Analysis Report https://risefundraiser.com/campaign/help-india-fight-covid-19-donate-for-oxygen

Overview

General Information

Sample URL: https://risefundraiser.com/campaign/help-india-fight-covid-19-donate-for-oxygen
Analysis ID: 418883
Infos:

Most interesting Screenshot:

Detection

Score: 52
Range: 0 - 100
Whitelisted: false
Confidence: 100%

Signatures

Antivirus detection for URL or domain
Phishing site detected (based on logo template match)
Invalid T&C link found

Classification

AV Detection:

barindex
Antivirus detection for URL or domain
Source: https://installw.com/ajax/libs/jquery/3.0.1/jquery.min.js Avira URL Cloud: Label: malware

Phishing:

barindex
Phishing site detected (based on logo template match)
Source: https://risefundraiser.com/login Matcher: Template: facebook matched
Source: https://risefundraiser.com/login Matcher: Template: facebook matched
Invalid T&C link found
Source: https://risefundraiser.com/login HTTP Parser: Invalid link: Privacy Policy
Source: https://risefundraiser.com/login HTTP Parser: Invalid link: Terms of Use
Source: https://risefundraiser.com/login HTTP Parser: Invalid link: Privacy Policy
Source: https://risefundraiser.com/login HTTP Parser: Invalid link: Terms of Use
Source: https://risefundraiser.com/login HTTP Parser: Invalid link: Privacy Policy
Source: https://risefundraiser.com/login HTTP Parser: Invalid link: Terms of Use
Source: https://risefundraiser.com/login HTTP Parser: Invalid link: Privacy Policy
Source: https://risefundraiser.com/login HTTP Parser: Invalid link: Terms of Use
Source: https://risefundraiser.com/login HTTP Parser: No <meta name="author".. found
Source: https://risefundraiser.com/login HTTP Parser: No <meta name="author".. found
Source: https://risefundraiser.com/login HTTP Parser: No <meta name="author".. found
Source: https://risefundraiser.com/login HTTP Parser: No <meta name="author".. found
Source: https://risefundraiser.com/login HTTP Parser: No <meta name="copyright".. found
Source: https://risefundraiser.com/login HTTP Parser: No <meta name="copyright".. found
Source: https://risefundraiser.com/login HTTP Parser: No <meta name="copyright".. found
Source: https://risefundraiser.com/login HTTP Parser: No <meta name="copyright".. found
Source: C:\Program Files (x86)\Internet Explorer\iexplore.exe File opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll Jump to behavior
Source: unknown HTTPS traffic detected: 54.201.10.107:443 -> 192.168.2.4:49733 version: TLS 1.2
Source: unknown HTTPS traffic detected: 54.201.10.107:443 -> 192.168.2.4:49734 version: TLS 1.2
Source: unknown HTTPS traffic detected: 104.16.18.94:443 -> 192.168.2.4:49743 version: TLS 1.2
Source: unknown HTTPS traffic detected: 104.16.18.94:443 -> 192.168.2.4:49738 version: TLS 1.2
Source: unknown HTTPS traffic detected: 151.101.1.0:443 -> 192.168.2.4:49736 version: TLS 1.2
Source: unknown HTTPS traffic detected: 104.16.18.94:443 -> 192.168.2.4:49744 version: TLS 1.2
Source: unknown HTTPS traffic detected: 104.18.10.207:443 -> 192.168.2.4:49745 version: TLS 1.2
Source: unknown HTTPS traffic detected: 104.16.18.94:443 -> 192.168.2.4:49742 version: TLS 1.2
Source: unknown HTTPS traffic detected: 104.18.10.207:443 -> 192.168.2.4:49741 version: TLS 1.2
Source: unknown HTTPS traffic detected: 104.16.18.94:443 -> 192.168.2.4:49740 version: TLS 1.2
Source: unknown HTTPS traffic detected: 104.18.10.207:443 -> 192.168.2.4:49739 version: TLS 1.2
Source: unknown HTTPS traffic detected: 151.101.1.0:443 -> 192.168.2.4:49737 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.224.89.71:443 -> 192.168.2.4:49746 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.224.89.71:443 -> 192.168.2.4:49747 version: TLS 1.2
Source: unknown HTTPS traffic detected: 104.17.182.73:443 -> 192.168.2.4:49751 version: TLS 1.2
Source: unknown HTTPS traffic detected: 104.17.182.73:443 -> 192.168.2.4:49750 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.224.89.71:443 -> 192.168.2.4:49752 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.224.89.71:443 -> 192.168.2.4:49753 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.224.89.71:443 -> 192.168.2.4:49754 version: TLS 1.2
Source: unknown HTTPS traffic detected: 52.218.236.192:443 -> 192.168.2.4:49756 version: TLS 1.2
Source: unknown HTTPS traffic detected: 52.218.236.192:443 -> 192.168.2.4:49755 version: TLS 1.2
Source: unknown HTTPS traffic detected: 31.13.92.14:443 -> 192.168.2.4:49759 version: TLS 1.2
Source: unknown HTTPS traffic detected: 31.13.92.14:443 -> 192.168.2.4:49760 version: TLS 1.2
Source: unknown HTTPS traffic detected: 52.218.236.192:443 -> 192.168.2.4:49782 version: TLS 1.2
Source: unknown HTTPS traffic detected: 172.217.20.1:443 -> 192.168.2.4:49783 version: TLS 1.2
Source: create[1].htm.3.dr String found in binary or memory: <img height='1' width='1' style='display:none' src='https://www.facebook.com/tr?id=2126210880948599&ev=PageView&noscript=1'/>; equals www.facebook.com (Facebook)
Source: 2126210880948599[1].js.3.dr String found in binary or memory: (function(a,b,c,d){var e={exports:{}};e.exports;(function(){var f=a.fbq;f.execStart=a.performance&&a.performance.now&&a.performance.now();if(!function(){var b=a.postMessage||function(){};if(!f){b({action:"FB_LOG",logType:"Facebook Pixel Error",logMessage:"Pixel code is not installed correctly on this page"},"*");"error"in console&&console.error("Facebook Pixel Error: Pixel code is not installed correctly on this page");return!1}return!0}())return;f.__fbeventsModules||(f.__fbeventsModules={},f.__fbeventsResolvedModules={},f.getFbeventsModules=function(a){f.__fbeventsResolvedModules[a]||(f.__fbeventsResolvedModules[a]=f.__fbeventsModules[a]());return f.__fbeventsResolvedModules[a]},f.fbIsModuleLoaded=function(a){return!!f.__fbeventsModules[a]},f.ensureModuleRegistered=function(b,a){f.fbIsModuleLoaded(b)||(f.__fbeventsModules[b]=a)});f.ensureModuleRegistered("signalsFBEventsGetIwlUrl",function(){return function(a,b,c,d){var e={exports:{}};e.exports;(function(){"use strict";var a=f.getFbeventsModules("signalsFBEventsGetTier");e.exports=function(b,c){c=a(c);c=c==null?"www.facebook.com":"www."+c+".facebook.com";return"https://"+c+"/signals/iwl.js?pixel_id="+b}})();return e.exports}(a,b,c,d)});f.ensureModuleRegistered("signalsFBEventsGetTier",function(){return function(f,b,c,d){var e={exports:{}};e.exports;(function(){"use strict";var a=/^https:\/\/www\.([A-Za-z0-9\.]+)\.facebook\.com\/tr\/?$/,b=["https://www.facebook.com/tr","https://www.facebook.com/tr/"];e.exports=function(c){if(b.indexOf(c)!==-1)return null;var d=a.exec(c);if(d==null)throw new Error("Malformed tier: "+c);return d[1]}})();return e.exports}(a,b,c,d)});f.ensureModuleRegistered("SignalsFBEvents.plugins.iwlbootstrapper",function(){return function(a,b,c,d){var e={exports:{}};e.exports;(function(){"use strict";var c=f.getFbeventsModules("SignalsFBEventsIWLBootStrapEvent"),d=f.getFbeventsModules("SignalsFBEventsLogging"),g=f.getFbeventsModules("SignalsFBEventsNetworkConfig"),h=f.getFbeventsModules("SignalsFBEventsPlugin"),i=f.getFbeventsModules("signalsFBEventsGetIwlUrl"),j=f.getFbeventsModules("signalsFBEventsGetTier"),k=d.logUserError,l=/^https:\/\/.*\.facebook\.com$/i,m="FACEBOOK_IWL_CONFIG_STORAGE_KEY",n=a.sessionStorage?a.sessionStorage:{getItem:function(a){return null},removeItem:function(a){},setItem:function(a,b){}};e.exports=new h(function(d,e){function h(c,d){var e=b.createElement("script");e.async=!0;e.onload=function(){if(!a.FacebookIWL||!a.FacebookIWL.init)return;var b=j(g.ENDPOINT);b!=null&&a.FacebookIWL.set&&a.FacebookIWL.set("tier",b);d()};a.FacebookIWLSessionEnd=function(){n.removeItem(m),a.close()};e.src=i(c,g.ENDPOINT);b.body&&b.body.appendChild(e)}var o=!1,p=function(a){return!!(e&&e.pixelsByID&&Object.prototype.hasOwnProperty.call(e.pixelsByID,a))};function q(){if(o)return;var b=n.getItem(m);if(!b)return;b=JSON.parse(b);var c=b.pixelID,d=b.graphToken,e=b.sessionStartTime;o=!0;h(c,function(){var b=p(c)?c:null;a.FacebookIWL.init(b,d,e)})}function r(b){if(o)return;h(b,func
Source: unknown DNS traffic detected: queries for: risefundraiser.com
Source: Chart.bundle.min[1].js.3.dr String found in binary or memory: http://chartjs.org/
Source: animate.min[1].css.3.dr String found in binary or memory: http://daneden.me/animate
Source: fontawesome-webfont[1].eot.3.dr, font-awesome.min[1].css.3.dr String found in binary or memory: http://fontawesome.io
Source: font-awesome.min[1].css.3.dr String found in binary or memory: http://fontawesome.io/license
Source: fontawesome-webfont[1].eot.3.dr String found in binary or memory: http://fontawesome.io/license/
Source: fontawesome-webfont[1].eot.3.dr String found in binary or memory: http://fontawesome.iohttp://fontawesome.iohttp://fontawesome.io/license/http://fontawesome.io/licens
Source: bootstrap.min[1].css.3.dr String found in binary or memory: http://getbootstrap.com)
Source: animate.min[1].css.3.dr String found in binary or memory: http://opensource.org/licenses/MIT
Source: risefundraiser[1].xml.3.dr String found in binary or memory: http://round.glass/rise/&quot;
Source: swiper.min[1].css.3.dr String found in binary or memory: http://www.idangero.us/swiper/
Source: gtm[1].js.3.dr String found in binary or memory: https://adservice.google.com/pagead/regclk
Source: create[1].htm.3.dr String found in binary or memory: https://ajax.googleapis.com/ajax/libs/jquery/2.2.3/jquery.min.js
Source: analytics[1].js.3.dr String found in binary or memory: https://ampcid.google.com/v1/publisher:getClientId
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr String found in binary or memory: https://api.whatsapp.c
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr String found in binary or memory: https://api.whatsapp.com/send?text=https%3A%2F%2Frisefundraiser.com%2Fcampaign%2Fhelp-india-fight-co
Source: gtm[1].js.3.dr String found in binary or memory: https://cct.google/taggy/agent.js
Source: create[1].htm.3.dr String found in binary or memory: https://cdn.quilljs.com/1.2.2/quill.bubble.css
Source: create[1].htm.3.dr String found in binary or memory: https://cdn.quilljs.com/1.2.2/quill.snow.css
Source: create[1].htm.3.dr String found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/Chart.js/2.6.0/Chart.bundle.min.js
Source: create[1].htm.3.dr String found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.1.6/assets/owl.carousel.min.css
Source: create[1].htm.3.dr String found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/Swiper/4.5.0/css/swiper.min.css
Source: create[1].htm.3.dr String found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/Swiper/4.5.0/js/swiper.min.js
Source: create[1].htm.3.dr String found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/animate.min.css
Source: create[1].htm.3.dr String found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/systemjs/0.19.39/system.src.js
Source: create[1].htm.3.dr String found in binary or memory: https://connect.facebook.net/en_US/fbevents.js
Source: create[1].htm.3.dr String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/1.9.7_P9_patch2/main.94919de6defa08284319.js
Source: create[1].htm.3.dr String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/1.9.7_P9_patch2/polyfills.661b9383b7c93a39b0f5.js
Source: create[1].htm.3.dr String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/1.9.7_P9_patch2/scripts.d004d92bf73ccd662204.js
Source: create[1].htm.3.dr String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/1.9.7_P9_patch2/vendor.7b1b41a937a083fd16b0.js
Source: style-layout[1].css.3.dr String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_0_0.eot
Source: style-layout[1].css.3.dr String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_0_0.eot?#iefix
Source: style-layout[1].css.3.dr String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_0_0.ttf
Source: style-layout[1].css.3.dr String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_0_0.woff
Source: style-layout[1].css.3.dr String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_1_0.eot
Source: style-layout[1].css.3.dr String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_1_0.eot?#iefix
Source: style-layout[1].css.3.dr String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_1_0.ttf
Source: style-layout[1].css.3.dr String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_1_0.woff
Source: style-layout[1].css.3.dr String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_2_0.eot
Source: style-layout[1].css.3.dr String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_2_0.eot?#iefix
Source: style-layout[1].css.3.dr String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_2_0.ttf
Source: style-layout[1].css.3.dr String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_2_0.woff
Source: style-layout[1].css.3.dr String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_3_0.eot
Source: style-layout[1].css.3.dr String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_3_0.eot?#iefix
Source: style-layout[1].css.3.dr String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_3_0.ttf
Source: style-layout[1].css.3.dr String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_3_0.woff
Source: style-layout[1].css.3.dr String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_4_0.eot
Source: style-layout[1].css.3.dr String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_4_0.eot?#iefix
Source: style-layout[1].css.3.dr String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_4_0.ttf
Source: style-layout[1].css.3.dr String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_4_0.woff
Source: style-layout[1].css.3.dr String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_5_0.eot
Source: style-layout[1].css.3.dr String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_5_0.eot?#iefix
Source: style-layout[1].css.3.dr String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_5_0.ttf
Source: style-layout[1].css.3.dr String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_5_0.woff
Source: style-layout[1].css.3.dr String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_6_0.eot
Source: style-layout[1].css.3.dr String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_6_0.eot?#iefix
Source: style-layout[1].css.3.dr String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_6_0.ttf
Source: style-layout[1].css.3.dr String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_6_0.woff
Source: style-layout[1].css.3.dr String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_7_0.eot
Source: style-layout[1].css.3.dr String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_7_0.eot?#iefix
Source: style-layout[1].css.3.dr String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_7_0.ttf
Source: style-layout[1].css.3.dr String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_7_0.woff
Source: create[1].htm.3.dr, ~DF6F133FC75023CC50.TMP.1.dr String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/images/icon/favicon.ico?v=2
Source: imagestore.dat.3.dr String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/images/icon/favicon.ico?v=2~
Source: risefundraiser[1].xml.3.dr String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/images/logo.png&quot;
Source: style-layout[1].css.3.dr String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/images/microsite/hero.jpg
Source: style-layout[1].css.3.dr String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/images/microsite/icon/design-Ico.png
Source: style-layout[1].css.3.dr String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/images/microsite/icon/fundraiser-Ico.png
Source: style-layout[1].css.3.dr String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/images/microsite/icon/peers-Ico.png
Source: style-layout[1].css.3.dr String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/images/microsite/icon/promote-Ico.png
Source: style-layout[1].css.3.dr String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/images/microsite/storybg.png)
Source: risefundraiser[1].xml.3.dr String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/images/rg-logo.png&quot;
Source: create[1].htm.3.dr String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/themes/style-layout.css
Source: styles.a19aec6bac6aa86c5932[1].css2.3.dr String found in binary or memory: https://fengyuanchen.github.io/cropperjs
Source: owl.carousel.min[1].css.3.dr String found in binary or memory: https://github.com/OwlCarousel2/OwlCarousel2/blob/master/LICENSE)
Source: Chart.bundle.min[1].js.3.dr String found in binary or memory: https://github.com/chartjs/Chart.js/blob/master/LICENSE.md
Source: gtm[1].js.3.dr String found in binary or memory: https://github.com/krux/postscribe/blob/master/LICENSE.
Source: bootstrap.min[1].css.3.dr String found in binary or memory: https://github.com/twbs/bootstrap/blob/master/LICENSE)
Source: calculator-v1[1].js.3.dr String found in binary or memory: https://installw.com/ajax/libs/jquery/3.0.1/jquery.min.js
Source: create[1].htm.3.dr String found in binary or memory: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Source: create[1].htm.3.dr String found in binary or memory: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Source: create[1].htm.3.dr String found in binary or memory: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Source: gtm[1].js.3.dr String found in binary or memory: https://pagead2.googlesyndication.com
Source: quill.bubble[1].css.3.dr String found in binary or memory: https://quilljs.com/
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr String found in binary or memory: https://risefundr.com/campaign/help-india-fight-ctegrated
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr String found in binary or memory: https://risefundr.com/createhelp-india-fight-covid-19-donate-for-oxygenRoot
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr String found in binary or memory: https://risefundr.com/explorehelp-india-fight-covid-19-donate-for-oxygenRoot
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr String found in binary or memory: https://risefundr.com/loginRoot
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr String found in binary or memory: https://risefundr.com/notificationRoot
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr String found in binary or memory: https://risefundr.com/offeringsRoot
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr String found in binary or memory: https://risefundr.com/orgsRoot
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr String found in binary or memory: https://risefundr.com/otificationRoot
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr String found in binary or memory: https://risefundr.com/reatehelp-india-fight-covid-19-donate-for-oxygenRoot
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr String found in binary or memory: https://risefundraiser.Root
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr, create[1].htm.3.dr String found in binary or memory: https://risefundraiser.com/
Source: risefundraiser[1].xml.3.dr String found in binary or memory: https://risefundraiser.com/&quot;
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr String found in binary or memory: https://risefundraiser.com/campaign/help-india-fight-covid-19-donate-for-oxygen
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr String found in binary or memory: https://risefundraiser.com/campaign/help-india-fight-covid-19-donate-for-oxygen#campaign
Source: ~DF6F133FC75023CC50.TMP.1.dr String found in binary or memory: https://risefundraiser.com/campaign/help-india-fight-covid-19-donate-for-oxygen#campaigna-fight-covi
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr String found in binary or memory: https://risefundraiser.com/campaign/help-india-fight-covid-19-donate-for-oxygen.com/campaign/help-in
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr String found in binary or memory: https://risefundraiser.com/campaign/help-india-fight-covid-19-donate-for-oxygenRoot
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr String found in binary or memory: https://risefundraiser.com/campaign/help-india-fight-covid-19-donate-for-oxygenZEdifecs:
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr String found in binary or memory: https://risefundraiser.com/create
Source: ~DF6F133FC75023CC50.TMP.1.dr String found in binary or memory: https://risefundraiser.com/createhelp-india-fight-covid-19-donate-for-oxygen
Source: ~DF6F133FC75023CC50.TMP.1.dr String found in binary or memory: https://risefundraiser.com/createhelp-india-fight-covid-19-donate-for-oxygend
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr String found in binary or memory: https://risefundraiser.com/explore
Source: ~DF6F133FC75023CC50.TMP.1.dr String found in binary or memory: https://risefundraiser.com/explorehelp-india-fight-covid-19-donate-for-oxygen
Source: ~DF6F133FC75023CC50.TMP.1.dr String found in binary or memory: https://risefundraiser.com/explorehelp-india-fight-covid-19-donate-for-oxygenhttps://risefundraiser.
Source: ~DF6F133FC75023CC50.TMP.1.dr String found in binary or memory: https://risefundraiser.com/explorehelp-india-fight-covid-19-donate-for-oxygenicon/favicon.ico?v=2
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr String found in binary or memory: https://risefundraiser.com/explorevFundraising
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr, ~DF6F133FC75023CC50.TMP.1.dr String found in binary or memory: https://risefundraiser.com/login
Source: ~DF6F133FC75023CC50.TMP.1.dr String found in binary or memory: https://risefundraiser.com/loginationhttps://dqy0ngl1d5798.cloudfront.net/assets/images/icon/favicon
Source: ~DF6F133FC75023CC50.TMP.1.dr String found in binary or memory: https://risefundraiser.com/loginhelp-india-fight-covid-19-donate-for-oxygen
Source: ~DF6F133FC75023CC50.TMP.1.dr String found in binary or memory: https://risefundraiser.com/loginhelp-india-fight-covid-19-donate-for-oxygenb
Source: ~DF6F133FC75023CC50.TMP.1.dr String found in binary or memory: https://risefundraiser.com/notification
Source: ~DF6F133FC75023CC50.TMP.1.dr String found in binary or memory: https://risefundraiser.com/offerings
Source: ~DF6F133FC75023CC50.TMP.1.dr String found in binary or memory: https://risefundraiser.com/offeringsj
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr, ~DF6F133FC75023CC50.TMP.1.dr String found in binary or memory: https://risefundraiser.com/orgs
Source: ~DF6F133FC75023CC50.TMP.1.dr String found in binary or memory: https://risefundraiser.com/orgs$
Source: ~DF6F133FC75023CC50.TMP.1.dr String found in binary or memory: https://risefundraiser.com/otification
Source: ~DF6F133FC75023CC50.TMP.1.dr String found in binary or memory: https://risefundraiser.com/otificationhttps://dqy0ngl1d5798.cloudfront.net/assets/images/icon/favico
Source: ~DF6F133FC75023CC50.TMP.1.dr String found in binary or memory: https://risefundraiser.com/reatehelp-india-fight-covid-19-donate-for-oxygeniser.com/
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr String found in binary or memory: https://risefundrraiser.com/explore
Source: create[1].htm.3.dr String found in binary or memory: https://s3-us-west-2.amazonaws.com/rg-fundraiser/assets/images/calculator-v1.js
Source: analytics[1].js.3.dr String found in binary or memory: https://stats.g.doubleclick.net/j/collect
Source: analytics[1].js.3.dr String found in binary or memory: https://tagassistant.google.com/
Source: create[1].htm.3.dr String found in binary or memory: https://www.google-analytics.com/analytics.js
Source: analytics[1].js.3.dr String found in binary or memory: https://www.google-analytics.com/debug/bootstrap
Source: analytics[1].js.3.dr String found in binary or memory: https://www.google-analytics.com/gtm/js?id=
Source: analytics[1].js.3.dr String found in binary or memory: https://www.google.%/ads/ga-audiences
Source: gtm[1].js.3.dr String found in binary or memory: https://www.google.com
Source: gtm[1].js.3.dr String found in binary or memory: https://www.googletagmanager.com/debug/bootstrap
Source: analytics[1].js.3.dr String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=
Source: create[1].htm.3.dr String found in binary or memory: https://www.googletagmanager.com/gtm.js?id=
Source: create[1].htm.3.dr String found in binary or memory: https://www.googletagmanager.com/ns.html?id=GTM-K54ZJZ4
Source: unknown Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown HTTPS traffic detected: 54.201.10.107:443 -> 192.168.2.4:49733 version: TLS 1.2
Source: unknown HTTPS traffic detected: 54.201.10.107:443 -> 192.168.2.4:49734 version: TLS 1.2
Source: unknown HTTPS traffic detected: 104.16.18.94:443 -> 192.168.2.4:49743 version: TLS 1.2
Source: unknown HTTPS traffic detected: 104.16.18.94:443 -> 192.168.2.4:49738 version: TLS 1.2
Source: unknown HTTPS traffic detected: 151.101.1.0:443 -> 192.168.2.4:49736 version: TLS 1.2
Source: unknown HTTPS traffic detected: 104.16.18.94:443 -> 192.168.2.4:49744 version: TLS 1.2
Source: unknown HTTPS traffic detected: 104.18.10.207:443 -> 192.168.2.4:49745 version: TLS 1.2
Source: unknown HTTPS traffic detected: 104.16.18.94:443 -> 192.168.2.4:49742 version: TLS 1.2
Source: unknown HTTPS traffic detected: 104.18.10.207:443 -> 192.168.2.4:49741 version: TLS 1.2
Source: unknown HTTPS traffic detected: 104.16.18.94:443 -> 192.168.2.4:49740 version: TLS 1.2
Source: unknown HTTPS traffic detected: 104.18.10.207:443 -> 192.168.2.4:49739 version: TLS 1.2
Source: unknown HTTPS traffic detected: 151.101.1.0:443 -> 192.168.2.4:49737 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.224.89.71:443 -> 192.168.2.4:49746 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.224.89.71:443 -> 192.168.2.4:49747 version: TLS 1.2
Source: unknown HTTPS traffic detected: 104.17.182.73:443 -> 192.168.2.4:49751 version: TLS 1.2
Source: unknown HTTPS traffic detected: 104.17.182.73:443 -> 192.168.2.4:49750 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.224.89.71:443 -> 192.168.2.4:49752 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.224.89.71:443 -> 192.168.2.4:49753 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.224.89.71:443 -> 192.168.2.4:49754 version: TLS 1.2
Source: unknown HTTPS traffic detected: 52.218.236.192:443 -> 192.168.2.4:49756 version: TLS 1.2
Source: unknown HTTPS traffic detected: 52.218.236.192:443 -> 192.168.2.4:49755 version: TLS 1.2
Source: unknown HTTPS traffic detected: 31.13.92.14:443 -> 192.168.2.4:49759 version: TLS 1.2
Source: unknown HTTPS traffic detected: 31.13.92.14:443 -> 192.168.2.4:49760 version: TLS 1.2
Source: unknown HTTPS traffic detected: 52.218.236.192:443 -> 192.168.2.4:49782 version: TLS 1.2
Source: unknown HTTPS traffic detected: 172.217.20.1:443 -> 192.168.2.4:49783 version: TLS 1.2
Source: classification engine Classification label: mal52.phis.win@3/115@10/9
Source: C:\Program Files\internet explorer\iexplore.exe File created: C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{622DD187-B99A-11EB-90EB-ECF4BBEA1588}.dat Jump to behavior
Source: C:\Program Files\internet explorer\iexplore.exe File created: C:\Users\user\AppData\Local\Temp\~DFB16589E349C1BC94.TMP Jump to behavior
Source: C:\Program Files\internet explorer\iexplore.exe File read: C:\Users\desktop.ini Jump to behavior
Source: unknown Process created: C:\Program Files\internet explorer\iexplore.exe 'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding
Source: C:\Program Files\internet explorer\iexplore.exe Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:2480 CREDAT:17410 /prefetch:2
Source: C:\Program Files\internet explorer\iexplore.exe Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:2480 CREDAT:17410 /prefetch:2 Jump to behavior
Source: Window Recorder Window detected: More than 3 window changes detected
Source: C:\Program Files (x86)\Internet Explorer\iexplore.exe File opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll Jump to behavior