flash

https://217181.8b.io/

Status: finished
Submission Time: 13.01.2021 17:25:24
Malicious
Phishing
HTMLPhisher

Comments

Tags

Details

  • Analysis ID:
    339210
  • API (Web) ID:
    580343
  • Analysis Started:
    13.01.2021 17:28:39
  • Analysis Finished:
    13.01.2021 17:32:47
  • Technologies:
Full Report Management Report IOC Report Engine Info Verdict Score Reports
New

System: Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211

malicious
64/100

malicious

malicious

IPs

IP Country Detection
108.177.119.132
United States
5.188.108.191
Luxembourg
52.201.120.251
United States
Click to see the 2 hidden entries
104.24.105.39
United States
104.24.104.39
United States

Domains

Name IP Detection
app.8b.io
104.24.105.39
r.8b.io
104.24.104.39
proxy-8b-io-1762796164.us-east-1.elb.amazonaws.com
52.201.120.251
Click to see the 4 hidden entries
cdn-content.ampproject.org
108.177.119.132
boawd.com
5.188.108.191
217181.8b.io
0.0.0.0
cdn.ampproject.org
0.0.0.0

URLs

Name Detection
https://217181.8b.io/
https://boawd.com/cgi-inc/new/s/?signin=d41d8cd98f00b204e9800998ecf8427e&auth=875dea8150642da2c39cd31a7e0474fda47bea7f8b87125553305f0662243590ed7af3d6
https://app.8b.io/app/themes/webamp/projects/agency/assets/images/logo.pngn
Click to see the 23 hidden entries
https://217181.8b.io/L
https://3p.ampproject.net
https://log.amp.dev/?v=012012301722000&id=
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
https://github.com/ampproject/amphtml/blob/master/spec/amp-iframe-origin-policy.md
https://boawd.com/cgi-L
https://cdn.ampproject.org/v0.js
https://cdn.ampproject.org
https://r.8b.io/217181/images/background5-h_kjv9je6u.jpg
https://mths.be/cssescape
https://boawd.com/cgi-inc/new/
https://us-central1-amp-error-reporting.cloudfunctions.net/r
https://boawd.com/cgi-
https://boawd.com/cgi-inc/new
https://8b.com
https://app.8b.io/app/themes/webamp/projects/agency/assets/images/logo.png
https://amp.dev/documentation/guides-and-tutorials/develop/style_and_layout/control_layout
https://217181.8b.io/
https://boawd.com/cgi-inc/new/s/?signin=d41d8cd98f00b204e9800998ecf8427e&auth=875dea8150642da2c39cd3
http://github.com/janl/mustache.js
https://217181.8b.io/Root
https://cdn.ampproject.org/v0/amp-mustache-0.2.js
https://us-central1-amp-error-reporting.cloudfunctions.net/r-beta

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\s[1].htm
HTML document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\DDT7UALL\217181.8b[1].xml
ASCII text, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{F464A1C8-5607-11EB-90E4-ECF4BB862DED}.dat
Microsoft Word Document
#
Click to see the 22 hidden entries
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{F464A1CA-5607-11EB-90E4-ECF4BB862DED}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{F464A1CB-5607-11EB-90E4-ECF4BB862DED}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\ynfz0jx\imagestore.dat
data
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\amp-auto-lightbox-0.1[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\background5-h_kjv9je6u[1].jpg
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1446x1414, frames 3
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\css[1].css
ASCII text
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\amp-intersection-observer-polyfill-0.1[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\logo[1].png
PNG image data, 150 x 150, 8-bit colormap, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\pdf[1].png
PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\amp-analytics-0.1[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\new[1].htm
HTML document, ASCII text
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\v0[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\AEU170SU.htm
HTML document, UTF-8 Unicode text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\amp-loader-0.1[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\amp-mustache-0.2[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\css[1].css
ASCII text
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\css[2].css
ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\logo[1].png
PNG image data, 226 x 48, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Temp\datE097.tmp
Web Open Font Format, TrueType, length 2532, version 2.24904
#
C:\Users\user\AppData\Local\Temp\~DF7A56E4C66E2E6546.TMP
data
#
C:\Users\user\AppData\Local\Temp\~DFB84486B6B75C1FAC.TMP
data
#
C:\Users\user\AppData\Local\Temp\~DFE8C735A3CF508A06.TMP
data
#