254148
  • API (Web) ID:
    404057
  • Analysis Started:
    30.07.2020 15:20:35
  • Analysis Finished:
    30.07.2020 15:27:30
  • Technologies:
Full Report Engine Info Verdict Score Reports

System: w10x64 Windows 10 64 bit v1803 with Office Professional Plus 2016, IE 11, Adobe Reader DC 19, Java 8 Update 211

malicious
48/100

IPs

IP Country Detection
172.217.18.163
United States
162.215.254.118
United States
74.117.178.183
United States
Click to see the 5 hidden entries
66.102.1.154
United States
204.155.149.68
United States
74.117.178.97
United States
152.199.23.37
United States
104.16.132.229
United States

Domains

Name IP Detection
asf-ris-prod-neurope.northeurope.cloudapp.azure.com
168.63.67.155
cs1100.wpc.omegacdn.net
152.199.23.37
stats.l.doubleclick.net
66.102.1.154
Click to see the 13 hidden entries
cdnjs.cloudflare.com
104.16.132.229
dc599.4shared.com
204.155.149.68
www.google.co.uk
172.217.18.163
dc625.4shared.com
74.117.178.183
upsdjournal.com
162.215.254.118
dc543.4shared.com
74.117.178.97
aadcdn.msftauth.net
0.0.0.0
assets.onestore.ms
0.0.0.0
ajax.aspnetcdn.com
0.0.0.0
stats.g.doubleclick.net
0.0.0.0
us17.campaign-archive.com
0.0.0.0
g.msn.com
0.0.0.0
code.jquery.com
0.0.0.0

URLs

Name Detection
http://www.imagemagick.org
http://fontawesome.io
https://aka.ms/redeemrewards
Click to see the 90 hidden entries
https://signin.kissmetrics.com/privacy/#controls
https://login.skype.com/login
https://www.acuityads.com/opt-out/
https://www.skype.com/go/ustax
http://jquery.org/license
https://aadcdn.msftauth.net/ests/2.1/content/images/picker_more_7568a43cf440757c55d2e7f51557ae1f.svg
https://www.optimizely.com/legal/opt-out/
http://sizzlejs.com/
https://aadcdn.msftauth.net/ests/2.1/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.s
https://www.youradchoices.ca/fr
https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&
https://aadcdn.msftauth.net/ests/2.1/content/images/ellipsis_635a63d500a92a0b8497cdc58d0f66b1.svg
https://upsdjournal.com/upload/Secure/
https://www.adr.org
http://www.amazon.com/
https://aadcdn.msftauth.net/ests/2.1/content/images/picker_account_aad_9de70d1c5191d1852a0d5aac28b44
https://upsdjournal.co
http://www.asp.net/ajaxlibrary/CDN.ashx.
https://us17.campaign-archive.com/?u=ca192dc58b08f26519f675cd5&id=a3992a569c
https://us17.campaign-archive.com/?u=ca192dc58b08f26519f675cd5&id=a3992a569c
https://aadcdn.msftauth.net/ests/2.1/content/images/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg
https://www.xbox.com/en-US/Legal/CodeOfConduct
http://www.twitter.com/
https://us17.campaign-
https://aka.ms/taxservice
https://us17.camparchive.com/?u=ca192dc58b08f26519f675cd5&id=a3992a569cRoot
https://www.privacyshield.gov/welcome
https://ondemand.webtrends.com/support/optout.asp
https://skype.com/go/myaccount
https://us17.campaign-archive.com/css/archivebar-desktop.css
https://www.skype.com
https://www.appsflyer.com/optout
https://privacy.micros
https://us17.campaign-archive.com/
https://aadcdn.msftauth.net/ests/2.1/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.
https://twitter.com/share?url=https%3A%2F%2Fus17.campaign-archive.com%2F%3Fu%3Dca192dc58b08f26519f67
https://stats.g.doubleclick.net/j/collect
http://www.mpegla.com
https://aadcdn.msftauth.net/ests/2.1/content/images/ellipsis_96f69d0cefd8a8ba623a182c351ccc64.png
https://www.youradchoices.ca
https://priv-policy.imrworldwide.com/priv/browser/us/en/optout.html
http://github.com/requirejs/almond/LICENSE
http://www.reddit.com/
https://us17.campm/upload/Secure/92dc58b08f26519f675cd5&id=a3992a569cRoot
https://www.youronlinechoices.com/
https://mixer.com/contact
https://www.here.com/)
https://aadcdn.msftauth.net/ests/2.1/content/images/applogos/53_8b36337037cff88c3df203bb73d58e41.png
https://www.skype.com/go/store.reactivate.credit
https://www.aboutads.info/
https://www.adjust.com/opt-out/
http://www.nytimes.com/
https://us17.campcom/en-US/servicesagreement/Root
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css
https://aadcdn.msftauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
https://developer.yahoo.com/flurry/end-user-opt-out/
https://code.jquery.com/jquery-3.1.1.min.js
http://fontello.com
https://upsdjournal.com/upload/Secure/$Sign
https://us17.camp
https://www.xbox.com
https://aadcdn.msftauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico~
https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protectio
https://dc599.4shared.com/img/SdTkxFcagm/s24/16b9e2730e8/RE1Mu3b?async&rand=0.8327700981417001
https://dc625.4shared.com/img/9_M_56V4fi/s24/16b9e153370/sidekick_s.png
https://www.clicktale.net/disable.html
https://aadcdn.msftauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico~(
https://us17.campaign-archive.com/?u=cRoot
https://upsdjournal.com/upload/Secure/92dc58b08f26519f675cd5&id=a3992a569cn
https://aadcdn.msftauth.net/ests/2.1/content/images/ellipsis_grey_2b5d393db04a5e6e1f739cb266e65b4c.s
http://fontawesome.io/license
https://aadcdn.msftauth.net/ests/2.1/content/images/picker_account_add_56e73414003cdb676008ff7857343
https://www.skype.com/go/allrates
https://us17.campaign-archive.com/?u=ca192dc58b08f26519f675cd5&id=a3992a569cRoot
https://us17.campoft.com/en-US/privacystatementRoot
http://fontello.comiconsRegulariconsiconsVersion
https://www.google.%/ads/ga-audiences
http://www.youtube.com/
https://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager.html
https://www.skype.com/go/legal
https://mixer.com/about/tos
https://www.microsoft.
http://www.wikipedia.com/
https://www.skype.com/legal/broadcast
http://www.live.com/
https://github.com/h5bp/html5-boilerplate/blob/master/src/css/main.css
https://www.linkedin.com/legal/privacy-policy
https://us17.campRoot
http://jquery.com/
https://aadcdn.msftauth.net/ests/2.1/content/images/ellipsis_grey_5bc252567ef56db648207d9c36a9d004.p

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\Secure[1].htm
HTML document, UTF-8 Unicode text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{012FFA81-D2B3-11EA-90E5-ECF4BBEA1588}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{012FFA83-D2B3-11EA-90E5-ECF4BBEA1588}.dat
Microsoft Word Document
#
Click to see the 60 hidden entries
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{0AFBD436-D2B3-11EA-90E5-ECF4BBEA1588}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-17529550060\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-18270793970\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-21706820\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-314712940\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-4759708130\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-6757900\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-8760897390\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20259167780\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20332743330\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin8215062560\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\gee00pr\imagestore.dat
data
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\12-b98955[1].css
UTF-8 Unicode text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\RE1Mu3b[1].png
PNG image data, 216 x 46, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\archivebar-desktop[1].css
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\favicon[2].ico
MS Windows icon resource - 6 icons, 128x128, 16 colors, 72x72, 16 colors
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\icons[1].eot
Embedded OpenType (EOT), icons family
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\jquery-1.11.2.min[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\jquery-1.7.2.min[1].js
HTML document, UTF-8 Unicode text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\jquery-3.1.1.min[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\jquery.min[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\override[1].css
ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\privacystatement[1].htm
HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\script[1].js
UTF-8 Unicode text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\servicesagreement[1].htm
HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\style[1].css
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\2_bc3d32a696895f78c19df6c717586a5d[1].svg
SVG Scalable Vector Graphics image
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\Print[1].png
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\app[1].css
ASCII text, with very long lines, with CRLF, LF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\arrow_px_up[1].gif
GIF image data, version 89a, 7 x 9
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\favicon[2].ico
MS Windows icon resource - 6 icons, 128x128, 16 colors, 72x72, 16 colors
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\favicon_a_eupayfgghqiai7k9sol6lg2[1].ico
MS Windows icon resource - 6 icons, 128x128, 16 colors, 72x72, 16 colors
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\latest[1].woff
Web Open Font Format, TrueType, length 35900, version 0.0
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\script[1].js
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\shell.min[1].css
UTF-8 Unicode text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\53_8b36337037cff88c3df203bb73d58e41[1].png
PNG image data, 342 x 72, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\AH7Q0563.htm
HTML document, UTF-8 Unicode text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\RE1Mu3b[1].png
PNG image data, 216 x 46, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410[1].svg
SVG Scalable Vector Graphics image
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\ellipsis_635a63d500a92a0b8497cdc58d0f66b1[1].svg
SVG Scalable Vector Graphics image
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\ellipsis_grey_2b5d393db04a5e6e1f739cb266e65b4c[1].svg
SVG Scalable Vector Graphics image
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\latest[1].eot
Embedded OpenType (EOT), Segoe UI Semibold family
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\latest[2].eot
Embedded OpenType (EOT), Segoe UI family
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd[1].svg
SVG Scalable Vector Graphics image
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\picker_account_aad_9de70d1c5191d1852a0d5aac28b44a6c[1].svg
SVG Scalable Vector Graphics image
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\picker_account_add_56e73414003cdb676008ff7857343074[1].svg
SVG Scalable Vector Graphics image
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\picker_more_7568a43cf440757c55d2e7f51557ae1f[1].svg
SVG Scalable Vector Graphics image
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\4d-6e4c52[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\analytics[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\font-awesome[1].css
troff or preprocessor input, ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\latest[1].eot
Embedded OpenType (EOT), Segoe UI Light family
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\mscc-0.4.2.min[1].css
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\mscc-0.4.2.min[1].js
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\mwfmdl2-v3.54[1].woff
Web Open Font Format, TrueType, length 26288, version 0.0
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\print-icon[1].png
PNG image data, 16 x 16, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\script[1].js
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\style[1].css
UTF-8 Unicode text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Temp\~DF3E0B3F9A82A7DD80.TMP
data
#
C:\Users\user\AppData\Local\Temp\~DF4E3F96BB0DCF42ED.TMP
data
#
C:\Users\user\AppData\Local\Temp\~DFDBFABEB4315C57E4.TMP
data
#