flash

http://rwiqipwvnklaqkuu.ltiliqhting.com/asci/SmFjcXVlbGluZS5TY2hyYWRlckByYWJvYmFuay5jb20=

Status: finished
Submission Time: 20.11.2020 17:59:07
Malicious
Phishing
HTMLPhisher

Comments

Tags

Details

  • Analysis ID:
    321258
  • API (Web) ID:
    544321
  • Analysis Started:
    20.11.2020 17:59:07
  • Analysis Finished:
    20.11.2020 18:02:10
  • Technologies:
Full Report Management Report Engine Info Verdict Score Reports

System: Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211

malicious
72/100

malicious

malicious

IPs

IP Country Detection
198.54.120.245
United States
168.62.48.44
United States
152.199.23.72
United States

Domains

Name IP Detection
daabaaru.com
198.54.120.245
cs1025.wpc.upsiloncdn.net
152.199.23.72
rwiqipwvnklaqkuu.ltiliqhting.com
168.62.48.44
Click to see the 1 hidden entries
aadcdn.msauthimages.net
0.0.0.0

URLs

Name Detection
https://daabaaru.com/fax/document/myp0dplr1edpvg99v613ua80.php?MTYwNTg5MTYwMDZkMDZjNTRlMTMzYjlkYjc1ZjYxZDhiY2U4OTBlZWU4OTcyNmFkYTEwMDA5MmRjMDdjYWM1YmYzN2UwMTdkM2M5ZGEwOTllYw==&data=SmFjcXVlbGluZS5TY2hyYWRlckByYWJvYmFuay5jb20=
http://rwiqipwvnklaqkuu.ltiliqhting.com/asci/SmFjcXVlbGluZS5TY2hyYWRlckByYWJvYmFuay5jb20=Root
http://rwiqipwvnklaqkuu.ltiliqhting.com/asci/SmFjcXVlbGluZS5TY2hyYWRlckByYWJvYmFuay5jb20=
Click to see the 7 hidden entries
https://daabaaru.com/fax/document/?Jacqueline.Schrader
https://daabaaru.com/fu.ltiliqhting.com/asci/SmFjcXVlbGluZS5TY2hyYWRlckByYWJvYmFuay5jb20=ax/document
https://daabaaru.com/fax/document/lib/img/favicon.ico~
https://daabaaru.com/fax/document/lib/img/favicon.ico
https://daabaaru.com/fax/document/myp0dplr1edpvg99v613ua80.php?MTYwNTg5MTYwMDZkMDZjNTRlMTMzYjlkYjc1Z
https://aadcdn.msauthimages.net/c1c6b6c8-io4-zs4fy-s8uub0c-ziiztiuzc8njr-nhcgotapjss/logintenantbran
https://daabaaru.com/fax/document/lib/img/favicon.ico~(

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\myp0dplr1edpvg99v613ua80[1].htm
HTML document, UTF-8 Unicode text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{3E7062E6-2B9D-11EB-90E4-ECF4BB862DED}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{3E7062E8-2B9D-11EB-90E4-ECF4BB862DED}.dat
Microsoft Word Document
#
Click to see the 12 hidden entries
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{482E3D4B-2B9D-11EB-90E4-ECF4BB862DED}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\ynfz0jx\imagestore.dat
data
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\arrow[1].svg
SVG Scalable Vector Graphics image
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\login[1].css
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\white_ellipsis[1].svg
SVG Scalable Vector Graphics image
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\bannerlogo[1]
PNG image data, 280 x 60, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\favicon[1].ico
MS Windows icon resource - 6 icons, 128x128, 16 colors, 72x72, 16 colors
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\illustration[1]
PNG image data, 497 x 280, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\SmFjcXVlbGluZS5TY2hyYWRlckByYWJvYmFuay5jb20=[1].htm
HTML document, ASCII text
#
C:\Users\user\AppData\Local\Temp\~DF8164221878F877A2.TMP
data
#
C:\Users\user\AppData\Local\Temp\~DFCA8D72B327600857.TMP
data
#
C:\Users\user\AppData\Local\Temp\~DFF5D05630EB173D68.TMP
data
#