IOC Report
Status Update DXLG.html

loading gif

Files

File Path
Type
Category
Malicious
Status Update DXLG.html
HTML document, ASCII text, with CRLF line terminators
initial sample
 malicious
Chrome Cache Entry: 72
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 73
ASCII text, with very long lines (30837)
downloaded
Chrome Cache Entry: 74
ASCII text, with CRLF line terminators
dropped
Chrome Cache Entry: 75
PNG image data, 1000 x 875, 8-bit colormap, non-interlaced
dropped
Chrome Cache Entry: 76
data
downloaded
Chrome Cache Entry: 77
PNG image data, 1000 x 875, 8-bit colormap, non-interlaced
downloaded
Chrome Cache Entry: 78
Unicode text, UTF-8 (with BOM) text
downloaded
Chrome Cache Entry: 79
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 80
SVG Scalable Vector Graphics image
dropped

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "C:\Users\user\Desktop\Status Update DXLG.html"
 malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2060 --field-trial-handle=2004,i,2991644062417359334,16694786375516081327,262144 /prefetch:8
malicious

URLs

Name
IP
Malicious
file:///C:/Users/user/Desktop/Status%20Update%20%20DXLG.html
malicious
https://sdsdsd.chiliesdigital.co.za/app/stiktk.php
172.67.165.105
http://fontawesome.io
unknown
https://seeklogo.com/images/M/microsoft-exchange-logo-9D5C1A540A-seeklogo.com.png
104.21.84.83
https://images.seeklogo.com/logo-png/42/1/microsoft-exchange-logo-png_seeklogo-423163.png?v=638672668800000000
104.21.84.83
https://kasumbo.com/smarty/xls_v1.6/tail-spin.svg
108.178.43.142
https://logincdn.msftauth.net/shared/5/images/microsoft_logo_ee5c8d9fb6248c938fd0.svg
152.199.21.175
https://outlook.office365.com/Encryption/ErrorPage.aspx?src=0&code=10&be=DM8PR09MB6088&fe=BL1PR13CA0351.NAMPRD13.PROD.OUTLOOK.COM
40.99.60.2
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
104.17.25.14
https://www.w3schools.com/w3css/4/w3.css
192.229.133.221
http://fontawesome.io/license
unknown
There are 1 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
msonlineservice1r2kldzpcs.elixicraft.xyz
172.66.0.102
 malicious
_8443._https.msonlineservice1r2kldzpcs.elixicraft.xyz
unknown
 malicious
ooc-g2.tm-4.office.com
40.99.60.2
seeklogo.com
104.21.84.83
images.seeklogo.com
104.21.84.83
kasumbo.com
108.178.43.142
sdsdsd.chiliesdigital.co.za
172.67.165.105
cdnjs.cloudflare.com
104.17.25.14
cs837.wac.edgecastcdn.net
192.229.133.221
sni1gl.wpc.alphacdn.net
152.199.21.175
www.google.com
142.250.181.100
logincdn.msftauth.net
unknown
www.w3schools.com
unknown
outlook.office365.com
unknown
There are 4 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
172.66.0.102
msonlineservice1r2kldzpcs.elixicraft.xyz
United States
malicious
40.99.60.2
ooc-g2.tm-4.office.com
United States
104.21.84.83
seeklogo.com
United States
192.168.2.4
unknown
unknown
192.229.133.221
cs837.wac.edgecastcdn.net
United States
108.178.43.142
kasumbo.com
United States
172.67.165.105
sdsdsd.chiliesdigital.co.za
United States
142.250.181.100
www.google.com
United States
192.168.2.5
unknown
unknown
239.255.255.250
unknown
Reserved
152.199.21.175
sni1gl.wpc.alphacdn.net
United States
104.17.25.14
cdnjs.cloudflare.com
United States
There are 2 hidden IPs, click here to show them.

DOM / HTML

URL
Malicious
file:///C:/Users/user/Desktop/Status%20Update%20%20DXLG.html
 malicious
file:///C:/Users/user/Desktop/Status%20Update%20%20DXLG.html
 malicious
file:///C:/Users/user/Desktop/Status%20Update%20%20DXLG.html