| Title | ..404 Not Found</td></tr><tr><td class="whois_label_column"><span class="meta_label">File Type</span></td><td>HTML</td></tr><tr><td class="whois_label_column"><span class="meta_label">File Size</span></td><td>21 kB</td></tr><tr><td class="whois_label_column"><span class="meta_label">Keywords</span></td><td>N/A</td></tr><tr><td class="whois_label_column"><span class="meta_label">Viewport</span></td><td>width=device-width</td></tr><tr><td>Source:</td><td><button type="button" class="btn btn-outline btn-primary"><a target="_blank" href="https://virusshare.com">VirusShare</a></button></td></tr></table> </div>
</div>
</div>
</div>
<!-- Reports -->
<div class="row" style="margin-top:2em; margin-bottom:2em;">
<div class="col-lg-12">
<ins class="adsbygoogle"
style="display:block; text-align:center;"
data-ad-layout="in-article"
data-ad-format="fluid"
data-ad-client="ca-pub-5720763271532377"
data-ad-slot="6125219520"></ins>
<script>
(adsbygoogle = window.adsbygoogle || []).push({});
</script>
</div>
</div>
<div class="row">
<div class="col-lg-12">
<div class="panel panel-default">
<div class="panel-heading">
<i class="fa fa-desktop fa-fw"></i>
<span>APTNotes</span>
<br/>
<span class="section_description">Cyber threat intelligence reports associated with d3cbd52cd0da5014255b8ab31975cacf.</span>
</div>
<div class="panel-body" id="notes_container">
<div class="loading_gif_container"><img alt="Loading..." src="images/ajax-loader.gif"/></div>
</div>
</div>
</div>
</div>
<div class="row">
<!-- [Left colum] -->
<div class="col-lg-6">
<!-- Domains -->
<div class="panel panel-default">
<div class="panel-heading">
<i class="fa fa-sitemap fa-fw"></i>
<span>Domains</span>
<br/>
<span class="section_description">Domains the malware sample communicates with.</span>
</div>
<div class="panel-body" id="domains_container">
</div>
</div> <!-- end of domains panel -->
</div> <!-- end of left column -->
<!-- [Right colum] -->
<div class="col-lg-6">
<!-- Hosts -->
<div class="panel panel-default">
<div class="panel-heading">
<i class="fa fa-desktop fa-fw"></i>
<span>Hosts</span>
<br/>
<span class="section_description">Hosts the malware sample communicates with.</span>
</div>
<div class="panel-body" id="hosts_container">
</div>
</div> <!-- end of malware panel -->
</div> <!-- end of right column -->
<div style="clear:both"></div>
</div> <!-- End of row -->
<!-- HTTP requests -->
<div class="row" style="margin-top:2em; margin-bottom:2em;">
<div class="col-lg-12">
<ins class="adsbygoogle"
style="display:block; text-align:center;"
data-ad-layout="in-article"
data-ad-format="fluid"
data-ad-client="ca-pub-5720763271532377"
data-ad-slot="8831273914"></ins>
<script>
(adsbygoogle = window.adsbygoogle || []).push({});
</script>
</div>
</div>
<div class="row">
<div class="col-lg-12">
<div class="panel panel-default">
<div class="panel-heading">
<i class="fa fa-fw fa-exchange"></i>
<span>HTTP Requests</span>
<br/>
<span class="section_description">HTTP requests the malware sample makes.</span>
</div>
<div class="panel-body" id="http_container">
</div>
</div>
</div>
</div>
<div class="row">
<div class="col-lg-6">
<!-- AV detections -->
<div class="panel panel-default">
<div class="panel-heading">
<i class="fa fa-fw fa-warning"></i>
<span>AV Detections</span>
<br/>
<span class="section_description">AV detection names associated with the malware sample.</span>
</div>
<div class="panel-body" id="av_container">
<table class="table table-bordered table-hover"><tr><td width="30%">AVG</td><td width="70%"><a href="av.php?q=HTML/Framer">HTML/Framer</a></td></tr><tr><td width="30%">Ad-Aware</td><td width="70%"><a href="av.php?q=JS:Trojan.JS.Agent.KX">JS:Trojan.JS.Agent.KX</a></td></tr><tr><td width="30%">Antiy-AVL</td><td width="70%"><a href="av.php?q=Trojan/JS.Iframe.ajo">Trojan/JS.Iframe.ajo</a></td></tr><tr><td width="30%">Arcabit</td><td width="70%"><a href="av.php?q=JS:Trojan.JS.Agent.KX">JS:Trojan.JS.Agent.KX</a></td></tr><tr><td width="30%">Avast</td><td width="70%"><a href="av.php?q=HTML:Iframe-BUU [Trj]">HTML:Iframe-BUU [Trj]</a></td></tr><tr><td width="30%">Avira</td><td width="70%"><a href="av.php?q=HTML/ExpKit.Gen2">HTML/ExpKit.Gen2</a></td></tr><tr><td width="30%">BitDefender</td><td width="70%"><a href="av.php?q=JS:Trojan.JS.Agent.KX">JS:Trojan.JS.Agent.KX</a></td></tr><tr><td width="30%">ESET-NOD32</td><td width="70%"><a href="av.php?q=JS/Iframe.MB">JS/Iframe.MB</a></td></tr><tr><td width="30%">Emsisoft</td><td width="70%"><a href="av.php?q=JS:Trojan.JS.Agent.KX (B)">JS:Trojan.JS.Agent.KX (B)</a></td></tr><tr><td width="30%">F-Secure</td><td width="70%"><a href="av.php?q=JS:Trojan.JS.Agent.KX">JS:Trojan.JS.Agent.KX</a></td></tr><tr><td width="30%">Fortinet</td><td width="70%"><a href="av.php?q=JS/Moat.7D7F220A!tr">JS/Moat.7D7F220A!tr</a></td></tr><tr><td width="30%">GData</td><td width="70%"><a href="av.php?q=JS:Trojan.JS.Agent.KX">JS:Trojan.JS.Agent.KX</a></td></tr><tr><td width="30%">Jiangmin</td><td width="70%"><a href="av.php?q=Trojan.Script.izq">Trojan.Script.izq</a></td></tr><tr><td width="30%">Kaspersky</td><td width="70%"><a href="av.php?q=Trojan.JS.Iframe.ajo">Trojan.JS.Iframe.ajo</a></td></tr><tr><td width="30%">MicroWorld-eScan</td><td width="70%"><a href="av.php?q=JS:Trojan.JS.Agent.KX">JS:Trojan.JS.Agent.KX</a></td></tr><tr><td width="30%">Microsoft</td><td width="70%"><a href="av.php?q=Trojan:JS/Iframeinject.AJ">Trojan:JS/Iframeinject.AJ</a></td></tr><tr><td width="30%">Rising</td><td width="70%"><a href="av.php?q=HTML:Malware.Generic(Shepherd)!1.A285 [F]">HTML:Malware.Generic(Shepherd)!1.A285 [F]</a></td></tr><tr><td width="30%">TrendMicro-HouseCall</td><td width="70%"><a href="av.php?q=HTML_INJECT.APR">HTML_INJECT.APR</a></td></tr><tr><td width="30%">nProtect</td><td width="70%"><a href="av.php?q=JS:Trojan.JS.Agent.KX">JS:Trojan.JS.Agent.KX</a></td></tr></table> </div>
</div> <!-- end of av detections -->
</div>
<div class="col-lg-6">
<!-- Mutexes -->
<div class="panel panel-default">
<div class="panel-heading">
<i class="fa fa-fw fa-lock"></i>
<span>Mutants</span>
<br/>
<span class="section_description">Mutants created by the malware sample.</span>
</div>
<div class="panel-body" id="mut_container">
</div>
</div> <!-- end of mutexes -->
</div>
<div style="clear:both"></div>
</div>
<!-- Registry keys -->
<div class="row" style="margin-top:2em; margin-bottom:2em;">
<div class="col-lg-12">
<ins class="adsbygoogle"
style="display:block; text-align:center;"
data-ad-layout="in-article"
data-ad-format="fluid"
data-ad-client="ca-pub-5720763271532377"
data-ad-slot="3926415687"></ins>
<script>
(adsbygoogle = window.adsbygoogle || []).push({});
</script>
</div>
</div>
<div class="row">
<div class="col-lg-12">
<div class="panel panel-default">
<div class="panel-heading">
<i class="fa fa-fw fa-th-list"></i>
<span>Registry keys</span>
<br/>
<span class="section_description">Registry keys created by the malware sample.</span>
</div>
<div class="panel-body" id="reg_container">
</div>
</div>
</div>
</div>
<!-- Footer Google Ads -->
<div class="row" style="margin:1em;">
<div class="col-lg-12" style="text-align:center">
<ins class="adsbygoogle"
style="display:block"
data-ad-format="autorelaxed"
data-ad-client="ca-pub-5720763271532377"
data-ad-slot="4336667154"></ins>
<script>
(adsbygoogle = window.adsbygoogle || []).push({});
</script>
</div>
</div>
<!-- Comments -->
<div class="row">
<div class="col-lg-12">
<div class="panel panel-default">
<div class="panel-heading">
<i class="fa fa-user fa-fw"></i>
<span>Comments</span>
<br/>
<span class="section_description">User comments about d3cbd52cd0da5014255b8ab31975cacf.</span>
</div>
<div class="panel-body" id="disqus_thread"></div>
</div> <!-- end of domains panel -->
</div>
</div>
<script>
var disqus_config = function () {
this.page.url = 'https://www.threatminer.org/sample.php?q=d3cbd52cd0da5014255b8ab31975cacf';
this.page.identifier = 'd3cbd52cd0da5014255b8ab31975cacf';
};
(function() {
var d = document, s = d.createElement('script');
s.src = 'https://threatminer.disqus.com/embed.js';
s.setAttribute('data-timestamp', +new Date());
(d.head || d.body).appendChild(s);
})();
</script>
<noscript>Please enable JavaScript to view the <a href="https://disqus.com/?ref_noscript">comments powered by Disqus.</a></noscript>
</div><!-- End of page-wrapper -->
</div> <!-- End of wrapper -->
<script type="text/javascript" language="javascript" src="/bower_components/jquery/dist/jquery-1.12.4.min.js"></script>
<script type="text/javascript" language="javascript" src="/bower_components/bootstrap/dist/js/bootstrap.min.js"></script>
<script type="text/javascript" language="javascript" src="/bower_components/metisMenu/dist/metisMenu.min.js"></script>
<script type="text/javascript" language="javascript" src="/bower_components/datatables/media/js/jquery.dataTables.min.js"></script>
<script type="text/javascript" language="javascript" src="/bower_components/datatables-plugins/integration/bootstrap/3/dataTables.bootstrap.min.js"></script>
<script type="text/javascript" language="javascript" src="/bower_components/datatables-plugins/buttons/media/js/dataTables.buttons.min.js"></script>
<script type="text/javascript" language="javascript" src="/bower_components/datatables-plugins/pdfmake/media/js/pdfmake.min.js"></script>
<script type="text/javascript" language="javascript" src="/bower_components/datatables-plugins/jszip/media/js/jszip.min.js"></script>
<script type="text/javascript" language="javascript" src="/bower_components/datatables-plugins/vfs_fonts/media/js/vfs_fonts.js"></script>
<script type="text/javascript" language="javascript" src="/bower_components/datatables-plugins/buttons/media/js/buttons.html5.min.js"></script>
<script type="text/javascript" language="javascript" src="/dist/js/sb-admin-2.js"></script>
<script type="text/javascript" language="javascript" src="/dist/js/tm_utility.js"></script>
<script type="text/javascript" language="javascript" src="/dist/js/social-share-kit.min.js"></script>
<script type="text/javascript">
// APT notes
getReport("notes_container", 2, "d3cbd52cd0da5014255b8ab31975cacf");
</script>
<!-- Footer -->
<div class="tm_row">
<div id="privacy_notice" class="alert alert-info alert-dismissable bottom_popup">
<button type="button" class="close" data-dismiss="alert" aria-hidden="true">×</button>
<strong>NOTICE:</strong> We have updated our privacy terms and conditions in accordance to GDPR. By using our site, you acknowledge that you have read and understand our <a target="_blank" href="privacy.php"><strong>Privacy Policy</strong></a>. Your use of ThreatMiner’s Products and Services is subject to these policies and terms.
</div>
</div>
<div id="footer" class="tm_row" style="text-align:center; font-size:0.8em; color:#999;">
<p><a rel="license" href="http://creativecommons.org/licenses/by/4.0/"><img alt="Creative Commons License" style="border-width:0" src="https://i.creativecommons.org/l/by/4.0/80x15.png" /></a><br /><br /><span xmlns:dct="http://purl.org/dc/terms/" property="dct:title">ThreatMiner.org</span> is a non-profit initiative and is licensed under a <a target = "_blank" rel="license" href="http://creativecommons.org/licenses/by/4.0/">Creative Commons Attribution 4.0 International License</a>.</p>
<p><a target="_blank" href="privacy.php">Privacy Notice</a><a style="margin-left:1em" target="_blank" href="sitemap.php">Sitemap</a></p>
</div>
<!-- Scroll-to-top button -->
<button id="scrollToTop" type="button" class="btn btn-outline btn-default">Back to the top</button>
<script type="text/javascript">
// Main function
$(document).ready(function(){
(function() {
var cx = '414385693720d4156';
var gcse = document.createElement('script');
gcse.type = 'text/javascript';
gcse.async = true;
gcse.src = 'https://cse.google.com/cse.js?cx=' + cx;
var s = document.getElementsByTagName('script')[0];
s.parentNode.insertBefore(gcse, s);
})();
// SocialKit buttons
SocialShareKit.init();
// Use of privacy notice pop-up
if(!readCookie("threatminer_privacy")){
$('#privacy_notice').fadeIn();
}
// Event handler
$('#privacy_notice .close').click(function (e) {
//Cancel the link behavior
e.preventDefault();
$('#privacy_notice').hide();
createCookie("threatminer_privacy", "accepted", 365)
});
// Scroll-to-top button
$(window).scroll(function(){
if ($(this).scrollTop() > 100) {
$('#scrollToTop').fadeIn();
} else {
$('#scrollToTop').fadeOut();
}
});
$('#scrollToTop').click(function(){
$('html, body').animate({scrollTop : 0},100);
return false;
});
// Session
var refreshTime = 600000; // every 10 minutes in milliseconds
window.setInterval( function() {
$.ajax({
cache: false,
type: "GET",
url: "session.php",
success: function(data) {
}
});
}, refreshTime );
});
// Push ads
(adsbygoogle = window.adsbygoogle || []).push({});
</script>
<script type="text/javascript">
var infolinks_pid = 3241790;
var infolinks_wsid = 0;
</script>
<script type="text/javascript" src="https://resources.infolinks.com/js/infolinks_main.js"></script>
</body>
</html>
|