URL: | http://bitrix.company-dis.ru/pub/mail/click.php?tag=crm.eyJ1cm4iOiIxNjIzNTQtM0EwQ0lUIn0%3D&url=http%3A%2F%2Fsibneftegaz.company-dis.ru%2F&sign=d5dca7a290621196b1b4d9c2af12f3fb87b79f4435d66e67beddfa8e1a5db84d |
Full analysis: | https://app.any.run/tasks/ea0c0521-9b92-4aa9-a337-238fe1d97fff |
Verdict: | No threats detected |
Analysis date: | November 13, 2020, 10:10:56 |
OS: | Windows 7 Professional Service Pack 1 (build: 7601, 32 bit) |
Indicators: | |
MD5: | 46B88ED8F0650B330027DA9DB9780CC3 |
SHA1: | D65E818A472C5936F9F084A6EF1DC935AE9E493C |
SHA256: | 98C66FDE963B4B096544C4050AD0F1D93D9D8A74BBE396E3F67327504681FA32 |
SSDEEP: | 6:CcP4uJTGOLV8GsYAZh8URHszmSB4w8U8AOSycDRT2o:JP1JTGOdsYAZhrsaSKodycZP |
PID | CMD | Path | Indicators | Parent process |
---|---|---|---|---|
2660 | "C:\Program Files\Internet Explorer\iexplore.exe" "http://bitrix.company-dis.ru/pub/mail/click.php?tag=crm.eyJ1cm4iOiIxNjIzNTQtM0EwQ0lUIn0%3D&url=http%3A%2F%2Fsibneftegaz.company-dis.ru%2F&sign=d5dca7a290621196b1b4d9c2af12f3fb87b79f4435d66e67beddfa8e1a5db84d" | C:\Program Files\Internet Explorer\iexplore.exe | explorer.exe | |
User: admin Company: Microsoft Corporation Integrity Level: MEDIUM Description: Internet Explorer Version: 11.00.9600.16428 (winblue_gdr.131013-1700) | ||||
2124 | "C:\Program Files\Internet Explorer\iexplore.exe" SCODEF:2660 CREDAT:267521 /prefetch:2 | C:\Program Files\Internet Explorer\iexplore.exe | iexplore.exe | |
User: admin Company: Microsoft Corporation Integrity Level: LOW Description: Internet Explorer Version: 11.00.9600.16428 (winblue_gdr.131013-1700) |
PID | Process | Filename | Type | |
---|---|---|---|---|
2124 | iexplore.exe | C:\Users\admin\AppData\Local\Temp\Low\CabBB1A.tmp | — | |
MD5:— | SHA256:— | |||
2124 | iexplore.exe | C:\Users\admin\AppData\Local\Temp\Low\TarBB1B.tmp | — | |
MD5:— | SHA256:— | |||
2124 | iexplore.exe | C:\Users\admin\AppData\Roaming\Microsoft\Windows\Cookies\Low\6FPV8ZFZ.txt | — | |
MD5:— | SHA256:— | |||
2660 | iexplore.exe | C:\Users\admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico | — | |
MD5:— | SHA256:— | |||
2124 | iexplore.exe | C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5IWPIAR9\getServicePhoto[1].png | image | |
MD5:652D911DC455A1400A902BBC250B02CD | SHA256:5843BAE9BF6DE0417F25A65A4F24FEDEC2E33E6D9A0569755B500341AA03753D | |||
2124 | iexplore.exe | C:\Users\admin\AppData\Roaming\Microsoft\Windows\Cookies\Low\3PKAMIE1.txt | text | |
MD5:F69BC5F2541834BF4A9E4C2E6558CA81 | SHA256:CA15FA4AD0E0EF356E481AE976F26FA2A62CF39E56743547B4B602B404E5C2DA | |||
2124 | iexplore.exe | C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DY534W2X\EQEP4UQ0.htm | html | |
MD5:661E1E9A600D58E05B88FD3A1451B4F6 | SHA256:3702520554D07079DCB00E6D59C91179724851790116467E4B46E0BDE12A2A55 | |||
2124 | iexplore.exe | C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E49827401028F7A0F97B5576C77A26CB_7CE95D8DCA26FE957E7BD7D76F353B08 | der | |
MD5:A69FBA04D9B13E82FB772D1B38B6054A | SHA256:733D04F9D9E1FDF85914F097CCA3F8BFB3926C38A7CCF69E7C74D887ABBC64FF | |||
2124 | iexplore.exe | C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E49827401028F7A0F97B5576C77A26CB_7CE95D8DCA26FE957E7BD7D76F353B08 | binary | |
MD5:902B9844C62FD27F8E15361FFEDD5AC7 | SHA256:0A9BBFEBFB48C7E8C48A0A00012B6EA92FDC7ED74DD1F17A13D3BDFC9EA0088F | |||
2124 | iexplore.exe | C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\79536FE52AF7031889AE09FD5528EB08 | binary | |
MD5:FCCEE3C684476F6D19AD560DA3778511 | SHA256:DB4DA1781BF4E50A0F6C501B0808119E2402B1036846319E9CF8D70FA432D8B3 |
PID | Process | Method | HTTP Code | IP | URL | CN | Type | Size | Reputation |
---|---|---|---|---|---|---|---|---|---|
2124 | iexplore.exe | GET | 200 | 91.221.70.195:80 | http://sibneftegaz.company-dis.ru/getServicePhoto?path=logo_dis.png | RU | image | 6.22 Kb | unknown |
2124 | iexplore.exe | GET | 200 | 2.16.186.11:80 | http://ocsp.int-x3.letsencrypt.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBR%2B5mrncpqz%2FPiiIGRsFqEtYHEIXQQUqEpqYwR93brm0Tm3pkVl7%2FOo7KECEgTufp6JPhMvBH%2FPmy7q6EO%2FxQ%3D%3D | unknown | der | 527 b | whitelisted |
2124 | iexplore.exe | GET | 200 | 91.221.70.195:80 | http://sibneftegaz.company-dis.ru/js/jquery-1.4.2.min.js | RU | text | 70.4 Kb | unknown |
2124 | iexplore.exe | GET | 200 | 2.16.186.35:80 | http://isrg.trustid.ocsp.identrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRv9GhNQxLSSGKBnMArPUcsHYovpgQUxKexpHsscfrb4UuQdf%2FEFWCFiRACEAoBQUIAAAFThXNqC4Xspwg%3D | unknown | der | 1.36 Kb | whitelisted |
2124 | iexplore.exe | GET | 200 | 91.221.70.195:80 | http://sibneftegaz.company-dis.ru/images/icon_help.png | RU | image | 3.00 Kb | unknown |
2124 | iexplore.exe | GET | 200 | 91.221.70.195:80 | http://sibneftegaz.company-dis.ru/ | RU | html | 14.1 Kb | unknown |
2660 | iexplore.exe | GET | 200 | 93.184.220.29:80 | http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom%2FnYB45SPUEwQU5Z1ZMIJHWMys%2BghUNoZ7OrUETfACEA8sEMlbBsCTf7jUSfg%2BhWk%3D | US | der | 1.47 Kb | whitelisted |
2124 | iexplore.exe | GET | 200 | 91.221.70.195:80 | http://sibneftegaz.company-dis.ru/images/icon_kassist.png | RU | image | 3.20 Kb | unknown |
2660 | iexplore.exe | GET | 200 | 204.79.197.200:80 | http://www.bing.com/favicon.ico | US | image | 237 b | whitelisted |
2124 | iexplore.exe | GET | 307 | 91.221.70.195:80 | http://sibneftegaz.company-dis.ru/~checkCookieAvailability?rnd=2857953434&backurl=%2F | RU | binary | 20 b | unknown |
PID | Process | IP | Domain | ASN | CN | Reputation |
---|---|---|---|---|---|---|
— | — | 2.16.186.35:80 | isrg.trustid.ocsp.identrust.com | Akamai International B.V. | — | whitelisted |
2124 | iexplore.exe | 91.221.70.209:80 | bitrix.company-dis.ru | The Center of Dedicated Servers LLC | RU | unknown |
2660 | iexplore.exe | 204.79.197.200:80 | www.bing.com | Microsoft Corporation | US | whitelisted |
— | — | 2.16.186.11:80 | isrg.trustid.ocsp.identrust.com | Akamai International B.V. | — | whitelisted |
2124 | iexplore.exe | 91.221.70.209:443 | bitrix.company-dis.ru | The Center of Dedicated Servers LLC | RU | unknown |
2124 | iexplore.exe | 91.221.70.195:80 | sibneftegaz.company-dis.ru | The Center of Dedicated Servers LLC | RU | unknown |
2660 | iexplore.exe | 91.221.70.195:80 | sibneftegaz.company-dis.ru | The Center of Dedicated Servers LLC | RU | unknown |
2660 | iexplore.exe | 152.199.19.161:443 | iecvlist.microsoft.com | MCI Communications Services, Inc. d/b/a Verizon Business | US | whitelisted |
2660 | iexplore.exe | 93.184.220.29:80 | ocsp.digicert.com | MCI Communications Services, Inc. d/b/a Verizon Business | US | whitelisted |
Domain | IP | Reputation |
---|---|---|
bitrix.company-dis.ru |
| unknown |
isrg.trustid.ocsp.identrust.com |
| whitelisted |
api.bing.com |
| whitelisted |
www.bing.com |
| whitelisted |
ocsp.int-x3.letsencrypt.org |
| whitelisted |
sibneftegaz.company-dis.ru |
| unknown |
iecvlist.microsoft.com |
| whitelisted |
r20swj13mr.microsoft.com |
| whitelisted |
ocsp.digicert.com |
| whitelisted |