URL: | https://dukemychart.org |
Full analysis: | https://app.any.run/tasks/7878da61-63c9-4871-803d-eb711446c5f0 |
Verdict: | No threats detected |
Analysis date: | September 10, 2020, 14:06:39 |
OS: | Windows 7 Professional Service Pack 1 (build: 7601, 32 bit) |
Indicators: | |
MD5: | F2A1A31310B4BA310A1269E973EDBCF3 |
SHA1: | 26289B392BCC0BE1F61F8199F238329F15051C98 |
SHA256: | C233D6803FC174C8D7691A3B7B7C46F6A6E0F76FD78EA717648CBDC81F6D0589 |
SSDEEP: | 3:N8IQcv4S:2IJv4S |
PID | CMD | Path | Indicators | Parent process |
---|---|---|---|---|
3972 | "C:\Program Files\Internet Explorer\iexplore.exe" "https://dukemychart.org" | C:\Program Files\Internet Explorer\iexplore.exe | explorer.exe | |
User: admin Company: Microsoft Corporation Integrity Level: MEDIUM Description: Internet Explorer Version: 11.00.9600.16428 (winblue_gdr.131013-1700) | ||||
556 | "C:\Program Files\Internet Explorer\iexplore.exe" SCODEF:3972 CREDAT:267521 /prefetch:2 | C:\Program Files\Internet Explorer\iexplore.exe | iexplore.exe | |
User: admin Company: Microsoft Corporation Integrity Level: LOW Description: Internet Explorer Version: 11.00.9600.16428 (winblue_gdr.131013-1700) | ||||
3612 | C:\Windows\system32\Macromed\Flash\FlashUtil32_26_0_0_131_ActiveX.exe -Embedding | C:\Windows\system32\Macromed\Flash\FlashUtil32_26_0_0_131_ActiveX.exe | — | svchost.exe |
User: admin Company: Adobe Systems Incorporated Integrity Level: MEDIUM Description: Adobe® Flash® Player Installer/Uninstaller 26.0 r0 Version: 26,0,0,131 |
PID | Process | Filename | Type | |
---|---|---|---|---|
3972 | iexplore.exe | C:\Users\admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico | — | |
MD5:— | SHA256:— | |||
556 | iexplore.exe | C:\Users\admin\AppData\Local\Temp\Low\CabE942.tmp | — | |
MD5:— | SHA256:— | |||
556 | iexplore.exe | C:\Users\admin\AppData\Local\Temp\Low\TarE943.tmp | — | |
MD5:— | SHA256:— | |||
556 | iexplore.exe | C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\MFAQUS6V\common[1].css | text | |
MD5:1F27A2C7651DB9ABCB754AF75AFD459A | SHA256:244CA0ADF5A5051C03A9783B2EF0212C7B157F2FF54D7C34FDECD6BE7F6972DB | |||
556 | iexplore.exe | C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B2FAF7692FD9FFBD64EDE317E42334BA_D7393C8F62BDE4D4CB606228BC7A711E | binary | |
MD5:FBE6EA4497603C2E7D93D275F01BFEF8 | SHA256:265625543F41CE712F4173AE55E26CC98E69CE973E2482FDC85D15C27F5AAEB5 | |||
556 | iexplore.exe | C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\FB0DD30266AF9B4A57FF10335BAF014F_03B3895926AEB0A245A41403A27FC5BA | der | |
MD5:545A8E65752C2B553B0E770BF4FF20D8 | SHA256:9856C535B41361DEDD1A4BB44BDBECAF1B08E977E2AAE7B0DEA7474E76DEE12A | |||
556 | iexplore.exe | C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\MFAQUS6V\component[1].css | text | |
MD5:5BE010A8C4E84551162992520BA55891 | SHA256:7CB11565C9532CEAB40977ED5E96B9E63C87756E21D038F4F21852906D4F7836 | |||
556 | iexplore.exe | C:\Users\admin\AppData\Roaming\Microsoft\Windows\Cookies\Low\R0YLX12V.txt | text | |
MD5:FE3322FA3DE2DF15B262795F6681BED8 | SHA256:13360CA50CFE58EBFA911B8840987580CC69F6E30E92FE35691F2609E17FBC17 | |||
556 | iexplore.exe | C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DY534W2X\prelogin[1].css | text | |
MD5:F67033F4096A366944C489005E9FA347 | SHA256:50A884C8D35C82013E9BBF7324F7DDE357671B7ECA8E5337138F86FC3FB1321D | |||
556 | iexplore.exe | C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\FB0DD30266AF9B4A57FF10335BAF014F_03B3895926AEB0A245A41403A27FC5BA | binary | |
MD5:B60D219F84A64A8D0C83DC28EC59D04B | SHA256:295BF866503B018BEEB5683F9721D008348F31CAD86DC51EFF2689BB30868A09 |
PID | Process | Method | HTTP Code | IP | URL | CN | Type | Size | Reputation |
---|---|---|---|---|---|---|---|---|---|
556 | iexplore.exe | GET | 200 | 172.217.22.67:80 | http://ocsp.pki.goog/gts1o1core/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRCRjDCJxnb3nDwj%2Fxz5aZfZjgXvAQUmNH4bhDrz5vsYJ8YkBug630J%2FSsCEAa5VhR9EEs0AgAAAAB5ZBM%3D | US | der | 471 b | whitelisted |
556 | iexplore.exe | GET | 200 | 93.184.220.29:80 | http://crl3.digicert.com/DigiCertGlobalRootCA.crl | US | der | 631 b | whitelisted |
556 | iexplore.exe | GET | 200 | 151.139.128.14:80 | http://ocsp.usertrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTNMNJMNDqCqx8FcBWK16EHdimS6QQUU3m%2FWqorSs9UgOHYm8Cd8rIDZssCEEcg0PqFRhp%2BF6FkApGEY3Q%3D | US | der | 727 b | whitelisted |
556 | iexplore.exe | GET | 200 | 172.217.22.67:80 | http://ocsp.pki.goog/gsr2/ME4wTDBKMEgwRjAJBgUrDgMCGgUABBTgXIsxbvr2lBkPpoIEVRE6gHlCnAQUm%2BIHV2ccHsBqBt5ZtJot39wZhi4CDQHjtJ13zfQMBhkWtuM%3D | US | der | 468 b | whitelisted |
556 | iexplore.exe | GET | 200 | 172.217.22.67:80 | http://ocsp.pki.goog/gsr2/ME4wTDBKMEgwRjAJBgUrDgMCGgUABBTgXIsxbvr2lBkPpoIEVRE6gHlCnAQUm%2BIHV2ccHsBqBt5ZtJot39wZhi4CDQHjtJqhjYqpgSVpULg%3D | US | der | 468 b | whitelisted |
556 | iexplore.exe | GET | 200 | 172.217.22.67:80 | http://ocsp.pki.goog/gts1o1core/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRCRjDCJxnb3nDwj%2Fxz5aZfZjgXvAQUmNH4bhDrz5vsYJ8YkBug630J%2FSsCEGPZqrycpduCCAAAAABUy10%3D | US | der | 471 b | whitelisted |
556 | iexplore.exe | GET | 200 | 104.18.20.226:80 | http://ocsp.globalsign.com/rootr1/ME8wTTBLMEkwRzAJBgUrDgMCGgUABBS3V7W2nAf4FiMTjpDJKg6%2BMgGqMQQUYHtmGkUNl8qJUC99BM00qP%2F8%2FUsCDkbwjNvPLFRm7zMB3V80 | US | der | 1.49 Kb | whitelisted |
556 | iexplore.exe | GET | 200 | 172.217.22.67:80 | http://ocsp.pki.goog/gsr2/ME4wTDBKMEgwRjAJBgUrDgMCGgUABBTgXIsxbvr2lBkPpoIEVRE6gHlCnAQUm%2BIHV2ccHsBqBt5ZtJot39wZhi4CDQHjtJqhjYqpgSVpULg%3D | US | der | 468 b | whitelisted |
556 | iexplore.exe | GET | 200 | 93.184.220.29:80 | http://crl3.digicert.com/DigiCertGlobalRootCA.crl | US | der | 631 b | whitelisted |
556 | iexplore.exe | GET | 200 | 151.139.128.14:80 | http://ocsp.usertrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRpg21TVpHZ%2FLeGq%2Ft34TnEClb0IgQUHgWjd49sluJbh0umtIascQAM5zgCEGfq1J9dvcGjgiLuLO1W6FE%3D | US | der | 471 b | whitelisted |
PID | Process | IP | Domain | ASN | CN | Reputation |
---|---|---|---|---|---|---|
3972 | iexplore.exe | 204.79.197.200:80 | www.bing.com | Microsoft Corporation | US | whitelisted |
556 | iexplore.exe | 152.16.0.179:443 | dukemychart.org | Duke University | US | suspicious |
556 | iexplore.exe | 104.108.145.56:443 | players.brightcove.net | TOT Public Company Limited | US | unknown |
556 | iexplore.exe | 151.139.128.14:80 | ocsp.comodoca.com | Highwinds Network Group, Inc. | US | suspicious |
556 | iexplore.exe | 152.16.0.234:443 | www.dukehealth.org | Duke University | US | unknown |
556 | iexplore.exe | 172.217.18.168:443 | www.googletagmanager.com | Google Inc. | US | whitelisted |
556 | iexplore.exe | 151.101.2.217:443 | vjs.zencdn.net | Fastly | US | suspicious |
556 | iexplore.exe | 93.184.220.29:80 | ocsp.digicert.com | MCI Communications Services, Inc. d/b/a Verizon Business | US | whitelisted |
— | — | 93.184.220.29:80 | ocsp.digicert.com | MCI Communications Services, Inc. d/b/a Verizon Business | US | whitelisted |
556 | iexplore.exe | 172.217.22.67:80 | ocsp.pki.goog | Google Inc. | US | whitelisted |
Domain | IP | Reputation |
---|---|---|
dukemychart.org |
| whitelisted |
ocsp.comodoca.com |
| whitelisted |
api.bing.com |
| whitelisted |
www.bing.com |
| whitelisted |
ocsp.usertrust.com |
| whitelisted |
www.dukemychart.org |
| suspicious |
crl.usertrust.com |
| whitelisted |
www.dukehealth.org |
| unknown |
players.brightcove.net |
| whitelisted |
www.googletagmanager.com |
| whitelisted |