flash

https://cyttatesful.com/CD/nridistribution.com/office_365_authentication/owa.php

Status: finished
Submission Time: 23.09.2020 23:35:50
Malicious
Phishing
HTMLPhisher

Comments

Tags

Details

  • Analysis ID:
    289327
  • API (Web) ID:
    473763
  • Analysis Started:
    23.09.2020 23:35:50
  • Analysis Finished:
    23.09.2020 23:39:46
  • Technologies:
Full Report Management Report Engine Info Verdict Score Reports

System: Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211

malicious
92/100

malicious
10/80

malicious

malicious

IPs

IP Country Detection
173.82.115.103
United States
151.101.12.193
United States
152.199.23.37
United States
Click to see the 2 hidden entries
151.139.128.8
United States
104.17.79.107
United States

Domains

Name IP Detection
kit-free.fontawesome.com
151.139.128.8
cs1100.wpc.omegacdn.net
152.199.23.37
cyttatesful.com
173.82.115.103
Click to see the 6 hidden entries
cdnjs.cloudflare.com
104.17.79.107
kit.fontawesome.com
151.139.128.8
ipv4.imgur.map.fastly.net
151.101.12.193
code.jquery.com
0.0.0.0
aadcdn.msftauth.net
0.0.0.0
i.imgur.com
0.0.0.0

URLs

Name Detection
https://cyttatesful.com/CD/nridistribution.com/office_365_authentication/owa.phpRoot
https://cyttatesful.com/CD/nridistribution.com/office_365_authentication/owa.php$Sign
https://cyttatesful.com/CD/nridistribution.com/office_365_authentication/owa.php
Click to see the 46 hidden entries
https://cyttatesful.com/CD/nridistribution.com/office_365_authentication/owa.php
https://jqueryvalidation.org/valid/
https://html.spec.whatwg.org/multipage/forms.html#valid-e-mail-address
https://jqueryvalidation.org/Validator.showErrors/
https://kit.fontawesome.com/7cd4d97275.js
https://jqueryvalidation.org/required-method/
https://aadcdn.msftauth.net/ests/2.1/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.
https://jqueryvalidation.org/min-method/
https://jqueryvalidation.org/equalTo-method/
https://jqueryvalidation.org/filled-selector/
https://jqueryvalidation.org/Validator.element/
https://api.jquery.com/category/selectors/
https://jqueryvalidation.org/
https://aadcdn.msftauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
https://i.imgur.com/I4Qd9nH.jpg);
https://jqueryvalidation.org/number-method/
https://code.jquery.com/jquery-3.1.1.min.js
https://jqueryvalidation.org/range-method/
https://jqueryvalidation.org/jQuery.validator.format/
https://aadcdn.msftauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico~
https://aadcdn.msftauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico~(
https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.0/jquery.validate.js
https://jqueryvalidation.org/email-method/
https://jqueryvalidation.org/minlength-method/
https://jqueryvalidation.org/unchecked-selector/
https://jqueryvalidation.org/Validator.form/
https://i.imgur.com/eDXfU9D.png
https://jqueryvalidation.org/url-method/
https://jqueryvalidation.org/validate/
https://jqueryvalidation.org/jQuery.validator.setDefaults/
https://jqueryvalidation.org/rangelength-method/
https://jqueryvalidation.org/maxlength-method/
https://jqueryvalidation.org/step-method/
https://gist.github.com/dperini/729294
https://jqueryvalidation.org/rules/
https://jqueryvalidation.org/digits-method/
https://jqueryvalidation.org/max-method/
https://kit-free.fontawesome.com
https://jqueryvalidation.org/dateISO-method/
https://jqueryvalidation.org/blank-selector/
https://jqueryvalidation.org/remote-method/
https://jqueryvalidation.org/jQuery.validator.addMethod/
https://jqueryvalidation.org/date-method/
https://mathiasbynens.be/demo/url-regex
https://jqueryvalidation.org/Validator.resetForm/
https://jqueryvalidation.org/jQuery.validator.methods/

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\owa[1].htm
HTML document, ASCII text
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{4BDD8E49-FE30-11EA-90E3-ECF4BB2D2496}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{4BDD8E4B-FE30-11EA-90E3-ECF4BB2D2496}.dat
Microsoft Word Document
#
Click to see the 15 hidden entries
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{537F4005-FE30-11EA-90E3-ECF4BB2D2496}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\wlm7n14\imagestore.dat
data
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3Y2ADQKS\favicon_a_eupayfgghqiai7k9sol6lg2[1].ico
MS Windows icon resource - 6 icons, 128x128, 16 colors, 72x72, 16 colors
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3Y2ADQKS\microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd[1].svg
SVG Scalable Vector Graphics image
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9QTQHWWN\I4Qd9nH[1].jpg
JPEG image data, baseline, precision 8, 1920x1080, frames 3
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9QTQHWWN\jquery.validate[1].js
UTF-8 Unicode text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9QTQHWWN\mem8YaGs126MiZpBA-UFVZ0d[1].woff
Web Open Font Format, TrueType, length 18100, version 1.1
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\G62TDH9B\eDXfU9D[1].png
PNG image data, 342 x 72, 4-bit colormap, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\G62TDH9B\jquery-3.1.1.min[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\7cd4d97275[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\css[1].css
ASCII text
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\free.min[1].js
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Temp\~DF69A9FF2500C45DEE.TMP
data
#
C:\Users\user\AppData\Local\Temp\~DF915E641A080D6276.TMP
data
#
C:\Users\user\AppData\Local\Temp\~DFA08C4EE0DFD22D3F.TMP
data
#