File: 12b7bb4477943e96f369d5cc61dc3ff8

Metadata
File name:http://hd.egain.com/wp-content/uploads/whitepapers/egain_whitepaper_next-gen_knowledge_for_custserv.pdf
File type:N/A
File size:N/A
Analysis date:2019-08-19 16:09:49
MD5:12b7bb4477943e96f369d5cc61dc3ff8
SHA1:407cdeeaab7789d40249bebfc08f96f2a9a5a4fc
SHA256:1e339f51bd4452ea51e60c83c819f46e5f4d2163376319a5c45561a146a92d16
SHA512:N/A
SSDEEP:N/A
IMPHASH:N/A
Authentihash:N/A
Related resources
APTNotes
Cyber threat intelligence reports associated with 12b7bb4477943e96f369d5cc61dc3ff8.
Loading...
HTTP Requests
HTTP requests the malware sample makes.
HostURLUser-Agent
99.84.104.85 (hd.egain.com)/wp-content/uploads/whitepapers/egain_whitepaper_next-gen_knowledge_for_custserv.pdf55 73 65 72 2D 41 67 65 6E 74 3A 20 4D 6F 7A 69 [User-Agent
N/A
N/A
N/A
52.32.217.63 (www.egain.com)/resources/white_papers/55 53 0D 0A 55 73 65 72 2D 41 67 65 6E 74 3A 20 [US..User-Agent
N/A
N/A
N/A
52.32.217.63 (www.egain.com)/wp-content/plugins/sitepress-multilingual-cms/res/css/language-selector.css?v=3.1.4Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
N/A
N/A
N/A
52.32.217.63 (www.egain.com)/wp-content/themes/eGain/home.css?v.090A 55 73 65 72 2D 41 67 65 6E 74 3A 20 4D 6F 7A [.User-Agent
N/A
N/A
N/A
52.32.217.63 (www.egain.com)/wp-content/plugins/sitepress-multilingual-cms/res/css/language-selector.css?v=3.1.4Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
N/A
N/A
N/A
52.32.217.63 (www.egain.com)/wp-content/themes/eGain/library/js/fancybox/jquery.fancybox.css?v=2.1.453 0D 0A 55 73 65 72 2D 41 67 65 6E 74 3A 20 4D [S..User-Agent
N/A
N/A
N/A
52.32.217.63 (www.egain.com)/wp-content/themes/eGain/library/js/jquery.fancybox-1.3.4.cssMozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
N/A
N/A
N/A
52.32.217.63 (www.egain.com)/wp-includes/css/dist/block-library/style.min.cssMozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
N/A
N/A
N/A
52.32.217.63 (www.egain.com)/wp-content/themes/eGain/css/home.css?v.072D 55 53 0D 0A 55 73 65 72 2D 41 67 65 6E 74 3A [-US..User-Agent:]
N/A
N/A
N/A
52.32.217.63 (www.egain.com)/wp-content/plugins/visual-form-builder-pro/css/visual-form-builder.min.cssMozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
N/A
N/A
N/A
52.32.217.63 (www.egain.com)/wp-content/themes/eGain/vfb-custom-css.cssMozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
N/A
N/A
N/A
52.32.217.63 (www.egain.com)/wp-content/themes/eGain/library/css/newstyle.css?v3_10A 55 73 65 72 2D 41 67 65 6E 74 3A 20 4D 6F 7A [.User-Agent
N/A
N/A
N/A
52.32.217.63 (www.egain.com)/wp-content/themes/eGain/library/js/libs/modernizr.custom.min.jsMozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
N/A
N/A
N/A
104.17.210.204 (js.hs-scripts.com)/5480551.jsMozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
N/A
N/A
N/A
52.32.217.63 (www.egain.com)/wp-includes/js/jquery/jquery.jsMozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
N/A
N/A
N/A
104.19.198.151 (cdnjs.cloudflare.com)/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js53 0D 0A 55 73 65 72 2D 41 67 65 6E 74 3A 20 4D [S..User-Agent
N/A
N/A
N/A
104.19.198.151 (cdnjs.cloudflare.com)/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css55 73 65 72 2D 41 67 65 6E 74 3A 20 4D 6F 7A 69 [User-Agent
N/A
N/A
N/A
52.32.217.63 (www.egain.com)/wp-includes/js/jquery/jquery-migrate.min.jsMozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
N/A
N/A
N/A
216.58.194.42 (fonts.googleapis.com)/css?family=Open+Sans+Condensed%3A300%2C700Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
N/A
N/A
N/A
216.58.194.42 (fonts.googleapis.com)/css?family=Cabin+Condensed:400,700Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
N/A
N/A
N/A
216.58.194.42 (fonts.googleapis.com)/css?family=Open+Sans%3A400%2C400italic%2C700Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
N/A
N/A
N/A
216.58.194.42 (fonts.googleapis.com)/css?family=Open+Sans%3A400%2C400italic%2C700Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
N/A
N/A
N/A
52.32.217.63 (www.egain.com)/wp-content/themes/eGain/poststyles.css?v.06Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
N/A
N/A
N/A
52.32.217.63 (www.egain.com)/wp-content/themes/eGain/library/css/galleria.classic.css55 53 0D 0A 55 73 65 72 2D 41 67 65 6E 74 3A 20 [US..User-Agent
N/A
N/A
N/A
52.32.217.63 (www.egain.com)/wp-content/plugins/sitepress-multilingual-cms/res/flags/de.pngMozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
N/A
N/A
N/A
52.32.217.63 (www.egain.com)/wp-content/plugins/sitepress-multilingual-cms/res/flags/us.pngMozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
N/A
N/A
N/A
52.32.217.63 (www.egain.com)/wp-content/themes/eGain/library/img/resources_bg.jpg2D 55 53 0D 0A 55 73 65 72 2D 41 67 65 6E 74 3A [-US..User-Agent:]
N/A
N/A
N/A
52.32.217.63 (www.egain.com)/wp-content/themes/eGain/library/img/chat.pngMozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
N/A
N/A
N/A
52.32.217.63 (www.egain.com)/wp-content/themes/eGain/library/js/jquery.cycle.lite.jsMozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
N/A
N/A
N/A
52.32.217.63 (www.egain.com)/wp-content/themes/eGain/library/js/bjqs-1.3.jsMozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
N/A
N/A
N/A
52.32.217.63 (www.egain.com)/wp-content/themes/eGain/library/js/jquery.preload-1.0.8-min.jsMozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
N/A
N/A
N/A
52.32.217.63 (www.egain.com)/wp-content/themes/eGain/library/js/jquery.jsMozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
N/A
N/A
N/A
52.32.217.63 (www.egain.com)/wp-content/themes/eGain/library/js/fancyBox.jsMozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
N/A
N/A
N/A
99.84.104.85 (hd.egain.com)/wp-content/images/button_subscribe.pngMozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
N/A
N/A
N/A
52.32.217.63 (www.egain.com)/wp-content/themes/eGain/library/js/jquery.fancybox-1.3.4_patch.js0A 55 73 65 72 2D 41 67 65 6E 74 3A 20 4D 6F 7A [.User-Agent
N/A
N/A
N/A
52.32.217.63 (www.egain.com)/wp-content/plugins/visual-form-builder-pro/js/jquery.validate.min.js55 53 0D 0A 55 73 65 72 2D 41 67 65 6E 74 3A 20 [US..User-Agent
N/A
N/A
N/A
52.32.217.63 (www.egain.com)/wp-content/plugins/visual-form-builder-pro/js/vfb-validation.min.js53 0D 0A 55 73 65 72 2D 41 67 65 6E 74 3A 20 4D [S..User-Agent
N/A
N/A
N/A
52.32.217.63 (www.egain.com)/wp-content/plugins/visual-form-builder-pro/js/jquery.metadata.min.js55 53 0D 0A 55 73 65 72 2D 41 67 65 6E 74 3A 20 [US..User-Agent
N/A
N/A
N/A
52.32.217.63 (www.egain.com)/wp-content/plugins/visual-form-builder-pro/js/farbtastic.min.jsMozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
N/A
N/A
N/A
52.32.217.63 (www.egain.com)/wp-content/themes/eGain/library/js/script.jsMozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
N/A
N/A
N/A
151.139.128.14 (ocsp.trust-provider.com)/MFEwTzBNMEswSTAJBgUrDgMCGgUABBR8sWZUnKvbRO5iJhat9GV793rVlAQUrb2YejS0Jvf6xCZU7wO94CTLVBoCEENSAj%2F6qJAfE5%2Fj9OXBRE4%3D0A 55 73 65 72 2D 41 67 65 6E 74 3A 20 4D 69 63 [.User-Agent
N/A
N/A
N/A
172.217.12.35 (ocsp.pki.goog)/gsr2/ME4wTDBKMEgwRjAJBgUrDgMCGgUABBTgXIsxbvr2lBkPpoIEVRE6gHlCnAQUm%2BIHV2ccHsBqBt5ZtJot39wZhi4CDQHjqTAc%2FHIGOD%2BaUx0%3D2F 2A 0D 0A 55 73 65 72 2D 41 67 65 6E 74 3A 20 [/*..User-Agent
N/A
N/A
N/A
151.139.128.14 (crl.comodoca4.com)/COMODOECCDomainValidationSecureServerCA2.crlMicrosoft-CryptoAPI/6.1
N/A
N/A
N/A
151.139.128.14 (ocsp.comodoca4.com)/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBTOpjOEf6LG1z52jqAxwDlTxoaOCgQUQAlhZ%2FC8g3FP3hIILG%2FU1Ct2PZYCEQDuBQ8%2FNYGFp89%2FjG71reex2A 0D 0A 55 73 65 72 2D 41 67 65 6E 74 3A 20 4D [*..User-Agent
N/A
N/A
N/A
151.139.128.14 (ocsp.comodoca4.com)/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTrJdiQ%2Ficg9B19asFe73bPYs%2BreAQUdXGnGUgZvJ2d6kFH35TESHeZ03kCEFslzmkHxCZVZtM5DJmpVK0%3D0A 55 73 65 72 2D 41 67 65 6E 74 3A 20 4D 69 63 [.User-Agent
N/A
N/A
N/A
172.217.12.35 (ocsp.pki.goog)/GTSGIAG3/MFEwTzBNMEswSTAJBgUrDgMCGgUABBT27bBjYjKBmjX2jXWgnQJKEapsrQQUd8K4UJpndnaxLcKG0IOgfqZ%2BuksCEFKcUKWn9UOD0NVZ4%2BltrUw%3DMicrosoft-CryptoAPI/6.1
N/A
N/A
N/A
172.217.12.35 (ocsp.pki.goog)/GTSGIAG3/MFEwTzBNMEswSTAJBgUrDgMCGgUABBT27bBjYjKBmjX2jXWgnQJKEapsrQQUd8K4UJpndnaxLcKG0IOgfqZ%2BuksCEEwChf5k04rpzw2edSloPxM%3DMicrosoft-CryptoAPI/6.1
N/A
N/A
N/A
172.217.9.3 (crl.pki.goog)/GTSGIAG3.crlMicrosoft-CryptoAPI/6.1
N/A
N/A
N/A
52.32.217.63 (www.egain.com)/wp-includes/js/wp-emoji-release.min.jsMozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
N/A
N/A
N/A
172.217.1.227 (fonts.gstatic.com)/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhv.woff0D 0A 55 73 65 72 2D 41 67 65 6E 74 3A 20 4D 6F [..User-Agent
N/A
N/A
N/A
172.217.1.227 (fonts.gstatic.com)/s/opensans/v17/mem6YaGs126MiZpBA-UFUK0Zdcs.woff0A 55 73 65 72 2D 41 67 65 6E 74 3A 20 4D 6F 7A [.User-Agent
N/A
N/A
N/A
172.217.1.227 (fonts.gstatic.com)/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0d.woffMozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
N/A
N/A
N/A
172.217.1.227 (fonts.gstatic.com)/s/opensans/v17/mem6YaGs126MiZpBA-UFUK0Zdcs.woff0A 55 73 65 72 2D 41 67 65 6E 74 3A 20 4D 6F 7A [.User-Agent
N/A
N/A
N/A
23.99.128.52 (powebtraffic.crm.powerobjects.net)/powt.js.aspxMozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
N/A
N/A
N/A
104.17.67.176 (js.hs-analytics.net)/analytics/1566231000000/5480551.js0D 0A 55 73 65 72 2D 41 67 65 6E 74 3A 20 4D 6F [..User-Agent
N/A
N/A
N/A
23.99.128.52 (powebtraffic.crm.powerobjects.net)/powt.aspx?t=4fv3rY7C0E6dBz4w8ZVXx28AcgBnAGIAMAA2AGIAMgA2ADQAMQA=&wid=e8a6ba8b-bc58-4aa1-9702-7ce3286b414f&cid=&lid=&hs=www.egai...Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
N/A
N/A
N/A
34.240.84.165 (analytics.analytics-egain.com)/onetag/EG269129180A 55 73 65 72 2D 41 67 65 6E 74 3A 20 4D 6F 7A [.User-Agent
N/A
N/A
N/A
54.148.150.24 (cloud-us.analytics-egain.com)/onetag/EG269129180A 55 73 65 72 2D 41 67 65 6E 74 3A 20 4D 6F 7A [.User-Agent
N/A
N/A
N/A
172.217.1.227 (fonts.gstatic.com)/s/cabincondensed/v13/nwpMtK6mNhBK2err_hqkYhHRqmwqZ-Le.woffMozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
N/A
N/A
N/A
172.217.1.227 (fonts.gstatic.com)/s/cabincondensed/v13/nwpJtK6mNhBK2err_hqkYhHRqmwi3MfN61d-.woff55 73 65 72 2D 41 67 65 6E 74 3A 20 4D 6F 7A 69 [User-Agent
N/A
N/A
N/A
172.217.1.227 (fonts.gstatic.com)/s/opensanscondensed/v14/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMQQ.woffMozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
N/A
N/A
N/A
172.217.1.227 (fonts.gstatic.com)/s/opensanscondensed/v14/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMQQ.woffMozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
N/A
N/A
N/A
52.32.217.63 (www.egain.com)/wp-content/plugins/sitepress-multilingual-cms/res/img/nav-arrow-down.pngMozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
N/A
N/A
N/A
99.84.104.85 (hd.egain.com)/wp-content/images/logo_egain_corp.pngMozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
N/A
N/A
N/A
52.32.217.63 (www.egain.com)/wp-content/themes/eGain/library/images/products.jpg55 53 0D 0A 55 73 65 72 2D 41 67 65 6E 74 3A 20 [US..User-Agent
N/A
N/A
N/A
52.32.217.63 (www.egain.com)/wp-content/themes/eGain/library/img/arrowdown.png0D 0A 55 73 65 72 2D 41 67 65 6E 74 3A 20 4D 6F [..User-Agent
N/A
N/A
N/A
72.167.18.239 (ocsp.godaddy.com)//MEQwQjBAMD4wPDAJBgUrDgMCGgUABBTkIInKBAzXkF0Qh0pel3lfHJ9GPAQU0sSw0pHUTBFxs2HLPaH%2B3ahq1OMCAxvnFQ%3D%3D0D 0A 55 73 65 72 2D 41 67 65 6E 74 3A 20 4D 69 [..User-Agent
N/A
N/A
N/A
72.167.18.239 (ocsp.godaddy.com)//MEIwQDA%2BMDwwOjAJBgUrDgMCGgUABBQdI2%2BOBkuXH93foRUj4a7lAr4rGwQUOpqFBxBnKLbv9r0FQW4gwZTaD94CAQc%3DMicrosoft-CryptoAPI/6.1
N/A
N/A
N/A
72.167.18.237 (crl.godaddy.com)/gdroot-g2.crlMicrosoft-CryptoAPI/6.1
N/A
N/A
N/A
72.167.18.239 (ocsp.godaddy.com)//MEkwRzBFMEMwQTAJBgUrDgMCGgUABBS2CA1fbGt26xPkOKX4ZguoUjM0TgQUQMK9J47MNIMwojPX%2B2yz8LQsgM4CCFwlk0aDPC4K0D 0A 55 73 65 72 2D 41 67 65 6E 74 3A 20 4D 69 [..User-Agent
N/A
N/A
N/A
72.167.18.237 (crl.godaddy.com)/gdig2s1-908.crlMicrosoft-CryptoAPI/6.1
N/A
N/A
N/A
72.167.18.239 (ocsp.godaddy.com)//MEkwRzBFMEMwQTAJBgUrDgMCGgUABBS2CA1fbGt26xPkOKX4ZguoUjM0TgQUQMK9J47MNIMwojPX%2B2yz8LQsgM4CCC%2FcIZ%2B57HxZMicrosoft-CryptoAPI/6.1
N/A
N/A
N/A
52.32.217.63 (www.egain.com)/wp-content/themes/eGain/library/js/fancybox/fancybox_sprite.png55 73 65 72 2D 41 67 65 6E 74 3A 20 4D 6F 7A 69 [User-Agent
N/A
N/A
N/A
52.32.217.63 (www.egain.com)/wp-content/themes/eGain/library/img/blank.gifMozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
N/A
N/A
N/A
52.32.217.63 (www.egain.com)/wp-content/themes/eGain/favicon.icoMozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
N/A
N/A
N/A
52.32.217.63 (www.egain.com)/?wordfence_lh=1&hid=FEE314853010631376D8A4A394088BEB&r=0.13154629177000843Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
N/A
N/A
N/A
AV Detections
AV detection names associated with the malware sample.
Mutants
Mutants created by the malware sample.
Registry keys
Registry keys created by the malware sample.
Comments
User comments about 12b7bb4477943e96f369d5cc61dc3ff8.
NOTICE: We have updated our privacy terms and conditions in accordance to GDPR. By using our site, you acknowledge that you have read and understand our Privacy Policy. Your use of ThreatMiner’s Products and Services is subject to these policies and terms.