flash

https://dietsuburb.com/dGh1eUBjbGVhcnRlY2htZWRpYS5jb20

Status: finished
Submission Time: 16.10.2020 22:17:25
Malicious
Phishing
HTMLPhisher

Comments

Tags

Details

  • Analysis ID:
    299532
  • API (Web) ID:
    494164
  • Analysis Started:
    16.10.2020 22:17:26
  • Analysis Finished:
    16.10.2020 22:21:02
  • Technologies:
Full Report Management Report Engine Info Verdict Score Reports

System: Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211

malicious
80/100

malicious

IPs

IP Country Detection
27.121.64.153
Australia
188.119.149.71
Netherlands

Domains

Name IP Detection
dietsuburb.com
188.119.149.71
ozscaping.com
27.121.64.153
cdn.onenote.net
0.0.0.0

URLs

Name Detection
https://ozscaping.com/?ss=2&ea=thuy@cleartechmedia.com&session=14ef694f925d441f3ecd8b81a74e40f014ef694f925d441f3ecd8b81a74e40f0
https://ozscaping.com/
https://ozscaping.com/next.php?ss=2cleartechmedia.com&session=14ef694f925d441f3ecd8b81a74e40f014ef69
Click to see the 14 hidden entries
https://ozscaping.com/next.php?ss=2
https://ozscaping.com/next.php?ss=2
https://next.php?ss=2cleartechmedia.com&session=14ef694f925d441f3ecd8b81a74e40f014ef694f925d441f3ecd
https://ozscaping.com/files2/favicon.ico
https://ozscaping.com/files2/favicon.ico~(
https://ozscaping.com/?ss=2&ea=thuy
https://ozscaping.com/xt.php?ss=2cleartechmedia.com&session=14ef694f925d441f3ecd8b81a74e40f014ef694f
https://ozscaping.com/
https://xt.php?ss=2cleartechmedia.com&session=14ef694f925d441f3ecd8b81a74e40f014ef694f925d441f3ecd8b
https://ozscaping.com/files2/favicon.ico~
https://ozscaping.com/files/favicon.ico
https://ozscaping.com/files/favicon.ico~(
https://signup.live.com/signup.aspx?wa=wsignin1.0&rpsnv=13&ct=1506073308&rver=6.7.6640.0
https://ozscaping.com/files/favicon.ico~

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\8D9FYCP1.htm
HTML document, UTF-8 Unicode text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{277A529A-1038-11EB-90E4-ECF4BB862DED}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{277A529C-1038-11EB-90E4-ECF4BB862DED}.dat
Microsoft Word Document
#
Click to see the 26 hidden entries
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{3144188B-1038-11EB-90E4-ECF4BB862DED}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\ynfz0jx\imagestore.dat
data
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\Converged1033[1].css
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\ErrorPageTemplate[1]
UTF-8 Unicode (with BOM) text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\bullet[1]
PNG image data, 15 x 15, 8-bit colormap, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\logo3[1].png
PNG image data, 342 x 72, 4-bit colormap, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\microsoft_logo[1].svg
SVG Scalable Vector Graphics image
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\next[1].htm
HTML document, UTF-8 Unicode text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\0-small[1].jpg
[TIFF image data, big-endian, direntries=7, xresolution=98, yresolution=106, resolutionunit=2, software=paint.net 4.0.13], baseline, precision 8, 50x28, frames 3
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\0[1].jpg
[TIFF image data, big-endian, direntries=7, xresolution=98, yresolution=106, resolutionunit=2, software=paint.net 4.0.13], baseline, precision 8, 1920x1080, frames 3
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\favicon[1].ico
MS Windows icon resource - 6 icons, 128x128, 16 colors, 72x72, 16 colors
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\info_48[1]
PNG image data, 47 x 48, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\0-small[1].jpg
[TIFF image data, big-endian, direntries=7, xresolution=98, yresolution=106, resolutionunit=2, software=paint.net 4.0.13], baseline, precision 8, 50x28, frames 3
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\arrow_left[1].png
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\down[1]
PNG image data, 15 x 15, 8-bit colormap, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\errorPageStrings[1]
UTF-8 Unicode (with BOM) text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\quest[1].png
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\Converged1033[1].css
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\background_gradient[1]
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1x800, frames 3
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\favicon[2].ico
MS Windows icon resource - 6 icons, 128x128, 16 colors, 72x72, 16 colors
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\httpErrorPagesScripts[1]
UTF-8 Unicode (with BOM) text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\http_404[1]
HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\load2[1].gif
GIF image data, version 89a, 352 x 3
#
C:\Users\user\AppData\Local\Temp\~DFB685BCB3584D00FE.TMP
data
#
C:\Users\user\AppData\Local\Temp\~DFE60736F312D029D3.TMP
data
#
C:\Users\user\AppData\Local\Temp\~DFE665840DF2B2B19C.TMP
data
#