flash

https://docs.google.com/document/d/e/2PACX-1vRAHP7hrvpDz9KQUwv-UGYQwMoqaq4CogO-Ounm_Bj43rDT7FbutuHOxu--J36ilf9tiDQdTEuajLGO/pub

Status: finished
Submission Time: 11.06.2021 07:40:30
Malicious
Phishing
HTMLPhisher

Comments

Tags

Details

  • Analysis ID:
    433028
  • API (Web) ID:
    800637
  • Analysis Started:
    11.06.2021 07:40:31
  • Analysis Finished:
    11.06.2021 07:43:52
  • Technologies:
Full Report Management Report IOC Report Engine Info Verdict Score Reports

System: Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211

malicious
56/100

malicious

IPs

IP Country Detection
142.250.180.225
United States
104.21.79.236
United States

Domains

Name IP Detection
googlehosted.l.googleusercontent.com
142.250.180.225
funfid.com
104.21.79.236
lh4.googleusercontent.com
0.0.0.0

URLs

Name Detection
https://funfid.com/.ae/en/NV6588123/
https://funfid.com/.ae/en/NV6588123/files/favicon.png
https://funfid.com/.ae/en/NV6588123/
Click to see the 11 hidden entries
https://funfid.com/.ae/en/NV6588123/FPayTabs
https://funfid.com/.ae/en/NV6588123/unfid.com/.ae/en/&sa=D&source=editors&ust=1623393681163000&usg=A
https://funfid.com/.ae
https://funfid.com/.ae/en/&sa=D&source=editors&ust=1623393681163000&usg=AOvVaw1EVQHT19sUbqCGwqho_dPr
http://getbootstrap.com)
https://github.com/twbs/bootstrap/blob/master/LICENSE)
https://mci.gov.sa/
https://github.com/h5bp/html5-boilerplate/blob/master/src/css/main.css
https://funfid.com/.ae/en/
https://www.paytabs.com/terms_conditions
https://funfid.com/.ae/en/&sa=D&source=editors&ust=1623393681163000&usg=AOvVaw1EVQHT19sUbRoot

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\NV6588123[1].htm
HTML document, UTF-8 Unicode text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{A4953543-CA77-11EB-90EB-ECF4BBEA1588}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{A4953545-CA77-11EB-90EB-ECF4BBEA1588}.dat
Microsoft Word Document
#
Click to see the 32 hidden entries
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{A4953546-CA77-11EB-90EB-ECF4BBEA1588}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\gee00pr\imagestore.dat
data
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\4UaGrENHsxJlGDuGo1OIlL3Owpg[1].woff
Web Open Font Format, TrueType, length 26228, version 1.1
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\favicon[1].ico
MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\loading_payment[1].gif
GIF image data, version 89a, 220 x 19
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\opensans[1].css
ASCII text
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\p1[1].png
PNG image data, 50 x 32, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\pub[1].htm
HTML document, UTF-8 Unicode text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\sadad-en-2016[1].png
PNG image data, 179 x 64, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\62617_1589791686[1].jpg
[TIFF image data, big-endian, direntries=4], baseline, precision 8, 825x465, frames 3
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\bootstrap[1].css
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\cards[1].png
PNG image data, 79 x 16, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\css[1].css
ASCII text
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\custom[1].css
assembler source, ASCII text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\express-checkout[1].png
PNG image data, 85 x 34, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\kix-favicon7[1].ico
MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\emirates-post-group-1200px-logo[1].jpg
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1200x250, frames 3
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\favicon[1].png
PNG image data, 42 x 43, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\logo[1].png
PNG image data, 123 x 33, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\master-card-icon[1].png
PNG image data, 36 x 21, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\rotate-device[1].png
PNG image data, 161 x 179, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\style[1].css
assembler source, ASCII text
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\url[1].htm
HTML document, ASCII text, with CRLF, LF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\KFOmCnqEu92Fr1Mu4mxM[1].woff
Web Open Font Format, TrueType, length 20332, version 1.1
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\credit-cards[1].png
PNG image data, 112 x 21, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\css[1].css
ASCII text
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\p2[1].png
PNG image data, 48 x 33, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\p3[1].png
PNG image data, 27 x 41, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\visa-icon[1].png
PNG image data, 58 x 18, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Temp\~DF1E12EB6036C3D8D3.TMP
data
#
C:\Users\user\AppData\Local\Temp\~DF6D99441CB1FA02B4.TMP
data
#
C:\Users\user\AppData\Local\Temp\~DFA5F3CD9D61D5BB31.TMP
data
#