flash

https://sparkasse.corona-umstellungsverfahren-de.com/ALC81OPACG

Status: finished
Submission Time: 24.06.2021 13:17:38
Malicious

Comments

Tags

Details

  • Analysis ID:
    439815
  • API (Web) ID:
    807404
  • Analysis Started:
    24.06.2021 13:17:39
  • Analysis Finished:
    24.06.2021 13:23:28
  • Technologies:
Full Report Management Report IOC Report Engine Info Verdict Score Reports

System: Virtual Machine, High Sierra (Office 2016 v16.16, Java 11.0.2+9, Adobe Reader 2019.010.20099)

malicious
48/100

malicious
8/88

IPs

IP Country Detection
47.243.138.168
United States
185.33.221.90
Netherlands
107.178.244.119
United States
Click to see the 10 hidden entries
13.248.242.197
United States
17.253.55.204
United States
17.248.145.74
United States
104.76.200.212
United States
85.13.148.189
Germany
172.217.16.102
United States
142.250.27.154
United States
17.171.27.65
United States
35.186.195.233
United States
172.217.20.2
United States

Domains

Name IP Detection
sparkasse.corona-umstellungsverfahren-de.com
47.243.138.168
dart.l.doubleclick.net
172.217.16.102
pagead46.l.doubleclick.net
142.250.181.226
Click to see the 20 hidden entries
static.rheinturm.de
85.13.148.189
stats.l.doubleclick.net
142.250.27.154
gateway.fe.apple-dns.net
17.248.145.74
a97adde81b00f2ca4.awsglobalaccelerator.com
13.248.242.197
cm.g.doubleclick.net
172.217.20.2
pixelglobal.sojern.com
107.178.244.119
ib.anycast.adnxs.com
185.33.221.90
kubernetes-loadbalancer.triptease.io
35.186.195.233
static.triptease.io
0.0.0.0
pixel.sojern.com
0.0.0.0
ad.doubleclick.net
0.0.0.0
onboard.triptease.io
0.0.0.0
adservice.google.de
0.0.0.0
stats.g.doubleclick.net
0.0.0.0
beacon.sojern.com
0.0.0.0
x1.c.lencr.org
0.0.0.0
api.triptease.io
0.0.0.0
ib.adnxs.com
0.0.0.0
r3.o.lencr.org
0.0.0.0
match.adsrvr.org
0.0.0.0

URLs

Name Detection
https://sparkasse.corona-umstellungsverfahren-de.com/ALC81OPACG

Dropped files

Name File Type Hashes Detection
/Users/berri/Library/Safari/.dat.nosync0210.8kfcUv
Apple binary property list
#
/Users/berri/Library/Safari/.dat.nosync0210.bKXvUw
XML 1.0 document, ASCII text
#
/Users/berri/Library/Safari/Favicon Cache/favicons/.dat.nosync0210.t7NkvP
MS Windows icon resource - 6 icons, 256x256 withPNG image data, 256 x 256, 8-bit/color RGB, non-interlaced, 32 bits/pixel, 128x128, 32 bits/pixel
#
Click to see the 4 hidden entries
/dev/null
ASCII text
#
/private/var/folders/ql/8wfqxrtx52n95h35b6cz4nyw0000gn/0/SafariFamily/Safari/.dat.nosync0210.Is8mxg
Apple binary property list
#
/private/var/folders/ql/8wfqxrtx52n95h35b6cz4nyw0000gn/C/mds/mdsDirectory.db_
Mac OS X Keychain File
#
/private/var/folders/ql/8wfqxrtx52n95h35b6cz4nyw0000gn/C/mds/mdsObject.db_
Mac OS X Keychain File
#