flash

https://abundant-chivalrous-hedgehog.glitch.me/

Status: finished
Submission Time: 22.02.2021 16:30:55
Malicious
Phishing
HTMLPhisher

Comments

Tags

Details

  • Analysis ID:
    356142
  • API (Web) ID:
    614263
  • Analysis Started:
    22.02.2021 16:30:55
  • Analysis Finished:
    22.02.2021 16:34:00
  • Technologies:
Full Report Management Report IOC Report Engine Info Verdict Score Reports
New

System: Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211

malicious
56/100

malicious

IPs

IP Country Detection
52.22.118.126
United States
104.16.18.94
United States

Domains

Name IP Detection
cdnjs.cloudflare.com
104.16.18.94
abundant-chivalrous-hedgehog.glitch.me
52.22.118.126
stackpath.bootstrapcdn.com
0.0.0.0
Click to see the 4 hidden entries
ka-f.fontawesome.com
0.0.0.0
code.jquery.com
0.0.0.0
kit.fontawesome.com
0.0.0.0
maxcdn.bootstrapcdn.com
0.0.0.0

URLs

Name Detection
https://fontawesome.com
https://kit.fontawesome.com
https://github.com/twbs/bootstrap/graphs/contributors)
Click to see the 20 hidden entries
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
https://getbootstrap.com)
https://abundant-chivalrous-hedgehog.glitch.me/
https://ka-f.fontawesome.com
https://abundant-chivalrous-hedgehog.glitch.me/
https://code.jquery.com/jquery-3.2.1.slim.min.js
https://code.jquery.com/jquery-3.1.1.min.js
http://getbootstrap.com)
https://github.com/twbs/bootstrap/blob/master/LICENSE)
https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
https://valvulasthermovalve.cl/wpxmp/index.php
http://opensource.org/licenses/MIT).
https://kit.fontawesome.com/585b051251.js
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
https://getbootstrap.com/)
https://fontawesome.comhttps://fontawesome.comFont
https://abundant-chivalrous-hedgehog.glitch.me/Root
https://code.jquery.com/jquery-3.3.1.js
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
https://fontawesome.com/license/free

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\3YFB622I.htm
HTML document, ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{7DA4CA44-756E-11EB-90E5-ECF4BB570DC9}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{7DA4CA46-756E-11EB-90E5-ECF4BB570DC9}.dat
Microsoft Word Document
#
Click to see the 16 hidden entries
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{7DA4CA47-756E-11EB-90E5-ECF4BB570DC9}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\bootstrap.min[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\css[1].css
ASCII text
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\bootstrap.min[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\free-v4-shims.min[1].css
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\free.min[1].css
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\jquery.min[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\jquery-3.1.1.min[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\jquery-3.2.1.slim.min[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\585b051251[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\free-fa-regular-400[1].eot
Embedded OpenType (EOT), Font Awesome 5 Free Regular family
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\free-fa-solid-900[1].eot
Embedded OpenType (EOT), Font Awesome 5 Free Solid family
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\popper.min[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Temp\~DFDD73DA9B157391E8.TMP
data
#
C:\Users\user\AppData\Local\Temp\~DFDFF883BFB1B0276F.TMP
data
#
C:\Users\user\AppData\Local\Temp\~DFEA48C588E0A2E738.TMP
data
#