Sample: d3cbd52cd0da5014255b8ab31975cacf

Note: if you are new to ThreatMiner, check out the how-to page to find out how you can get the most out of this portal.

Metadata
File name:N/A
File type:HTML document, ASCII text, with very long lines, with CRLF, LF line terminators
File size:21985
Analysis date:N/A
MD5:d3cbd52cd0da5014255b8ab31975cacf
SHA1:68abee3ff849f7876de9f3f9e397b974a9d892c3
SHA256:3b53590beedb3e409d1973a21d5e493ac146d7dd6d6618b8ee25638573b478a4
SHA512:N/A
SSDEEP:N/A
IMPHASH:N/A
Authentihash:N/A
Related resources
MIME Typetext/html
DescriptionN/A
Title..404 Not Found</td></tr><tr><td class="whois_label_column"><span class="meta_label">File Type</span></td><td>HTML</td></tr><tr><td class="whois_label_column"><span class="meta_label">File Size</span></td><td>21 kB</td></tr><tr><td class="whois_label_column"><span class="meta_label">Keywords</span></td><td>N/A</td></tr><tr><td class="whois_label_column"><span class="meta_label">Viewport</span></td><td>width=device-width</td></tr><tr><td>Source:</td><td><button type="button" class="btn btn-outline btn-primary"><a target="_blank" href="https://virusshare.com">VirusShare</a></button></td></tr></table> </div> </div> </div> </div> <!-- Reports --> <div class="row" style="margin-top:2em; margin-bottom:2em;"> <div class="col-lg-12"> <ins class="adsbygoogle" style="display:block; text-align:center;" data-ad-layout="in-article" data-ad-format="fluid" data-ad-client="ca-pub-5720763271532377" data-ad-slot="6125219520"></ins> <script> (adsbygoogle = window.adsbygoogle || []).push({}); </script> </div> </div> <div class="row"> <div class="col-lg-12"> <div class="panel panel-default"> <div class="panel-heading"> <i class="fa fa-desktop fa-fw"></i> <span>APTNotes</span> <br/> <span class="section_description">Cyber threat intelligence reports associated with d3cbd52cd0da5014255b8ab31975cacf.</span> </div> <div class="panel-body" id="notes_container"> <div class="loading_gif_container"><img alt="Loading..." src="images/ajax-loader.gif"/></div> </div> </div> </div> </div> <div class="row"> <!-- [Left colum] --> <div class="col-lg-6"> <!-- Domains --> <div class="panel panel-default"> <div class="panel-heading"> <i class="fa fa-sitemap fa-fw"></i> <span>Domains</span> <br/> <span class="section_description">Domains the malware sample communicates with.</span> </div> <div class="panel-body" id="domains_container"> </div> </div> <!-- end of domains panel --> </div> <!-- end of left column --> <!-- [Right colum] --> <div class="col-lg-6"> <!-- Hosts --> <div class="panel panel-default"> <div class="panel-heading"> <i class="fa fa-desktop fa-fw"></i> <span>Hosts</span> <br/> <span class="section_description">Hosts the malware sample communicates with.</span> </div> <div class="panel-body" id="hosts_container"> </div> </div> <!-- end of malware panel --> </div> <!-- end of right column --> <div style="clear:both"></div> </div> <!-- End of row --> <!-- HTTP requests --> <div class="row" style="margin-top:2em; margin-bottom:2em;"> <div class="col-lg-12"> <ins class="adsbygoogle" style="display:block; text-align:center;" data-ad-layout="in-article" data-ad-format="fluid" data-ad-client="ca-pub-5720763271532377" data-ad-slot="8831273914"></ins> <script> (adsbygoogle = window.adsbygoogle || []).push({}); </script> </div> </div> <div class="row"> <div class="col-lg-12"> <div class="panel panel-default"> <div class="panel-heading"> <i class="fa fa-fw fa-exchange"></i> <span>HTTP Requests</span> <br/> <span class="section_description">HTTP requests the malware sample makes.</span> </div> <div class="panel-body" id="http_container"> </div> </div> </div> </div> <div class="row"> <div class="col-lg-6"> <!-- AV detections --> <div class="panel panel-default"> <div class="panel-heading"> <i class="fa fa-fw fa-warning"></i> <span>AV Detections</span> <br/> <span class="section_description">AV detection names associated with the malware sample.</span> </div> <div class="panel-body" id="av_container"> <table class="table table-bordered table-hover"><tr><td width="30%">AVG</td><td width="70%"><a href="av.php?q=HTML/Framer">HTML/Framer</a></td></tr><tr><td width="30%">Ad-Aware</td><td width="70%"><a href="av.php?q=JS:Trojan.JS.Agent.KX">JS:Trojan.JS.Agent.KX</a></td></tr><tr><td width="30%">Antiy-AVL</td><td width="70%"><a href="av.php?q=Trojan/JS.Iframe.ajo">Trojan/JS.Iframe.ajo</a></td></tr><tr><td width="30%">Arcabit</td><td width="70%"><a href="av.php?q=JS:Trojan.JS.Agent.KX">JS:Trojan.JS.Agent.KX</a></td></tr><tr><td width="30%">Avast</td><td width="70%"><a href="av.php?q=HTML:Iframe-BUU [Trj]">HTML:Iframe-BUU [Trj]</a></td></tr><tr><td width="30%">Avira</td><td width="70%"><a href="av.php?q=HTML/ExpKit.Gen2">HTML/ExpKit.Gen2</a></td></tr><tr><td width="30%">BitDefender</td><td width="70%"><a href="av.php?q=JS:Trojan.JS.Agent.KX">JS:Trojan.JS.Agent.KX</a></td></tr><tr><td width="30%">ESET-NOD32</td><td width="70%"><a href="av.php?q=JS/Iframe.MB">JS/Iframe.MB</a></td></tr><tr><td width="30%">Emsisoft</td><td width="70%"><a href="av.php?q=JS:Trojan.JS.Agent.KX (B)">JS:Trojan.JS.Agent.KX (B)</a></td></tr><tr><td width="30%">F-Secure</td><td width="70%"><a href="av.php?q=JS:Trojan.JS.Agent.KX">JS:Trojan.JS.Agent.KX</a></td></tr><tr><td width="30%">Fortinet</td><td width="70%"><a href="av.php?q=JS/Moat.7D7F220A!tr">JS/Moat.7D7F220A!tr</a></td></tr><tr><td width="30%">GData</td><td width="70%"><a href="av.php?q=JS:Trojan.JS.Agent.KX">JS:Trojan.JS.Agent.KX</a></td></tr><tr><td width="30%">Jiangmin</td><td width="70%"><a href="av.php?q=Trojan.Script.izq">Trojan.Script.izq</a></td></tr><tr><td width="30%">Kaspersky</td><td width="70%"><a href="av.php?q=Trojan.JS.Iframe.ajo">Trojan.JS.Iframe.ajo</a></td></tr><tr><td width="30%">MicroWorld-eScan</td><td width="70%"><a href="av.php?q=JS:Trojan.JS.Agent.KX">JS:Trojan.JS.Agent.KX</a></td></tr><tr><td width="30%">Microsoft</td><td width="70%"><a href="av.php?q=Trojan:JS/Iframeinject.AJ">Trojan:JS/Iframeinject.AJ</a></td></tr><tr><td width="30%">Rising</td><td width="70%"><a href="av.php?q=HTML:Malware.Generic(Shepherd)!1.A285 [F]">HTML:Malware.Generic(Shepherd)!1.A285 [F]</a></td></tr><tr><td width="30%">TrendMicro-HouseCall</td><td width="70%"><a href="av.php?q=HTML_INJECT.APR">HTML_INJECT.APR</a></td></tr><tr><td width="30%">nProtect</td><td width="70%"><a href="av.php?q=JS:Trojan.JS.Agent.KX">JS:Trojan.JS.Agent.KX</a></td></tr></table> </div> </div> <!-- end of av detections --> </div> <div class="col-lg-6"> <!-- Mutexes --> <div class="panel panel-default"> <div class="panel-heading"> <i class="fa fa-fw fa-lock"></i> <span>Mutants</span> <br/> <span class="section_description">Mutants created by the malware sample.</span> </div> <div class="panel-body" id="mut_container"> </div> </div> <!-- end of mutexes --> </div> <div style="clear:both"></div> </div> <!-- Registry keys --> <div class="row" style="margin-top:2em; margin-bottom:2em;"> <div class="col-lg-12"> <ins class="adsbygoogle" style="display:block; text-align:center;" data-ad-layout="in-article" data-ad-format="fluid" data-ad-client="ca-pub-5720763271532377" data-ad-slot="3926415687"></ins> <script> (adsbygoogle = window.adsbygoogle || []).push({}); </script> </div> </div> <div class="row"> <div class="col-lg-12"> <div class="panel panel-default"> <div class="panel-heading"> <i class="fa fa-fw fa-th-list"></i> <span>Registry keys</span> <br/> <span class="section_description">Registry keys created by the malware sample.</span> </div> <div class="panel-body" id="reg_container"> </div> </div> </div> </div> <!-- Footer Google Ads --> <div class="row" style="margin:1em;"> <div class="col-lg-12" style="text-align:center"> <ins class="adsbygoogle" style="display:block" data-ad-format="autorelaxed" data-ad-client="ca-pub-5720763271532377" data-ad-slot="4336667154"></ins> <script> (adsbygoogle = window.adsbygoogle || []).push({}); </script> </div> </div> <!-- Comments --> <div class="row"> <div class="col-lg-12"> <div class="panel panel-default"> <div class="panel-heading"> <i class="fa fa-user fa-fw"></i> <span>Comments</span> <br/> <span class="section_description">User comments about d3cbd52cd0da5014255b8ab31975cacf.</span> </div> <div class="panel-body" id="disqus_thread"></div> </div> <!-- end of domains panel --> </div> </div> <script> var disqus_config = function () { this.page.url = 'https://www.threatminer.org/sample.php?q=d3cbd52cd0da5014255b8ab31975cacf'; this.page.identifier = 'd3cbd52cd0da5014255b8ab31975cacf'; }; (function() { var d = document, s = d.createElement('script'); s.src = 'https://threatminer.disqus.com/embed.js'; s.setAttribute('data-timestamp', +new Date()); (d.head || d.body).appendChild(s); })(); </script> <noscript>Please enable JavaScript to view the <a href="https://disqus.com/?ref_noscript">comments powered by Disqus.</a></noscript> </div><!-- End of page-wrapper --> </div> <!-- End of wrapper --> <script type="text/javascript" language="javascript" src="/bower_components/jquery/dist/jquery-1.12.4.min.js"></script> <script type="text/javascript" language="javascript" src="/bower_components/bootstrap/dist/js/bootstrap.min.js"></script> <script type="text/javascript" language="javascript" src="/bower_components/metisMenu/dist/metisMenu.min.js"></script> <script type="text/javascript" language="javascript" src="/bower_components/datatables/media/js/jquery.dataTables.min.js"></script> <script type="text/javascript" language="javascript" src="/bower_components/datatables-plugins/integration/bootstrap/3/dataTables.bootstrap.min.js"></script> <script type="text/javascript" language="javascript" src="/bower_components/datatables-plugins/buttons/media/js/dataTables.buttons.min.js"></script> <script type="text/javascript" language="javascript" src="/bower_components/datatables-plugins/pdfmake/media/js/pdfmake.min.js"></script> <script type="text/javascript" language="javascript" src="/bower_components/datatables-plugins/jszip/media/js/jszip.min.js"></script> <script type="text/javascript" language="javascript" src="/bower_components/datatables-plugins/vfs_fonts/media/js/vfs_fonts.js"></script> <script type="text/javascript" language="javascript" src="/bower_components/datatables-plugins/buttons/media/js/buttons.html5.min.js"></script> <script type="text/javascript" language="javascript" src="/dist/js/sb-admin-2.js"></script> <script type="text/javascript" language="javascript" src="/dist/js/tm_utility.js"></script> <script type="text/javascript" language="javascript" src="/dist/js/social-share-kit.min.js"></script> <script type="text/javascript"> // APT notes getReport("notes_container", 2, "d3cbd52cd0da5014255b8ab31975cacf"); </script> <!-- Footer --> <div class="tm_row"> <div id="privacy_notice" class="alert alert-info alert-dismissable bottom_popup"> <button type="button" class="close" data-dismiss="alert" aria-hidden="true">×</button> <strong>NOTICE:</strong> We have updated our privacy terms and conditions in accordance to GDPR. By using our site, you acknowledge that you have read and understand our <a target="_blank" href="privacy.php"><strong>Privacy Policy</strong></a>. Your use of ThreatMiner’s Products and Services is subject to these policies and terms. </div> </div> <div id="footer" class="tm_row" style="text-align:center; font-size:0.8em; color:#999;"> <p><a rel="license" href="http://creativecommons.org/licenses/by/4.0/"><img alt="Creative Commons License" style="border-width:0" src="https://i.creativecommons.org/l/by/4.0/80x15.png" /></a><br /><br /><span xmlns:dct="http://purl.org/dc/terms/" property="dct:title">ThreatMiner.org</span> is a non-profit initiative and is licensed under a <a target = "_blank" rel="license" href="http://creativecommons.org/licenses/by/4.0/">Creative Commons Attribution 4.0 International License</a>.</p> <p><a target="_blank" href="privacy.php">Privacy Notice</a><a style="margin-left:1em" target="_blank" href="sitemap.php">Sitemap</a></p> </div> <!-- Scroll-to-top button --> <button id="scrollToTop" type="button" class="btn btn-outline btn-default">Back to the top</button> <script type="text/javascript"> // Main function $(document).ready(function(){ (function() { var cx = '009665096751685288782:o6_z_tmwsge'; var gcse = document.createElement('script'); gcse.type = 'text/javascript'; gcse.async = true; gcse.src = 'https://cse.google.com/cse.js?cx=' + cx; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(gcse, s); })(); // SocialKit buttons SocialShareKit.init(); // Use of privacy notice pop-up if(!readCookie("threatminer_privacy")){ $('#privacy_notice').fadeIn(); } // Event handler $('#privacy_notice .close').click(function (e) { //Cancel the link behavior e.preventDefault(); $('#privacy_notice').hide(); createCookie("threatminer_privacy", "accepted", 365) }); // Scroll-to-top button $(window).scroll(function(){ if ($(this).scrollTop() > 100) { $('#scrollToTop').fadeIn(); } else { $('#scrollToTop').fadeOut(); } }); $('#scrollToTop').click(function(){ $('html, body').animate({scrollTop : 0},100); return false; }); // Session var refreshTime = 600000; // every 10 minutes in milliseconds window.setInterval( function() { $.ajax({ cache: false, type: "GET", url: "session.php", success: function(data) { } }); }, refreshTime ); }); // Push ads (adsbygoogle = window.adsbygoogle || []).push({}); </script> <script type="text/javascript"> var infolinks_pid = 3241790; var infolinks_wsid = 0; </script> <script type="text/javascript" src="https://resources.infolinks.com/js/infolinks_main.js"></script> </body> </html>