flash

https://securepay.mysellful.com/

Status: finished
Submission Time: 07.04.2021 22:15:35
Malicious
Phishing
HTMLPhisher

Comments

Tags

Details

  • Analysis ID:
    383544
  • API (Web) ID:
    669239
  • Analysis Started:
    07.04.2021 22:21:36
  • Analysis Finished:
    07.04.2021 22:26:49
  • Technologies:
Full Report Management Report IOC Report Engine Info Verdict Score Reports

System: Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211

malicious
64/100

malicious

IPs

IP Country Detection
104.26.12.213
United States
104.26.11.161
United States
162.246.16.250
United States
Click to see the 2 hidden entries
74.125.143.156
United States
104.26.13.213
United States

Domains

Name IP Detection
stateless.sellful.com
104.26.12.213
stats.l.doubleclick.net
74.125.143.156
atendiendochagas.mundosano.org
162.246.16.250
Click to see the 4 hidden entries
www.google.ch
216.58.215.227
cdn1.sellful.com
104.26.13.213
securepay.mysellful.com
104.26.11.161
stats.g.doubleclick.net
0.0.0.0

URLs

Name Detection
https://atendiendochagas.mundosano.org/kcontrol-inti/continue/new/s/?signin=d41d8cd98f00b204e9800998ecf8427e&auth=eb74f312212be18a263f555439392ab2f19be7815afbdfc1069c245ec67f3c3c7067c33f
https://securepay.mysellful.com/
https://atendiendochagas.mundosano.org//kcontrol-inti/continue/newRoot
Click to see the 28 hidden entries
http://jquery.org/license
http://swiperjs.com
https://twitter.com/intent/tweet?text=
https://atendiendochagas.mundosano.org//kcontrol-inti/continue/new
https://securepay.mysellful.com/b
https://github.com/antoinevastel/picasso-like-canvas-fingerprinting
http://jqueryui.com
http://api.jqueryui.com/position/
https://atendiendochagas.mundosano.org/kcontrol-inti/continue/new/
https://securepay.mysellful.com/
https://cdn1.sellful.com/wp-content/cache/busting/google-tracking/ga-0a4e309b5f2d7439b4f8876b19f37fc
https://www.youtube.com/embed/ID?autoplay=1
https://elementor.com/hello-theme/?utm_source=wp-themes&utm_campaign=theme-uri&utm_medium=wp-dash
https://cct.google/taggy/agent.js
https://github.com/kobizz/dialogs-manager/blob/master/LICENSE.txt
https://cdn1.sellful.com/wp-content/plugins/wp-rocket/assets/js/lazyload/11.0.6/lazyload.min.js
https://fontawesome.com/license/free
https://fontawesome.com
https://www.gnu.org/licenses/gpl-3.0.html
https://atendiendochagas.mundosano.org//kcontrol-inti/continue/newas.mundosano.org/kcontrol-inti/con
https://www.google.%/ads/ga-audiences
https://atendiendochagllful.com/b
https://atendiendochagas.mundosano.org/kcontrol-inti/continue/new/s/?signin=d41d8cd98f00b204e9800998
https://i.ytimg.com/vi/ID/hqdefault.jpg
https://stats.g.doubleclick.net/j/collect
https://securepay.mysellful.com/Root
https://elementor.com/?utm_source=wp-themes&utm_campaign=author-uri&utm_medium=wp-dash
https://www.pinterest.com/pin/create/button/?url=

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\s[1].htm
HTML document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\s[2].htm
HTML document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{67FCA27F-982A-11EB-90E6-ECF4BB82F7E0}.dat
Microsoft Word Document
#
Click to see the 55 hidden entries
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{67FCA281-982A-11EB-90E6-ECF4BB82F7E0}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{70535A4C-982A-11EB-90E6-ECF4BB82F7E0}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{70535A4D-982A-11EB-90E6-ECF4BB82F7E0}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\css[1].css
ASCII text
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\css[2].css
ASCII text
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\dialog.min-4.8.1[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\frontend-modules.min-3.1.1[1].js
UTF-8 Unicode text, with very long lines, with LF, NEL line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\frontend.min-3.1.1[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\gtm-479609c18ecd923ecdd3ed096cb1cd91[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\jet-blocks.min-1.2.4[1].js
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\jet-elements.min-2.5.5[1].js
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\pdf[1].png
PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\preloaded-elements-handlers.min-3.1.1[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\swiper.min-5.3.6[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\wu-visit-counter.min[1].js
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\KFOiCnqEu92Fr1Mu51QrEzAdKQ[1].woff
Web Open Font Format, TrueType, length 21776, version 1.1
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\KFOjCnqEu92Fr1Mu51TLBCc6CsI[1].woff
Web Open Font Format, TrueType, length 22360, version 1.1
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\KFOjCnqEu92Fr1Mu51TzBic6CsI[1].woff
Web Open Font Format, TrueType, length 21656, version 1.1
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\KFOkCnqEu92Fr1MmgVxIIzQ[1].woff
Web Open Font Format, TrueType, length 20424, version 1.1
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\api[1].js
UTF-8 Unicode text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\css[1].css
ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\ga-0a4e309b5f2d7439b4f8876b19f37fc7[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\jet-blog.min-2.2.9[1].js
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\lazyload.min[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\logo[1].png
PNG image data, 226 x 48, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\share-link.min-3.1.1[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\MC8R5KA7.htm
HTML document, ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\admin-ajax[1].htm
very short file (no magic)
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\c6561660-new-remittance-785x800[1].png
PNG image data, 785 x 800, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\ccaf1bb7df93920b7090e89ad7f87719[1].css
UTF-8 Unicode text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\frontend.min-3.0.5[1].js
UTF-8 Unicode text, with very long lines, with LF, NEL line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\jet-tricks-frontend-1.2.12[1].js
ASCII text
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\jquery-1.12.4-wp[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\jquery-migrate.min-1.4.1[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\new[1].htm
HTML document, ASCII text
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\v4-shims.min-3.1.1[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\webpack.runtime.min-3.1.1[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\KFOjCnqEu92Fr1Mu51S7ACc6CsI[1].woff
Web Open Font Format, TrueType, length 22080, version 1.1
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\KFOjCnqEu92Fr1Mu51TjASc6CsI[1].woff
Web Open Font Format, TrueType, length 22280, version 1.1
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\KFOkCnqEu92Fr1Mu51xIIzQ[1].woff
Web Open Font Format, TrueType, length 22036, version 1.1
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\KFOlCnqEu92Fr1MmEU9fBBc-[1].woff
Web Open Font Format, TrueType, length 20532, version 1.1
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\KFOlCnqEu92Fr1MmSU5fBBc-[1].woff
Web Open Font Format, TrueType, length 20404, version 1.1
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\KFOlCnqEu92Fr1MmWUlfBBc-[1].woff
Web Open Font Format, TrueType, length 20396, version 1.1
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\KFOlCnqEu92Fr1MmYUtfBBc-[1].woff
Web Open Font Format, TrueType, length 20412, version 1.1
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\KFOmCnqEu92Fr1Mu4mxM[1].woff
Web Open Font Format, TrueType, length 20332, version 1.1
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\jet-tabs-frontend.min-1.1.7[1].js
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\jquery.sticky.min-3.0.5[1].js
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\position.min-1.11.4[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\waypoints.min-4.0.2[1].js
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Temp\dat3A40.tmp
Web Open Font Format, TrueType, length 2532, version 2.24904
#
C:\Users\user\AppData\Local\Temp\datF3B1.tmp
Web Open Font Format, TrueType, length 2532, version 2.24904
#
C:\Users\user\AppData\Local\Temp\~DF0A2A2977AA5B8124.TMP
data
#
C:\Users\user\AppData\Local\Temp\~DF7A51840F262B8417.TMP
data
#
C:\Users\user\AppData\Local\Temp\~DF827A3CCA513061E4.TMP
data
#
C:\Users\user\AppData\Local\Temp\~DFDB692E0DABAF91D0.TMP
data
#