Windows Analysis Report
Your ebucks R23.999 ready to be redeemed.html

Overview

General Information

Sample name:	Your ebucks R23.999 ready to be redeemed.html
Analysis ID:	1468061
MD5:	86abd7013180bc41bd60f7882ee9ddb9
SHA1:	89922cf492b64bf7898f0f2967f27ff4ecc42aeb
SHA256:	242d952a1cbc3373439c8a7595ae8e1a09cdb8338bdcbc4b2742e4e27fddce9d

Detection

Score:	56
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

AI detected phishing page

HTML Script injector detected

HTML file submission containing password form

HTML body contains password input but no form action

HTML title does not match URL

Invalid T&C link found

None HTTPS page querying sensitive user data (password, username or email)

Stores files to the Windows start menu directory

Classification

Signatures

Phishing

AI detected phishing page

Source: file:///C:/Users/user/Desktop/Your%20ebucks%20R23.999%20ready%20to%20%20be%20redeemed.html

LLM: Score: 9 brands: FNB Reasons: The URL 'file:///C:/Users/user/Desktop/Your%20ebucks%20R23.999%20ready%20to%20%20be%20redeemed.html' is a local file path, which is highly suspicious for a banking site. The page asks for sensitive information such as card number, ATM PIN, CVV, and expiry date, which is a common tactic in phishing attacks. The legitimate domain for FNB (First National Bank) is 'fnb.co.za', and this URL does not match. The presence of a prominent form requesting sensitive information without a CAPTCHA and the use of social engineering techniques to lure users into entering their banking details further indicate that this is a phishing site. DOM: 0.1.pages.csv

HTML Script injector detected

Source: file:///C:/Users/user/Desktop/Your%20ebucks%20R23.999%20ready%20to%20%20be%20redeemed.html	HTTP Parser: New script, src: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Source: file:///C:/Users/user/Desktop/Your%20ebucks%20R23.999%20ready%20to%20%20be%20redeemed.html	HTTP Parser: New script, src: https://static.revechat.com/widget/d-single-inbox/scripts/jquery/jquery.js?ver=02072024

HTML body contains password input but no form action

Source: Your ebucks R23.999 ready to be redeemed.html	HTTP Parser: <input type="password" .../> found but no <form action="...
Source: file:///C:/Users/user/Desktop/Your%20ebucks%20R23.999%20ready%20to%20%20be%20redeemed.html	HTTP Parser: <input type="password" .../> found but no <form action="...

HTML title does not match URL

Source: Your ebucks R23.999 ready to be redeemed.html	HTTP Parser: Title: does not match URL
Source: file:///C:/Users/user/Desktop/Your%20ebucks%20R23.999%20ready%20to%20%20be%20redeemed.html	HTTP Parser: Title: does not match URL

Invalid T&C link found

Source: file:///C:/Users/user/Desktop/Your%20ebucks%20R23.999%20ready%20to%20%20be%20redeemed.html

HTTP Parser: Invalid link: Help

None HTTPS page querying sensitive user data (password, username or email)

Source: file:///C:/Users/user/Desktop/Your%20ebucks%20R23.999%20ready%20to%20%20be%20redeemed.html

HTTP Parser: Has password / email / username input fields

Source: Your ebucks R23.999 ready to be redeemed.html	HTTP Parser: <input type="password" .../> found
Source: file:///C:/Users/user/Desktop/Your%20ebucks%20R23.999%20ready%20to%20%20be%20redeemed.html	HTTP Parser: <input type="password" .../> found

Source: file:///C:/Users/user/Desktop/Your%20ebucks%20R23.999%20ready%20to%20%20be%20redeemed.html	HTTP Parser: No favicon
Source: file:///C:/Users/user/Desktop/Your%20ebucks%20R23.999%20ready%20to%20%20be%20redeemed.html	HTTP Parser: No favicon

Source: Your ebucks R23.999 ready to be redeemed.html	HTTP Parser: No <meta name="author".. found
Source: file:///C:/Users/user/Desktop/Your%20ebucks%20R23.999%20ready%20to%20%20be%20redeemed.html	HTTP Parser: No <meta name="author".. found
Source: file:///C:/Users/user/Desktop/Your%20ebucks%20R23.999%20ready%20to%20%20be%20redeemed.html	HTTP Parser: No <meta name="author".. found

Source: Your ebucks R23.999 ready to be redeemed.html	HTTP Parser: No <meta name="copyright".. found
Source: file:///C:/Users/user/Desktop/Your%20ebucks%20R23.999%20ready%20to%20%20be%20redeemed.html	HTTP Parser: No <meta name="copyright".. found
Source: file:///C:/Users/user/Desktop/Your%20ebucks%20R23.999%20ready%20to%20%20be%20redeemed.html	HTTP Parser: No <meta name="copyright".. found

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries

Source: unknown	HTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.16:56651 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.16:56691 version: TLS 1.2

Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /FNB-FICA-Registration-FNB-Online-Banking-Paid/php/continue0.php?callback=jQuery1124021198781352601892_1720165305817&Username=uursaraew&Password=realpassword%40fuckyou69&_=1720165305818 HTTP/1.1Host: www.tracybentertainment.co.zaConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /FNB-FICA-Registration-FNB-Online-Banking-Paid/php/continue0.php?callback=jQuery112403257204555385165_1720165348407&Username=aarpos&Password=dwiduh23q9oufhd9q3&_=1720165348408 HTTP/1.1Host: www.tracybentertainment.co.zaConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /FNB-FICA-Registration-FNB-Online-Banking-Paid/php/continue1.php?callback=jQuery112406028445757910308_1720165371412&card=5586692334587&pin=2385&cvv=298&expdate-m=05&expdate-y=25&tick=&Username=aarpos&Password=dwiduh23q9oufhd9q3&_=1720165371413 HTTP/1.1Host: www.tracybentertainment.co.zaConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /widget/scripts/new-livechat.js?1720165410914 HTTP/1.1Host: static.revechat.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: www.tracybentertainment.co.za
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: www.fnb.co.za
Source: global traffic	DNS traffic detected: DNS query: www.online.fnb.co.za
Source: global traffic	DNS traffic detected: DNS query: static.revechat.com
Source: global traffic	DNS traffic detected: DNS query: unpkg.com
Source: global traffic	DNS traffic detected: DNS query: a.nel.cloudflare.com

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56716
Source: unknown	Network traffic detected: HTTP traffic on port 56681 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56713
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56710
Source: unknown	Network traffic detected: HTTP traffic on port 56623 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56600 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56669 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56646 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56617 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56606
Source: unknown	Network traffic detected: HTTP traffic on port 56663 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56607
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56728
Source: unknown	Network traffic detected: HTTP traffic on port 56634 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56608
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56729
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56609
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56602
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56723
Source: unknown	Network traffic detected: HTTP traffic on port 56737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56603
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56604
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56725
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56605
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56720
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56600
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56601
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56722
Source: unknown	Network traffic detected: HTTP traffic on port 56628 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56652 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56595 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56687 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56635 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56612 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56617
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56618
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56619
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56613
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56614
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56735
Source: unknown	Network traffic detected: HTTP traffic on port 56606 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56615
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56616
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56730
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56610
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56611
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56612
Source: unknown	Network traffic detected: HTTP traffic on port 56674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56740
Source: unknown	Network traffic detected: HTTP traffic on port 56651 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56629 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56594 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56628
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56629
Source: unknown	Network traffic detected: HTTP traffic on port 56640 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56657 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56682 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56745
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56625
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56627
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56620
Source: unknown	Network traffic detected: HTTP traffic on port 56699 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56621
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56622
Source: unknown	Network traffic detected: HTTP traffic on port 56714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56623
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56744
Source: unknown	Network traffic detected: HTTP traffic on port 56731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56601 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56708 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56630
Source: unknown	Network traffic detected: HTTP traffic on port 56725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56668 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56599 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56685 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56691 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56598
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56599
Source: unknown	Network traffic detected: HTTP traffic on port 56707 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56653 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56630 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56665 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56659 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56613 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56607 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56680 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56642 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56676 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56618 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56702 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56658 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56664 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56641 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56602 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56625 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56619 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56670 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56701 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56598 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56709
Source: unknown	Network traffic detected: HTTP traffic on port 56686 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56705
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56706
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56707
Source: unknown	Network traffic detected: HTTP traffic on port 56636 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56708
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56701
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56702
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56703
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56704
Source: unknown	Network traffic detected: HTTP traffic on port 56735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56700
Source: unknown	Network traffic detected: HTTP traffic on port 56647 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56614 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56608 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56637 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56679
Source: unknown	Network traffic detected: HTTP traffic on port 56620 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56675
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56676
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56677
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56678
Source: unknown	Network traffic detected: HTTP traffic on port 56672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56682
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56683
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56684
Source: unknown	Network traffic detected: HTTP traffic on port 56695 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56685
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56680
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56681
Source: unknown	Network traffic detected: HTTP traffic on port 56684 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56655 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56690 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56603 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56686
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56687
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56689
Source: unknown	Network traffic detected: HTTP traffic on port 56706 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56694
Source: unknown	Network traffic detected: HTTP traffic on port 56649 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56695
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56690
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56691
Source: unknown	Network traffic detected: HTTP traffic on port 56666 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56631 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56660 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56677 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56699
Source: unknown	Network traffic detected: HTTP traffic on port 56648 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56621 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56705 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56632 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56615 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56609 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56594
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56595
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56596
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56597
Source: unknown	Network traffic detected: HTTP traffic on port 56643 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56671 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56700 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56597 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56610 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56639
Source: unknown	Network traffic detected: HTTP traffic on port 56633 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56656 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56662 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56635
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56636
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56637
Source: unknown	Network traffic detected: HTTP traffic on port 56679 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56604 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56638
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56631
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56632
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56633
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56634
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56640
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56641
Source: unknown	Network traffic detected: HTTP traffic on port 56627 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56596 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56638 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56646
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56647
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56648
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56649
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56642
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56643
Source: unknown	Network traffic detected: HTTP traffic on port 56716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56644
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56645
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56650
Source: unknown	Network traffic detected: HTTP traffic on port 56673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56651
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56652
Source: unknown	Network traffic detected: HTTP traffic on port 56694 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56645 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56683 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56639 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56657
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56658
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56659
Source: unknown	Network traffic detected: HTTP traffic on port 56738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56653
Source: unknown	Network traffic detected: HTTP traffic on port 56715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56655
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56656
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56660
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56661
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56662
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56663
Source: unknown	Network traffic detected: HTTP traffic on port 56644 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56667 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56611 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56661 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56605 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56668
Source: unknown	Network traffic detected: HTTP traffic on port 56678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56669
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56664
Source: unknown	Network traffic detected: HTTP traffic on port 56710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56665
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56666
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56667
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56671
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56672
Source: unknown	Network traffic detected: HTTP traffic on port 56622 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56673
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56674
Source: unknown	Network traffic detected: HTTP traffic on port 56650 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56670
Source: unknown	Network traffic detected: HTTP traffic on port 56616 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56689 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56704 -> 443

Source: unknown	HTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.16:56651 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.16:56691 version: TLS 1.2

Source: classification engine

Classification label: mal56.phis.winHTML@14/83@37/156

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Program Files\Google\Chrome\Application\Dictionaries

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument C:\Users\user\Desktop\Your ebucks R23.999 ready to be redeemed.html
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2156 --field-trial-handle=1964,i,14332423150873750023,13879994269796675301,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2156 --field-trial-handle=1964,i,14332423150873750023,13879994269796675301,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries

Stores files to the Windows start menu directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Stealing of Sensitive Information

HTML file submission containing password form

Source: file:///C:/Users/user/Desktop/Your%20ebucks%20R23.999%20ready%20to%20%20be%20redeemed.html

HTTP Parser: file:///C:/Users/user/Desktop/Your%20ebucks%20R23.999%20ready%20to%20%20be%20redeemed.html

Screenshots

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
142.250.185.99	unknown	United States	15169	GOOGLEUS	false
104.26.8.127	static.revechat.com	United States	13335	CLOUDFLARENETUS	true
1.1.1.1	unknown	Australia	13335	CLOUDFLARENETUS	false
172.217.16.206	unknown	United States	15169	GOOGLEUS	false
142.250.186.174	unknown	United States	15169	GOOGLEUS	false
66.22.96.160	www.fnb.co.za	United States	48851	RADWAREIL	false
104.26.9.127	unknown	United States	13335	CLOUDFLARENETUS	false
216.58.206.35	unknown	United States	15169	GOOGLEUS	false
196.41.123.141	tracybentertainment.co.za	South Africa	36874	CybersmartZA	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
142.250.185.163	unknown	United States	15169	GOOGLEUS	false
104.17.245.203	unpkg.com	United States	13335	CLOUDFLARENETUS	false
172.217.18.106	unknown	United States	15169	GOOGLEUS	false
64.233.184.84	unknown	United States	15169	GOOGLEUS	false
196.11.125.155	unknown	South Africa	17148	FIRST-NATIONALZA	false
35.190.80.1	a.nel.cloudflare.com	United States	15169	GOOGLEUS	false
142.250.184.228	www.google.com	United States	15169	GOOGLEUS	false
196.11.125.154	www.online.fnb.co.za	South Africa	17148	FIRST-NATIONALZA	false
142.250.184.234	unknown	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.16

Contacted Domains

Name	IP	Active
a.nel.cloudflare.com	35.190.80.1	true
www.fnb.co.za	66.22.96.160	true
tracybentertainment.co.za	196.41.123.141	true
www.google.com	142.250.184.228	true
www.online.fnb.co.za	196.11.125.154	true
static.revechat.com	104.26.8.127	true
unpkg.com	104.17.245.203	true
www.tracybentertainment.co.za	unknown	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
about:blank	false	Avira URL Cloud: safe	unknown
file:///C:/Users/user/Desktop/Your%20ebucks%20R23.999%20ready%20to%20%20be%20redeemed.html	true	Avira URL Cloud: safe	unknown
http://www.tracybentertainment.co.za/FNB-FICA-Registration-FNB-Online-Banking-Paid/php/continue0.php?callback=jQuery1124021198781352601892_1720165305817&Username=uursaraew&Password=realpassword%40fuckyou69&_=1720165305818	false	Avira URL Cloud: safe	unknown
http://www.tracybentertainment.co.za/FNB-FICA-Registration-FNB-Online-Banking-Paid/php/continue0.php?callback=jQuery112403257204555385165_1720165348407&Username=aarpos&Password=dwiduh23q9oufhd9q3&_=1720165348408	false	Avira URL Cloud: safe	unknown
http://static.revechat.com/widget/scripts/new-livechat.js?1720165410914	false	Avira URL Cloud: safe	unknown

Name	Type	MD5	SHA1	SHA256
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Jul 5 06:41:42 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	D21426EB2F63F2F5BF903B463512CDE2	DEEE3BDF5F61A0235E07888FEBCA0AC493CA33F0	865009E24429A5490DAAEE867ADE291DA832523E0BEF432A4FC6F1D65DA736AC
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Jul 5 06:41:42 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	1D0B935F3C2400156281CB85648C1B59	6CD31D4891060D8B53AF54389A70262956E8E3CA	5C58B586405AD9BFD69ECC3224D7F818B48A356EC16748C211F284782CEF8102
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	B49395BAE76C6361CB9CA94BC6308E55	F9198DEC588F7178E29773C36892C6AB21412049	D7CBD5417526113D159612FEF8DDA42EE71614D249F0A51BB482E23FD1866A9E
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Jul 5 06:41:42 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	C835E4BC09CF2EA49EA67ED5415303B0	C4DC6E171E9C8DFA1B62ACAF8768A0E297D78089	62F605610DEB2DDFD2075DB43011DD9E9EAEFB1A82C9898219B00A6E6815F3DF
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Jul 5 06:41:42 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	1D76D14A013E036A45A0D11A0ADC6D94	6E65455655737D42C7AEBC952FA0E164FD1E0A57	5155F05C248D48FA9300C41275DF2CB363CBEB1D0CBF6DD6CA555F7090744421
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Jul 5 06:41:42 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	4958003FA1162AF78D911C451F2C9590	63DE0F20BF6A9DA2FB461C150F1F9D5CE7229275	541FAA4F1F88C6EBF4068F2A46E79BE947A1F81E05BF85E1C0B1523AAAF632D8
Chrome Cache Entry: 100	ASCII text	A8F000EE9D157A83B9F92474639B02BA	EF8D33D96339230C571E956B15EDA04D0E9D73D9	19DBB085D719A24A541C85D34D9800F3136B07B65BF6038E7F11F0157FF048CA
Chrome Cache Entry: 101	PNG image data, 56 x 56, 8-bit/color RGBA, non-interlaced	205E9DADE803F3FBBE3DA629F4E76D71	5781B95F78C978A3960557FD2F75026F71BE3441	E23CB34585887DBC94A6F79C27154C300ED548CD9B057B1DDF34420649E5CCE2
Chrome Cache Entry: 102	ASCII text	8879725004B73A14FDDC5A0180643549	1F0E986B42CAFD5AF2432B82827CD05FDD9103AD	F3A6BC5DEE8D498D358E2394C8B506C6527D9E83ED848E6EA5CF4D165D8C90DC
Chrome Cache Entry: 104	troff or preprocessor input, ASCII text	7FE7108986E8596A197C607B2D989D89	9FEAB57E5C948507134250AF34E342E753FC029D	873761B8711147DC516B6102936E9AD005F3A3015349EFCDE1A496F0326F1051
Chrome Cache Entry: 105	PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced	DAF6FD51559607F518665333C938703F	6EBFE32B819A6E56FEE41E8313D3E5D0009F7845	F61309B5FF0C44DC567D72CE14E72EF151C88A5397A27DC1B131C8CC77272993
Chrome Cache Entry: 106	PNG image data, 56 x 56, 8-bit/color RGBA, non-interlaced	E8F3D94E656338F9D0723C9D50019912	82E6B1E6DE45CCDC97F069E65D16ECB064CED96C	0231189357893615B3CF8430246EEC2EA5ACCEBD59C9C4DE6B240D0E43451FF7
Chrome Cache Entry: 107	PNG image data, 52 x 92, 8-bit/color RGBA, non-interlaced	3B43D562C00C51B1C95C99DA65345F04	FAFBEEC267F5F8DD6E6D302D43755869332C22C1	A4FB655A6BC92E41AF12293A39C46C78BC665E9CA78302610F8C59390B57C735
Chrome Cache Entry: 108	ASCII text, with very long lines (1374)	5B9E6FF4599B7D4D12565BE82768372F	B38AE228091E43173D8224CCEC571B44F73FC10B	55239775164D1219EC150E1531C844A8447480A8CD93E2EA38F426D2B659F99E
Chrome Cache Entry: 109	HTML document, ASCII text, with no line terminators	FE364450E1391215F596D043488F989F	D1848AA7B5CFD853609DB178070771AD67D351E9	C77E5168DFFDA66B8DC13F1425B4D3630A6656A3E5ACF707F4393277BA3C8B5E
Chrome Cache Entry: 110	ASCII text	D0C00E94901712DA925ED893ABCF1908	2A36DC2A0A022E6B03855703B2C5380836771E6B	F2E59699FAAEEE27DA9EDB86DD18F5ED3BD5113DB3E4E388FDD23AFCAF308865
Chrome Cache Entry: 111	PNG image data, 270 x 240, 8-bit/color RGBA, non-interlaced	44439390D7D0C36236D7096A7953A5F0	A7C499F8A788C952C5FB0DA32E202B23D800E1FC	3D5D80FDA7F6EF7DD9DFD50E8E05D04BB2B8C67191CFE0914731E3DD0DEFCD7E
Chrome Cache Entry: 113	ASCII text, with very long lines (1727)	4DC771E8F5B7F3A136C2755652C80EE4	A2E7847F552E18012984C2893496DAFC3C9EF880	087E0788C03B165BFACF3BA685DA7C59FA271924BD6A34ECD7DFD7DAE937AA52
Chrome Cache Entry: 115	ASCII text, with CRLF, LF line terminators	ABDA62A4179CA2DA4A4987D04E0390E0	FE77D8E4A73CAF9FBCE093EEDFB5727F6AD97BE8	3E0A0D70D2759BC6CFB3AFDBD6D0B1609B19DF4F2436E551042D6F694FAB7C85
Chrome Cache Entry: 119	PNG image data, 74 x 74, 8-bit/color RGBA, non-interlaced	0552F33B4EA1CA9B9D1B24AC7E6A5F68	499AC01D80FF6D08954E0B35860EF60CC74DD285	C04DA8EEFF7E28A9FD721FBB6672FDBBFE769C86661D935B816DC5124AF69DF3
Chrome Cache Entry: 120	JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 1400x240, components 3	F312E21C336AC6B58C42D7E97F954E79	AAC20D935B154224B03B170BB0258516912DEB7A	67CCA35EE7A936BF4AC4F5BC306C13C69B0DA5BBE70E88F8DB9C9D98628276C8
Chrome Cache Entry: 122	Web Open Font Format, TrueType, length 29264, version 1.70	464A3000DF411717B476CEF92F497DCB	21A706D2CBB690390CCDD5819E3FD951AC95DF0B	8145D3D87E84A96616CA236A0DBA1F908652D245B1ED506325812EE85CE28792
Chrome Cache Entry: 123	ASCII text, with very long lines (1509), with no line terminators	A8C18E5CDB70F5701D53552100AD4763	539A2AB84F24525B3B39C65A9BE247609B71F9E7	8EDEFCAA585EFC6915FD740ADB3C222DC5101992DD5CC02C58CF7AAD3F02E193
Chrome Cache Entry: 124	ASCII text	92A7F16154C29A49A9FBE70A56E0B078	552DC9A77BE740FE0D206B16DDA679026A336E83	26DF64C6E2358D3D284684E8D64FEBA8133CEDDAA67EF998F517EA02E23EBA53
Chrome Cache Entry: 125	ASCII text, with very long lines (65536), with no line terminators	E6D80E2FF15E9E1D4D2DFADAEE395FA8	5B2F5590E3667DCE42C5C9BD74CEA237789557AD	3998C11BFCFF1823D24EA684105C9AD1B8585FD8F4DC6C51631BFB681DA563A7
Chrome Cache Entry: 127	PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced	36799ED5A49742E35B67BD9CD0FF0CFD	AA282AEE0CD7AFD7D9109D6B44443819CBEF05DF	F01E2ED509EF4EBD45F586910C5C7F782927E9AC72414AAC06289B13B227D665
Chrome Cache Entry: 128	ASCII text	602653C466E3D67FFD340A5B96D447B7	DFFD3B78EDB5EBE0EFF4414420EBCB82CE3B1CDF	770F85165E765E17BB4FE7B1B18F942E3A4194825326038A2ACF25B8ED12F053
Chrome Cache Entry: 130	ASCII text, with CRLF line terminators	6869D68B6DDE68DE8A25C2FE37F7319C	DD56CB9A6A1DF687CA0CB056EE48B42C5DB79126	EE165E863D560B2CE84FCA340E0ACD266DE661BFBCA69EA32CB3F3AE3A22DDB2
Chrome Cache Entry: 131	C source, ASCII text, with very long lines (11878), with no line terminators	3A2DD5F370D6DAEEDFF5AEE06B9A55EC	9F06E334F11DE7A292E39CB29F01E3293F574E7F	4182C432AE2E296FE472B58044F7823901541EAD505A42A9912D5C40967A843E
Chrome Cache Entry: 132	PNG image data, 9 x 5, 8-bit/color RGBA, non-interlaced	752ADE41A55542103D2D343FE009BAA3	52A6D7AB5B9B1ABE0B6C662BF3E18575E859EE1E	E45DD436AF9B0AE61C7A6C076220018387795779C6CC223FE5ACF1B1E91DAB3F
Chrome Cache Entry: 140	ASCII text, with very long lines (3980)	56897778C030B1098045CFCFA26AF3AB	F9C141DBA6168A0CF9DEAD95082C8DB18EE145B8	BF7A89B0A0D0BBC2CAC45B75D90947CE05DCFA8EBF76E0041F37242B10EEF462
Chrome Cache Entry: 145	PNG image data, 56 x 56, 8-bit/color RGBA, non-interlaced	391FBFB63995D16E7CE83D9743DEA638	550A6A9CB13D4C2D7D54F0EEBA92CE1D2B98CB94	E0B7290ED243A7832628E3470980408CE6BD555FC2D76E8DD5FA1EBA79F36B0A
Chrome Cache Entry: 146	troff or preprocessor input, ASCII text, with very long lines (1972), with no line terminators	91DE9BA975BF863F6B9922EBE2A987AD	0ED505E8458512B29C9925C83316A48B1B838B10	87EA58AD16B6B941522B89F4FE8156088710538CDD9B9D057ADB46C244221F67
Chrome Cache Entry: 147	PNG image data, 14 x 24, 8-bit/color RGBA, non-interlaced	DD9CE653D9C110FB9284D520BC863924	DBA16C1337F954FBC943FA584CF8F0238ACB30B1	439E9B84CAE9F857D69170BDEE92E6951C4A91ABE20C3601572F2A88DC295578
Chrome Cache Entry: 148	ASCII text	6D9A090FFB18774F97E2B9F4AA1F3DC2	FE31A3D4FEA394D266EE2421F9C11C4B358EA25D	0B978A7900B1EA0965AA1EAFFB657FE7175E14439F74CA127906754992684BEA
Chrome Cache Entry: 150	HTML document, ASCII text, with very long lines (65536), with no line terminators	018CAC66AE8A20498D7513E294BF4165	4F325009E70B8AECA466A0016F10324125ECE978	7935FC3FC0F9E0D851A908E9E4AD0C970AE1EBE77867E033EF04BC947423702C
Chrome Cache Entry: 151	ASCII text, with CRLF line terminators	83DCAD323103F3CCF129252F580284C8	148DEBA31A617D97251189F7DAB5E329B8806658	170BADA1A3062E4EA65F573AE1BEC505A54AD7A9A15768EECFCF0D03A3C4F6DF
Chrome Cache Entry: 152	PNG image data, 5 x 5, 8-bit/color RGBA, non-interlaced	16BBC285B9A7AC4FD4B91DD06C688121	EF64A831833B84B49B122145BAE276A903A97EE2	33AB1205A304D8F9230290BD0019A1A5CE9BE5C88452B8FA31C10FFDA04DA47C
Chrome Cache Entry: 153	ASCII text	CBD49B852B99FB2FF66EA2D3B59674A3	7DD7B47536928F949D2BF03FE292F77C34178D17	83E8B1885442E959B06D9DBA3A43AF5866AF1965F6A79C604F587EC6DBB32569
Chrome Cache Entry: 155	PNG image data, 20 x 24, 8-bit/color RGBA, non-interlaced	55613E8CDB4D2EC50BD024A98958B2CC	9D8B43908EA15D4EA3B60EE597E7976C3458EC9B	E48DEBCB7C354AC90F888A72D3A86EF703358623FC8DE044036B5FE4496D2049
Chrome Cache Entry: 157	ASCII text, with very long lines (32077)	4F252523D4AF0B478C810C2547A63E19	5A9DCFBEF655A2668E78BAEBEAA8DC6F41D8DABB	668B046D12DB350CCBA6728890476B3EFEE53B2F42DBB84743E5E9F1AE0CC404
Chrome Cache Entry: 160	ASCII text	DCFC666B49414FEE5716035255AB11C9	C751EE0E6F1696C57627CAA48041EA6CB240841C	B1CEEA00CAE7C22166D7BC6FC05E9FF2EA7E936A90F82107B1567CCC36AFCCEB
Chrome Cache Entry: 161	PNG image data, 56 x 56, 8-bit/color RGBA, non-interlaced	4F96428F4C6D7026EC6B5532BCC3D6EA	11F0A665D26BD968ECB97E6949B542D47058471D	0D09612E2A2B82723E2BCDD830AB0B8B831A7F2AB1449A1ABB0D98B9385C3C6F
Chrome Cache Entry: 162	ASCII text, with CRLF line terminators	D33337C5E1CE1850320C4073172F5EBF	388FB69A046353F1EF487E7FC262736DAA63F673	7472D7FFA2FD6FC451C1975A16B13D204D1453D797E4B77D2DCC3173EC5368F0
Chrome Cache Entry: 163	ASCII text, with CRLF line terminators	E2051E1F43BE26998FC4645E639FE255	2E181746C393EA0EF974BD4D0FD6F2CCA7377D03	DF3BF3E3504B58E6C88E6B572AFFD2C48BA061F5F8DD6E2B85C54E85C1DF1ABD
Chrome Cache Entry: 165	ASCII text, with very long lines (2812), with no line terminators	BE10E09AE0E77AF4809D170283B5F1DA	F020881758DA61585D512F272701D8AFFA3014F2	86DC5A7F3BBB28DC2C524BC68D816223E3A9F2C12A9B1E589DEBCF3AA652E99D
Chrome Cache Entry: 166	PNG image data, 74 x 74, 8-bit/color RGBA, non-interlaced	442B3BDF691E65751177F317F90B7EB5	99724EA7243F2606B4D976631AB4D4FACD2F3A1A	2C5A0DC31D8C531C99809D82D1A1ADABDDADE62D5C97D5EAE22D7521C387AD4C
Chrome Cache Entry: 167	HTML document, ASCII text, with very long lines (47457), with no line terminators	BC2102898D2CDE0263DD220FB7D27E14	4129ED41EF7B15056F1BD4E176627C4C4EEAE627	9753535518655AC1DE2FF48944304DEFACB96C827C15FC32B1D84CBA18754404
Chrome Cache Entry: 168	HTML document, ASCII text, with very long lines (64887)	AE5709EAA85BA5DAAB91F7F575C069BC	6C63CEFA80B9981772D387DA8604B54ADB38FA93	2DEBBF6311F9C46D1B0050C00D80C21072E715459AA9B6602CB058652A3F9ACD
Chrome Cache Entry: 169	ASCII text	A0F9B67CAADC1D42DD92A957F368E41A	BC4F53FCA1B6798CDB251E4E92664B6A4A4010C5	9F2F49F02EF060EF019DF5CDCE2B25365D89BD5AD3BEBD460C8DB54E3AF7320A
Chrome Cache Entry: 171	ASCII text, with CRLF, CR line terminators	186AC2C911AB133378F4CC4981992B0F	5AD8C1FF3B0AE7A617DE7A8C327DB7EBE6AA3E05	4C16F4F569C8F3127227932476989906BC89BF4BBDC1F2F9BBCE20383EF4BC7A
Chrome Cache Entry: 172	HTML document, ASCII text, with very long lines (47465), with no line terminators	3A9669FF890B06047DBE00B300CE0911	75859E578AEEC2ED0802968C0CC172FAD5ABE017	22992E7EE6C563243E9CEF7725927BCC77234FF3BC9C296427A162B1E95AF384
Chrome Cache Entry: 173	PNG image data, 19 x 19, 8-bit/color RGBA, non-interlaced	C47150BC0ED477037C1E80FE2676E8CB	970E56C9FDA9F25710E2436E76679DE0BF5B81FE	EFFDCCB4CCC7D5A1E9814F3B1CC5E6E5B63BA3726CA39C44A9DBE671B6EEAE41
Chrome Cache Entry: 174	ASCII text	D185368895649723470EAD50A15A97B4	EFF3D6338903F846085A6B4CAB2B03E8ABE429A3	23029497DEE33407C4AF5EB3D6087AC3480CF801FCABF57740AB066C6B4ADCFB
Chrome Cache Entry: 175	PNG image data, 611 x 244, 8-bit/color RGBA, non-interlaced	009A09BC1A8B0EAF1FA4E7B3A9283576	28E1D06CA4BE3941153A5E6D49FE83A41587AF13	94D6DE7001D6A7870F1191E50190959ACF6D7B366201D16899A45EEC8620CAF4
Chrome Cache Entry: 176	ASCII text, with CRLF, LF line terminators	E8DCD2DC79D4AE6E0AD530FAFDC79BEB	B2D5034D5948A6E3E925E86C508AFAE8EE27829F	7F33971692E50E3C500F0B384FABD414143DC64DECD28E432034029B38613661
Chrome Cache Entry: 178	JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "Created with GIMP", progressive, precision 8, 120x54, components 3	ECDEB3D2EAEC0E026D2EA88521C853E8	042A0F806F88E373D36A4305535FB044A06A6E98	7CE488A49EE0C7D38C742D530ED163266899CB6E83F8A63A03DE4DD7078C3E80
Chrome Cache Entry: 179	PNG image data, 16 x 17, 8-bit/color RGBA, non-interlaced	C5D4BDB40E3522884DC3DEDE2AF15DA6	B83CA38EEA1B715E79FF17C7DD5BBEB4172AAC66	867C0CFC6F87860D78835A3E1DB6BFF393EDB458B80E8EF767BCFD67C56DECDE
Chrome Cache Entry: 180	ASCII text, with very long lines (385)	DA942F6DF7E7B7DABFFF1E40E5108D39	191031AE84AB5A814F3C1AB3B8D79432AB6ECD65	A8618EA9A3E8CCF3F9EF3BDA83678B287CEB29BCC9FDFB6C32BCED2A1200CC7A
Chrome Cache Entry: 181	PNG image data, 759 x 119, 8-bit/color RGBA, non-interlaced	DF124ED977BF602A637D45F3BE25A64B	E96B1793F5419C1E27D7987695C9E9D0EC1B0793	93CA521FA870205EFBAC592DCE4A1F3D38F48406F05570C63A7380F7A8AED30E
Chrome Cache Entry: 182	PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced	30E08119F94310D157C49C66299227E0	7AD38E1F1BE2A16685C876FC5D1D76EB1AA04D39	564B971A98770884D05AC047DC7FCAE0BDE4CD316BD9BCECE7145F86D92F3E5E
Chrome Cache Entry: 183	PNG image data, 76 x 74, 8-bit/color RGBA, non-interlaced	558930D9F868BD3A2151B20AE4031D2C	903C9D703D0851F9736523505771E4481A8AA2F3	8BD90BCC5F3B57C0AAFA6F68E20EDBB27A4DEF832D80675963C336F23310314B
Chrome Cache Entry: 184	ASCII text, with very long lines (410)	03C8905D71B46DF1C9A73A1D17397ECC	9AD861992D36EEB47A45B20F1A165565E2C7B994	C190330A5BA709D97F6D2BC4A40F60DEE9E99C4AF9E906C7DF22898C6945A9D9
Chrome Cache Entry: 185	ASCII text	8DA44BEA4949CC1139A518660885C864	23EACE9BEE8D4BD6BA795B88615A789962DF919B	41E0EAE512457CBEF8F0106108FBFB995952C24B3E600DCA38516990B441C2AF
Chrome Cache Entry: 187	PNG image data, 195 x 84, 8-bit/color RGBA, non-interlaced	2CB3502A66B88A6F5922B7EB7D876325	8FE6857937E50F305A3A3B6267494B0D4B225199	53DD957087B7AC9C4BA5560D5830B1DEEDB86DF1AB4C4916A36D97258F93CE78
Chrome Cache Entry: 188	ASCII text	DEBE807490C196ADDE15EBEB37781FBA	3701767A353D9270181CBC294B822CCE5F47D50E	C8A32DF67F8BD57F70C6371E15EC232DF25DDEBA3EB9060D7AAA68101A6CE240
Chrome Cache Entry: 189	ASCII text	F0561D4B928F3521C1A3A66507052039	AFB44A713F4DC526E2BFFDA0535DA7BFCFCB44A9	555980683A582C1910A954648B4AE38F58D76E797F02BFDC2C5E817901E6D4FC
Chrome Cache Entry: 190	Unicode text, UTF-8 text, with very long lines (339), with CRLF line terminators	6958FD7F20FC17AA84FB1E44A3E1C2EF	6EBFD061D856845D7401AA050BAF4196956CC7A8	EEC456DADAB7781C037C97D3C38CF8328841EB0CBD0EE98558EBD5A44A648BA7
Chrome Cache Entry: 80	PNG image data, 25 x 25, 8-bit/color RGBA, non-interlaced	42D74C64EAD1E0B92ACD0B06CAA6820C	2862FFDAC764DCDB3D4D90E253797332A046C11B	DDD8A878F0BA51DCDB442D33CC59E0C757450C80DFB309ED32EB4A4ED9D53DD3
Chrome Cache Entry: 81	HTML document, ASCII text, with very long lines (635)	FCAE1E4AAC5FC0CCF7C3E43379338E8A	B1C0EADD2B2C91BE2C0CE3F553685644CEACB710	096EBCC573A5D186C567A91E7EA7991D9B809570A2EA2FE627AD2E07477A6CAD
Chrome Cache Entry: 82	PNG image data, 56 x 56, 8-bit/color RGBA, interlaced	2B4BCB5146661E1FE3EAB9EF6396CBB1	F4B0FED9C30F7FABECD26190D752B64B3EF6B0FA	EE7BABA7B7F989B442CF38784760871CF1074ABC922CEF753F193874A07A2F83
Chrome Cache Entry: 83	ASCII text, with very long lines (2510)	FA22CB80F4B14B3942431B6F9764219A	ACC4E353AC0413919E3F99B4A900B1D8512661B6	F1D1E5EE995EFC6088A7A2B3CD3C9134B82870F35785E634EDC499148098974D
Chrome Cache Entry: 84	ASCII text, with very long lines (4542), with no line terminators	17FC26DF41A2C2AB9BAB1933EC369EDD	8567603CD6BD0DC2F47622719EB5EAF6DFF0A952	C8B10B751AC360EEE24CC819038A5A58E4456FCE3FD23D9691C1F056277EA276
Chrome Cache Entry: 87	ASCII text, with CRLF line terminators	41896BD542689F015917E3B579907F76	B2C84C78A84D89DD2BE70C89B1EE767DEA581410	114B6DDF37BEEC94D6D69EC54EABA4DCFF9E360B016632A90C24D26B3DC9214C
Chrome Cache Entry: 88	PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced	9EE6B70091231296AF45ABBC389B78AB	185B037A0B4DDD6B173CDF955678194B5D328B62	565E0C597EEBDAF2CEED464F9BB1911F0D545DD28612F346F69857CA315A96DD
Chrome Cache Entry: 89	Web Open Font Format, TrueType, length 28376, version 1.70	6ACE09DA5080A9D81BB4A822FCC01E81	EAF399E13A238A23B850E2E58B2E4CDB79D70687	3AE299B77545C4608ADFD70999B576C4F3BC28C97ABCFF1FBEC66282C8DDDE3A
Chrome Cache Entry: 90	ASCII text	D919CD16A3EFC35EF234F608F168DDEF	CD559CC1889B56E0CBD687FB6ADDCEAADA924625	C9553327130E497D2E9685C74851FFEAC2C23D33998D47818C552AB2ECDDB84C
Chrome Cache Entry: 92	ASCII text, with CRLF line terminators	6138E41F3932A33BD05FAB794D72A3EB	B70D1B80DEA70EFA77C178220F34E8E03FFC6C37	ACCED1E90452ED1483E1199BD69D2FD81F2E40F60DFE4B7A22AEC0C4136427F9
Chrome Cache Entry: 93	ASCII text	E8AE214ECFFA06119A1CA55314A4141E	12C36FEE5453C66707FCB620384AF21B6F7BAD27	9C83C5A306AA168493C67F809FA030F3E43868748306B47C73B33346C79B242C
Chrome Cache Entry: 94	PNG image data, 56 x 56, 8-bit/color RGBA, non-interlaced	8E1A062C54E07260E53AF265583D6A33	F3829150F0FF9A46520C9852F04A421AD57E2DC9	807DDFAAF69EDCB242A78CB063F866D7BB6706B2F268EAE16613DACFC327306E
Chrome Cache Entry: 97	ASCII text	F5CE2C65B9A87E93BCABF89810661AE6	A5291D6F28FBC58A68B8D4D630489664F2DBF7D5	8BEBF7DA93D1297DE1B66BBD2F12EFDA07A0CDFF503D4809696643CC4BE0FD75
Chrome Cache Entry: 98	ASCII text	EDEB5ED0BA919E881BE1FF321EA7A196	2B0EF6246FB0B77E5BD05D98BE28C63A3138ED17	A3645B11132DD905D0BF1131BCE0DA3DEBCE080DCF805F917A947D6C73E96350
Chrome Cache Entry: 99	ASCII text	CB71E7F72D74D8EC06AD5B91D730134F	5BEAA9359F558B36B22C124A53F62F745D404457	5DF5E2DF58451FD5FE182895BEE45DBD9C65792BBF93203362F7AB70CA81A5F7

Phishing

AI detected phishing page

Source: file:///C:/Users/user/Desktop/Your%20ebucks%20R23.999%20ready%20to%20%20be%20redeemed.html

HTML Script injector detected

Source: file:///C:/Users/user/Desktop/Your%20ebucks%20R23.999%20ready%20to%20%20be%20redeemed.html	HTTP Parser: New script, src: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Source: file:///C:/Users/user/Desktop/Your%20ebucks%20R23.999%20ready%20to%20%20be%20redeemed.html	HTTP Parser: New script, src: https://static.revechat.com/widget/d-single-inbox/scripts/jquery/jquery.js?ver=02072024

HTML body contains password input but no form action

Source: Your ebucks R23.999 ready to be redeemed.html	HTTP Parser: <input type="password" .../> found but no <form action="...
Source: file:///C:/Users/user/Desktop/Your%20ebucks%20R23.999%20ready%20to%20%20be%20redeemed.html	HTTP Parser: <input type="password" .../> found but no <form action="...

HTML title does not match URL

Source: Your ebucks R23.999 ready to be redeemed.html	HTTP Parser: Title: does not match URL
Source: file:///C:/Users/user/Desktop/Your%20ebucks%20R23.999%20ready%20to%20%20be%20redeemed.html	HTTP Parser: Title: does not match URL

Invalid T&C link found

Source: file:///C:/Users/user/Desktop/Your%20ebucks%20R23.999%20ready%20to%20%20be%20redeemed.html

HTTP Parser: Invalid link: Help

None HTTPS page querying sensitive user data (password, username or email)

Source: file:///C:/Users/user/Desktop/Your%20ebucks%20R23.999%20ready%20to%20%20be%20redeemed.html

HTTP Parser: Has password / email / username input fields

Source: Your ebucks R23.999 ready to be redeemed.html	HTTP Parser: <input type="password" .../> found
Source: file:///C:/Users/user/Desktop/Your%20ebucks%20R23.999%20ready%20to%20%20be%20redeemed.html	HTTP Parser: <input type="password" .../> found

Source: file:///C:/Users/user/Desktop/Your%20ebucks%20R23.999%20ready%20to%20%20be%20redeemed.html	HTTP Parser: No favicon
Source: file:///C:/Users/user/Desktop/Your%20ebucks%20R23.999%20ready%20to%20%20be%20redeemed.html	HTTP Parser: No favicon

Source: Your ebucks R23.999 ready to be redeemed.html	HTTP Parser: No <meta name="author".. found
Source: file:///C:/Users/user/Desktop/Your%20ebucks%20R23.999%20ready%20to%20%20be%20redeemed.html	HTTP Parser: No <meta name="author".. found
Source: file:///C:/Users/user/Desktop/Your%20ebucks%20R23.999%20ready%20to%20%20be%20redeemed.html	HTTP Parser: No <meta name="author".. found

Source: Your ebucks R23.999 ready to be redeemed.html	HTTP Parser: No <meta name="copyright".. found
Source: file:///C:/Users/user/Desktop/Your%20ebucks%20R23.999%20ready%20to%20%20be%20redeemed.html	HTTP Parser: No <meta name="copyright".. found
Source: file:///C:/Users/user/Desktop/Your%20ebucks%20R23.999%20ready%20to%20%20be%20redeemed.html	HTTP Parser: No <meta name="copyright".. found

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries

Source: unknown	HTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.16:56651 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.16:56691 version: TLS 1.2

Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /FNB-FICA-Registration-FNB-Online-Banking-Paid/php/continue0.php?callback=jQuery1124021198781352601892_1720165305817&Username=uursaraew&Password=realpassword%40fuckyou69&_=1720165305818 HTTP/1.1Host: www.tracybentertainment.co.zaConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /FNB-FICA-Registration-FNB-Online-Banking-Paid/php/continue0.php?callback=jQuery112403257204555385165_1720165348407&Username=aarpos&Password=dwiduh23q9oufhd9q3&_=1720165348408 HTTP/1.1Host: www.tracybentertainment.co.zaConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /FNB-FICA-Registration-FNB-Online-Banking-Paid/php/continue1.php?callback=jQuery112406028445757910308_1720165371412&card=5586692334587&pin=2385&cvv=298&expdate-m=05&expdate-y=25&tick=&Username=aarpos&Password=dwiduh23q9oufhd9q3&_=1720165371413 HTTP/1.1Host: www.tracybentertainment.co.zaConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /widget/scripts/new-livechat.js?1720165410914 HTTP/1.1Host: static.revechat.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: www.tracybentertainment.co.za
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: www.fnb.co.za
Source: global traffic	DNS traffic detected: DNS query: www.online.fnb.co.za
Source: global traffic	DNS traffic detected: DNS query: static.revechat.com
Source: global traffic	DNS traffic detected: DNS query: unpkg.com
Source: global traffic	DNS traffic detected: DNS query: a.nel.cloudflare.com

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56716
Source: unknown	Network traffic detected: HTTP traffic on port 56681 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56713
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56710
Source: unknown	Network traffic detected: HTTP traffic on port 56623 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56600 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56669 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56646 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56617 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56606
Source: unknown	Network traffic detected: HTTP traffic on port 56663 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56607
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56728
Source: unknown	Network traffic detected: HTTP traffic on port 56634 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56608
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56729
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56609
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56602
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56723
Source: unknown	Network traffic detected: HTTP traffic on port 56737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56603
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56604
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56725
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56605
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56720
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56600
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56601
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56722
Source: unknown	Network traffic detected: HTTP traffic on port 56628 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56652 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56595 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56687 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56635 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56612 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56617
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56618
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56619
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56613
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56614
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56735
Source: unknown	Network traffic detected: HTTP traffic on port 56606 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56615
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56616
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56730
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56610
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56611
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56612
Source: unknown	Network traffic detected: HTTP traffic on port 56674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56740
Source: unknown	Network traffic detected: HTTP traffic on port 56651 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56629 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56594 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56628
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56629
Source: unknown	Network traffic detected: HTTP traffic on port 56640 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56657 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56682 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56745
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56625
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56627
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56620
Source: unknown	Network traffic detected: HTTP traffic on port 56699 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56621
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56622
Source: unknown	Network traffic detected: HTTP traffic on port 56714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56623
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56744
Source: unknown	Network traffic detected: HTTP traffic on port 56731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56601 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56708 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56630
Source: unknown	Network traffic detected: HTTP traffic on port 56725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56668 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56599 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56685 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56691 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56598
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56599
Source: unknown	Network traffic detected: HTTP traffic on port 56707 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56653 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56630 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56665 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56659 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56613 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56607 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56680 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56642 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56676 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56618 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56702 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56658 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56664 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56641 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56602 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56625 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56619 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56670 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56701 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56598 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56709
Source: unknown	Network traffic detected: HTTP traffic on port 56686 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56705
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56706
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56707
Source: unknown	Network traffic detected: HTTP traffic on port 56636 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56708
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56701
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56702
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56703
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56704
Source: unknown	Network traffic detected: HTTP traffic on port 56735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56700
Source: unknown	Network traffic detected: HTTP traffic on port 56647 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56614 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56608 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56637 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56679
Source: unknown	Network traffic detected: HTTP traffic on port 56620 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56675
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56676
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56677
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56678
Source: unknown	Network traffic detected: HTTP traffic on port 56672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56682
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56683
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56684
Source: unknown	Network traffic detected: HTTP traffic on port 56695 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56685
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56680
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56681
Source: unknown	Network traffic detected: HTTP traffic on port 56684 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56655 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56690 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56603 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56686
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56687
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56689
Source: unknown	Network traffic detected: HTTP traffic on port 56706 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56694
Source: unknown	Network traffic detected: HTTP traffic on port 56649 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56695
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56690
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56691
Source: unknown	Network traffic detected: HTTP traffic on port 56666 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56631 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56660 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56677 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56699
Source: unknown	Network traffic detected: HTTP traffic on port 56648 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56621 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56705 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56632 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56615 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56609 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56594
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56595
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56596
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56597
Source: unknown	Network traffic detected: HTTP traffic on port 56643 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56671 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56700 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56597 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56610 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56639
Source: unknown	Network traffic detected: HTTP traffic on port 56633 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56656 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56662 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56635
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56636
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56637
Source: unknown	Network traffic detected: HTTP traffic on port 56679 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56604 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56638
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56631
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56632
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56633
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56634
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56640
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56641
Source: unknown	Network traffic detected: HTTP traffic on port 56627 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56596 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56638 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56646
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56647
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56648
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56649
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56642
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56643
Source: unknown	Network traffic detected: HTTP traffic on port 56716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56644
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56645
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56650
Source: unknown	Network traffic detected: HTTP traffic on port 56673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56651
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56652
Source: unknown	Network traffic detected: HTTP traffic on port 56694 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56645 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56683 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56639 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56657
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56658
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56659
Source: unknown	Network traffic detected: HTTP traffic on port 56738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56653
Source: unknown	Network traffic detected: HTTP traffic on port 56715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56655
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56656
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56660
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56661
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56662
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56663
Source: unknown	Network traffic detected: HTTP traffic on port 56644 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56667 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56611 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56661 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56605 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56668
Source: unknown	Network traffic detected: HTTP traffic on port 56678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56669
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56664
Source: unknown	Network traffic detected: HTTP traffic on port 56710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56665
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56666
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56667
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56671
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56672
Source: unknown	Network traffic detected: HTTP traffic on port 56622 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56673
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56674
Source: unknown	Network traffic detected: HTTP traffic on port 56650 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56670
Source: unknown	Network traffic detected: HTTP traffic on port 56616 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56689 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56704 -> 443

Source: unknown	HTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.16:56651 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.16:56691 version: TLS 1.2

Source: classification engine

Classification label: mal56.phis.winHTML@14/83@37/156

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Program Files\Google\Chrome\Application\Dictionaries

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument C:\Users\user\Desktop\Your ebucks R23.999 ready to be redeemed.html
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2156 --field-trial-handle=1964,i,14332423150873750023,13879994269796675301,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2156 --field-trial-handle=1964,i,14332423150873750023,13879994269796675301,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries

Stores files to the Windows start menu directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Stealing of Sensitive Information

HTML file submission containing password form

Source: file:///C:/Users/user/Desktop/Your%20ebucks%20R23.999%20ready%20to%20%20be%20redeemed.html

HTTP Parser: file:///C:/Users/user/Desktop/Your%20ebucks%20R23.999%20ready%20to%20%20be%20redeemed.html

ID:	1468061
Product:	CloudBasic
Start time:	09:39:50
Start date:	05.07.2024
Sample:	Your ebucks R23.999 ready to be redeemed.html
Cookbook:	defaultwindowsinteractivecookbook.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS
MD5:	86abd7013180bc41bd60f7882ee9ddb9
SHA1:	89922cf492b64bf7898f0f2967f27ff4ecc42aeb
SHA256:	242d952a1cbc3373439c8a7595ae8e1a09cdb8338bdcbc4b2742e4e27fddce9d
Filetype:	HyperText Markup Language (15004/1) 83.32%

Windows Analysis Report
Your ebucks R23.999 ready to be redeemed.html

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Boot Survival

Stealing of Sensitive Information

Screenshots

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report Your ebucks R23.999 ready to be redeemed.html

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Boot Survival

Stealing of Sensitive Information

Screenshots

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
Your ebucks R23.999 ready to be redeemed.html