download: | coupons |
Full analysis: | https://app.any.run/tasks/a1bb4340-9a57-4f6c-a85c-0ba67c4712fb |
Verdict: | Malicious activity |
Analysis date: | January 18, 2020, 02:07:10 |
OS: | Windows 7 Professional Service Pack 1 (build: 7601, 32 bit) |
Indicators: | |
MIME: | text/html |
File info: | HTML document, ASCII text, with very long lines |
MD5: | F52754B499D4F3984CA9ECC615158261 |
SHA1: | 5334A76D5066D5226F5A3185304DB95B6596CE3E |
SHA256: | 43C26C604AAD35E49E9FA8C4FCDD54F96E4DF49970BF2D1D95E354EEC3EC5F4A |
SSDEEP: | 3072:K1KFMRp2bTY6+/HNGbsxU47QjONEq5R5GHIP5dxIMPR:WKFMRp2bTY6+/HNGbsxU47lNEq5R5GH2 |
.html | | | HyperText Markup Language (100) |
---|
HTTPEquivXUACompatible: | IE=edge,chrome=1,requiresActiveX=true |
---|---|
Title: | Printable Coupons, Grocery & Coupon Codes | Coupons.com |
Robots: | noodp |
Description: | Save money on hundreds of brands in store or online with Coupons.com. Find printable coupons for grocery and top brands. Get verified coupon codes daily. |
PID | CMD | Path | Indicators | Parent process |
---|---|---|---|---|
2108 | "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\admin\AppData\Local\Temp\coupons.html | C:\Program Files\Internet Explorer\iexplore.exe | explorer.exe | |
User: admin Company: Microsoft Corporation Integrity Level: MEDIUM Description: Internet Explorer Version: 8.00.7600.16385 (win7_rtm.090713-1255) | ||||
2412 | "C:\Program Files\Internet Explorer\iexplore.exe" SCODEF:2108 CREDAT:79873 | C:\Program Files\Internet Explorer\iexplore.exe | iexplore.exe | |
User: admin Company: Microsoft Corporation Integrity Level: MEDIUM Description: Internet Explorer Version: 8.00.7600.16385 (win7_rtm.090713-1255) |
PID | Process | Filename | Type | |
---|---|---|---|---|
2108 | iexplore.exe | C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LH043OAM\favicon[1].ico | — | |
MD5:— | SHA256:— | |||
2108 | iexplore.exe | C:\Users\admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico | — | |
MD5:— | SHA256:— | |||
2412 | iexplore.exe | C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LH043OAM\household[1].png | image | |
MD5:88974851C7478ADA1B62BB873EEA26FB | SHA256:D99262E002AD0993382AD9CDBE2AE0A538FE9C82C196B5B0D15F18A1047EBC22 | |||
2412 | iexplore.exe | C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LH043OAM\Healthcare[1].png | image | |
MD5:62C38CFBA9A905B6FFFB89579F614ADD | SHA256:3742E5A93EAA6DE8DFFD15B9DEEE688615E4AC3DB71722D1AE2701B40A0A1F68 | |||
2412 | iexplore.exe | C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H6QNMHE9\foods[1].png | image | |
MD5:DC75FD67AE305049C09EF22635C472DE | SHA256:4F0D977824B4A2476D164CE67989F8A6BF7FF195A464B0A43D28E695F475FA13 | |||
2412 | iexplore.exe | C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LH043OAM\baby[1].png | image | |
MD5:844DC495DA34B693EDDC13BAA8972A06 | SHA256:54AC40542C66B54D018392CD40871384B381B86971E04A17FA0927CDA5352E4B | |||
2412 | iexplore.exe | C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I0488CJO\personal_care[1].png | image | |
MD5:B74C9C6FA0C258F72A610511BE0E471A | SHA256:36F8DDE86D0339E283EF985F642E52EB970B040839896312F62FC7D75A0601BB | |||
2412 | iexplore.exe | C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JGRR2OYX\beverages[1].png | image | |
MD5:6187062EDE57132E1EB7755D0A94077B | SHA256:818F2BBE23BC32E857CAFA899A8622FB2144DBC20959C9293065860371EF76D6 | |||
2108 | iexplore.exe | C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I0488CJO\favicon[1].png | image | |
MD5:9FB559A691078558E77D6848202F6541 | SHA256:6D8A01DC7647BC218D003B58FE04049E24A9359900B7E0CEBAE76EDF85B8B914 | |||
2412 | iexplore.exe | C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I0488CJO\ns[1].html | html | |
MD5:503957084B1A48219ECF52A5B81CA4CD | SHA256:1508490E2A7F3949D866CE8F032895224C55A02EB24F9ADA50C7CB79A4C887C8 |
PID | Process | Method | HTTP Code | IP | URL | CN | Type | Size | Reputation |
---|---|---|---|---|---|---|---|---|---|
2108 | iexplore.exe | GET | 200 | 204.79.197.200:80 | http://www.bing.com/favicon.ico | US | image | 237 b | whitelisted |
PID | Process | IP | Domain | ASN | CN | Reputation |
---|---|---|---|---|---|---|
2108 | iexplore.exe | 204.79.197.200:80 | www.bing.com | Microsoft Corporation | US | whitelisted |
— | — | 2.19.35.64:137 | cdn.cpnscdn.com | Akamai International B.V. | — | whitelisted |
4 | System | 104.111.231.89:445 | s.btstatic.com | Akamai International B.V. | NL | unknown |
2412 | iexplore.exe | 2.19.35.64:443 | cdn.cpnscdn.com | Akamai International B.V. | — | whitelisted |
4 | System | 2.19.35.64:445 | cdn.cpnscdn.com | Akamai International B.V. | — | whitelisted |
— | — | 184.31.87.106:137 | www.coupons.com | Akamai International B.V. | NL | whitelisted |
4 | System | 184.31.87.106:445 | www.coupons.com | Akamai International B.V. | NL | whitelisted |
— | — | 104.111.231.89:137 | s.btstatic.com | Akamai International B.V. | NL | unknown |
2412 | iexplore.exe | 172.217.18.168:443 | www.googletagmanager.com | Google Inc. | US | whitelisted |
Domain | IP | Reputation |
---|---|---|
cdn.cpnscdn.com |
| unknown |
www.bing.com |
| whitelisted |
www.googletagmanager.com |
| whitelisted |
www.coupons.com |
| whitelisted |
s.btstatic.com |
| whitelisted |