URL: | http://www.digitalcitizen.life |
Full analysis: | https://app.any.run/tasks/52d305f7-9d53-46e3-8167-f8fea57dd1b4 |
Verdict: | No threats detected |
Analysis date: | January 07, 2020, 01:49:44 |
OS: | Windows 7 Professional Service Pack 1 (build: 7601, 32 bit) |
Indicators: | |
MD5: | 4FEFA939EAE4D08639853F7065616734 |
SHA1: | CD37CE4BE7101BBB98AAA58A16B5CC885D92FC3C |
SHA256: | 9D983C373594D86E8BEEA0B9708CC52F23D47F1AC95117D680EC1039F1A4B222 |
SSDEEP: | 3:N1KJS4XxRfLuc:Cc4njuc |
PID | CMD | Path | Indicators | Parent process |
---|---|---|---|---|
2608 | "C:\Program Files\Internet Explorer\iexplore.exe" "http://www.digitalcitizen.life" | C:\Program Files\Internet Explorer\iexplore.exe | explorer.exe | |
User: admin Company: Microsoft Corporation Integrity Level: MEDIUM Description: Internet Explorer Version: 8.00.7600.16385 (win7_rtm.090713-1255) | ||||
3708 | "C:\Program Files\Internet Explorer\iexplore.exe" SCODEF:2608 CREDAT:71937 | C:\Program Files\Internet Explorer\iexplore.exe | iexplore.exe | |
User: admin Company: Microsoft Corporation Integrity Level: LOW Description: Internet Explorer Version: 8.00.7600.16385 (win7_rtm.090713-1255) |
PID | Process | Filename | Type | |
---|---|---|---|---|
2608 | iexplore.exe | C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LH043OAM\favicon[1].ico | — | |
MD5:— | SHA256:— | |||
2608 | iexplore.exe | C:\Users\admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico | — | |
MD5:— | SHA256:— | |||
3708 | iexplore.exe | C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\37I5VJRY\digitalcitizen_life[1].txt | — | |
MD5:— | SHA256:— | |||
3708 | iexplore.exe | C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\index.dat | dat | |
MD5:E13ED1600BDD13F01F447D6559203B81 | SHA256:2B85EC223765BB67EFBC472D6BFBD8599C3F1649963969E260ED7143A78D65A5 | |||
3708 | iexplore.exe | C:\Users\admin\AppData\Local\Microsoft\Windows\History\Low\History.IE5\index.dat | dat | |
MD5:C6ADD6AA89F4DD895A46C70EC124A4E1 | SHA256:B31D51546F095E32B32E29EE6EE1143697DC1EA3CEA9C795CF1E1DFBB38470F0 | |||
3708 | iexplore.exe | C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\37I5VJRY\expandable-tabs[1].css | text | |
MD5:85E2AF81BF48682C975CF8F5CC38DD4A | SHA256:7B44A838B4BA0DF2607AB626060591AD1955623A3C3F0D1C79233C3EC9D78359 | |||
3708 | iexplore.exe | C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N43OPPUA\amp-user-notification-0.1[1].js | text | |
MD5:57DA9CCEAF44980235F895C8C7FCF8A4 | SHA256:654B0C95AB4BE9A7B3BF97B3E674C95B4880B5A9D643C6E55F8EB134B916FA7F | |||
3708 | iexplore.exe | C:\Users\admin\AppData\Roaming\Microsoft\Windows\Cookies\Low\admin@digitalcitizen[1].txt | text | |
MD5:D12F8BF98E4909CC2D779A323B437AE0 | SHA256:A252AE05DCC5BA77B958C08BEB12B6D8E5C7CFFFD82ECDEA6FA7A115887B498E | |||
3708 | iexplore.exe | C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ALNH8NNG\css_M5VRE_snNUSoENZrXxdOHaqXJML4qlOBKzywU_C0OX4[1].css | text | |
MD5:3C53C834F07FA110C107A2188EA89C75 | SHA256:FCDB236403256DA903F3AD8A7791B9D44F71F4A03040CDA22E26B7EC9D7D831C | |||
3708 | iexplore.exe | C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\37I5VJRY\productivity[1].txt | — | |
MD5:— | SHA256:— |
PID | Process | Method | HTTP Code | IP | URL | CN | Type | Size | Reputation |
---|---|---|---|---|---|---|---|---|---|
3708 | iexplore.exe | GET | 301 | 104.26.12.188:80 | http://www.digitalcitizen.life/ | US | html | 240 b | malicious |
2608 | iexplore.exe | GET | 200 | 204.79.197.200:80 | http://www.bing.com/favicon.ico | US | image | 237 b | whitelisted |
PID | Process | IP | Domain | ASN | CN | Reputation |
---|---|---|---|---|---|---|
2608 | iexplore.exe | 204.79.197.200:80 | www.bing.com | Microsoft Corporation | US | whitelisted |
3708 | iexplore.exe | 216.58.207.33:443 | cdn.ampproject.org | Google Inc. | US | whitelisted |
3708 | iexplore.exe | 104.26.12.188:443 | www.digitalcitizen.life | Cloudflare Inc | US | malicious |
— | — | 104.26.12.188:443 | www.digitalcitizen.life | Cloudflare Inc | US | malicious |
3708 | iexplore.exe | 104.26.12.188:80 | www.digitalcitizen.life | Cloudflare Inc | US | malicious |
Domain | IP | Reputation |
---|---|---|
www.digitalcitizen.life |
| malicious |
www.bing.com |
| whitelisted |
cdn.ampproject.org |
| whitelisted |
PID | Process | Class | Message |
---|---|---|---|
— | — | Potentially Bad Traffic | ET INFO Observed DNS Query to .life TLD |
3708 | iexplore.exe | Potentially Bad Traffic | ET INFO HTTP Request to Suspicious *.life Domain |