download: | index.html |
Full analysis: | https://app.any.run/tasks/7c97695b-a49b-4b40-8302-e0504629f684 |
Verdict: | Malicious activity |
Analysis date: | July 11, 2019, 12:59:27 |
OS: | Windows 7 Professional Service Pack 1 (build: 7601, 32 bit) |
Indicators: | |
MIME: | text/html |
File info: | HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators |
MD5: | E5808FD7F8E8C3BF08009E9D7D5AF6A7 |
SHA1: | 730C65EB1B5B6A177C7E99441E2006B27620A3CA |
SHA256: | 21FF6CA3191AD68E3CDEF5A37C7C80FC8626901D303C6453CE58247D261DD206 |
SSDEEP: | 1536:RmatWOMTe1Z4g5RcxoIt7KBG9LVK/RWQF0mCVk+Wd+zfDIl5lYlSdRwbcjp1UiEz:Mat4asg5RcxoI3NQ8 |
.htm/html | | | HyperText Markup Language with DOCTYPE (80.6) |
---|---|---|
.html | | | HyperText Markup Language (19.3) |
msapplicationTileImage: | https://www.monstersandcritics.com/wp-content/uploads/2019/05/cropped-monsters-critics-favicon-270x270.png |
---|---|
googleSiteVerification: | W0V7_Td7mscUYxsJwzRBhIxHF4JB2PnzdGVKDImP54o |
pDomain_verify: | 9abcc0658f1dd4ad8d86a2c33eba0388 |
yandexVerification: | 6815810b2d0860d5 |
msvalidate01: | FC5F72F19A1E2E2C7CBE2DD4BE5D8177 |
Description: | Entertainment news — TV, celebrity, anime, soap operas, true crime, movies, sport, music and more. Visit Monsters and Critics for all the latest! |
Title: | Monsters and Critics - Entertainment news |
viewport: | width=device-width, initial-scale=1 |
PID | CMD | Path | Indicators | Parent process |
---|---|---|---|---|
3220 | "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\admin\AppData\Local\Temp\index.html | C:\Program Files\Internet Explorer\iexplore.exe | explorer.exe | |
User: admin Company: Microsoft Corporation Integrity Level: MEDIUM Description: Internet Explorer Version: 8.00.7600.16385 (win7_rtm.090713-1255) | ||||
3640 | "C:\Program Files\Internet Explorer\iexplore.exe" SCODEF:3220 CREDAT:79873 | C:\Program Files\Internet Explorer\iexplore.exe | iexplore.exe | |
User: admin Company: Microsoft Corporation Integrity Level: MEDIUM Description: Internet Explorer Version: 8.00.7600.16385 (win7_rtm.090713-1255) |
PID | Process | Filename | Type | |
---|---|---|---|---|
3220 | iexplore.exe | C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JGRR2OYX\favicon[1].ico | — | |
MD5:— | SHA256:— | |||
3220 | iexplore.exe | C:\Users\admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico | — | |
MD5:— | SHA256:— | |||
3640 | iexplore.exe | C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LH043OAM\The-Flash-Killer-Frost-500x280[1].jpg | image | |
MD5:D6C14203EBB0E71B4D6FE302B83E7F0C | SHA256:342211CB350AFEF63B0CB5BE107D5962D1557E7422E66DB7C94EF6BC7CE1AB2A | |||
3640 | iexplore.exe | C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LH043OAM\Jack-And-Analyse-On-BB21-500x280[1].jpg | image | |
MD5:8B3C9FC00B6D11A589821C63C51E9BA8 | SHA256:4DB4C0FFAF2FC1779F01C71DA807C5CD5D37BC7908B2C1B84FB602083575CDFC | |||
3640 | iexplore.exe | C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LH043OAM\style[1].css | text | |
MD5:5C74F607A2DC59FA17751484BE46FA23 | SHA256:EAE99A45FBB7145ECD74293033610AFFA49CACDB7E75D2CC6BFDA0C98DBF85E7 | |||
3640 | iexplore.exe | C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LH043OAM\Angela-And-Tyler-On-BB20-1000x562[1].jpg | image | |
MD5:A092E3C6F9B6FAB2EF9D8E124A704967 | SHA256:0CE743EABC31A1864598EDED69781AADFF228E5F7A35CBA28BD411F03D5268E9 | |||
3640 | iexplore.exe | C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LH043OAM\saswp-style[1].css | text | |
MD5:E222A88D73A0FDC591275F481B0F690A | SHA256:D969F26EFFA83C8DD142A2DC99BC87431FEB50C571BF6C080EC66062508D0038 | |||
3640 | iexplore.exe | C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LH043OAM\Tyler-Crispen-On-BB20-500x280[1].jpg | image | |
MD5:9939031920A86F7B062B7DD7DA01AEF1 | SHA256:98C8DDF98FFC7246D2DB2DA2CD0CAF5944790DE80241E8FBF5943F64C3155578 | |||
3640 | iexplore.exe | C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I0488CJO\Jill-YR-500x280[1].jpg | image | |
MD5:97F786E12255376C2AE1D555EBDA7199 | SHA256:7414B8210E37102713767FCF0F422B116D2F8B8BD79E1BCE684E0EA9C6F26672 | |||
3640 | iexplore.exe | C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I0488CJO\cv[1].css | text | |
MD5:81192634D2323AA8582B7B7EF4B1AE09 | SHA256:125627D7101989249074FAC34B64348E685B31E1D9E6551ADCAC929A592800B7 |
PID | Process | Method | HTTP Code | IP | URL | CN | Type | Size | Reputation |
---|---|---|---|---|---|---|---|---|---|
3220 | iexplore.exe | GET | 200 | 13.107.21.200:80 | http://www.bing.com/favicon.ico | US | image | 237 b | whitelisted |
PID | Process | IP | Domain | ASN | CN | Reputation |
---|---|---|---|---|---|---|
— | — | 151.139.128.10:137 | cdn.intergi.com | Highwinds Network Group, Inc. | US | malicious |
3640 | iexplore.exe | 151.139.237.11:443 | cdn.rawgit.com | netDNA | US | suspicious |
4 | System | 151.139.128.10:445 | cdn.intergi.com | Highwinds Network Group, Inc. | US | malicious |
3220 | iexplore.exe | 204.79.197.200:80 | www.bing.com | Microsoft Corporation | US | whitelisted |
3220 | iexplore.exe | 13.107.21.200:80 | www.bing.com | Microsoft Corporation | US | whitelisted |
3640 | iexplore.exe | 104.27.171.84:443 | www.monstersandcritics.com | Cloudflare Inc | US | shared |
3640 | iexplore.exe | 104.27.170.84:443 | www.monstersandcritics.com | Cloudflare Inc | US | shared |
Domain | IP | Reputation |
---|---|---|
cdn.rawgit.com |
| whitelisted |
www.monstersandcritics.com |
| suspicious |
cdn.intergi.com |
| whitelisted |
www.bing.com |
| whitelisted |