Edit tour

Windows Analysis Report
Filtering Rules

Overview

General Information

Sample name:	Filtering Rules
Analysis ID:	1586205
MD5:	a97ea939d1b6d363d1a41c4ab55b9ecb
SHA1:	3669e6477eddf2521e874269769b69b042620332
SHA256:	97115a369f33b66a7ffcfb3d67c935c1e7a24fc723bb8380ad01971c447cfa9f

Errors No process behavior to analyse as no analysis process or sample was found Corrupt sample or wrongly selected analyzer. Details: invalid parameter

Detection

Score:	48
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus detection for URL or domain

Classification

Malware Configuration

⊘No configs have been found

Yara Signatures

⊘No yara matches

Sigma Signatures

⊘No Sigma rule has matched

Suricata Signatures

⊘No Suricata rule has matched

Joe Sandbox Signatures

• AV Detection
• Networking
• System Summary

Click to jump to signature section

Show All Signature Results

AV Detection

Antivirus detection for URL or domain

Source: https://gamescarousel.com/	Avira URL Cloud: Label: malware
Source: http://www.onclickmega.com/jump/next.php?	Avira URL Cloud: Label: malware
Source: https://albionsoftwares.com/	Avira URL Cloud: Label: malware
Source: http://pityhostngco2.xyz/	Avira URL Cloud: Label: malware
Source: https://fast-redirecting.com/	Avira URL Cloud: Label: malware

Source: Filtering Rules	String found in binary or memory: (a[href^="http://www.youtube.com/cthru?"] equals www.youtube.com (Youtube)
Source: Filtering Rules	String found in binary or memory: )a[href^="https://www.youtube.com/cthru?"] equals www.youtube.com (Youtube)
Source: Filtering Rules	String found in binary or memory: www.facebook.com/ajax/ads/ equals www.facebook.com (Facebook)
Source: Filtering Rules	String found in binary or memory: www.facebook.com0 equals www.facebook.com (Facebook)
Source: Filtering Rules	String found in binary or memory: www.youtube.com/get_midroll_ equals www.youtube.com (Youtube)

Source: Filtering Rules	String found in binary or memory: http://1phads.com/
Source: Filtering Rules	String found in binary or memory: http://360ads.go2cloud.org/
Source: Filtering Rules	String found in binary or memory: http://ad-apac.doubleclick.net/
Source: Filtering Rules	String found in binary or memory: http://ad-emea.doubleclick.net/
Source: Filtering Rules	String found in binary or memory: http://ad.au.doubleclick.net/
Source: Filtering Rules	String found in binary or memory: http://ad.doubleclick.net/
Source: Filtering Rules	String found in binary or memory: http://ad.yieldmanager.com/
Source: Filtering Rules	String found in binary or memory: http://adclick.g.doubleclick.net/
Source: Filtering Rules	String found in binary or memory: http://adf.ly/?id=
Source: Filtering Rules	String found in binary or memory: http://adlev.neodatagroup.com/
Source: Filtering Rules	String found in binary or memory: http://admrotate.iplayer.org/
Source: Filtering Rules	String found in binary or memory: http://adprovider.adlure.net/
Source: Filtering Rules	String found in binary or memory: http://adrunnr.com/
Source: Filtering Rules	String found in binary or memory: http://ads.betfair.com/redirect.aspx?
Source: Filtering Rules	String found in binary or memory: http://ads.expekt.com/affiliates/
Source: Filtering Rules	String found in binary or memory: http://ads.sprintrade.com/
Source: Filtering Rules	String found in binary or memory: http://ads2.williamhill.com/redirect.aspx?
Source: Filtering Rules	String found in binary or memory: http://adserver.adreactor.com/
Source: Filtering Rules	String found in binary or memory: http://adserver.adtech.de/
Source: Filtering Rules	String found in binary or memory: http://adserver.adtechus.com/
Source: Filtering Rules	String found in binary or memory: http://adserving.unibet.com/
Source: Filtering Rules	String found in binary or memory: http://adsrv.keycaptcha.com
Source: Filtering Rules	String found in binary or memory: http://adtrack123.pl/
Source: Filtering Rules	String found in binary or memory: http://adtrackone.eu/
Source: Filtering Rules	String found in binary or memory: http://adultfriendfinder.com/p/register.cgi?pid=
Source: Filtering Rules	String found in binary or memory: http://adultgames.xxx/
Source: Filtering Rules	String found in binary or memory: http://advertisesimple.info/
Source: Filtering Rules	String found in binary or memory: http://aff.ironsocket.com/
Source: Filtering Rules	String found in binary or memory: http://affiliate.coral.co.uk/processing/
Source: Filtering Rules	String found in binary or memory: http://affiliate.glbtracker.com/
Source: Filtering Rules	String found in binary or memory: http://affiliates.lifeselector.com/
Source: Filtering Rules	String found in binary or memory: http://affiliates.pinnaclesports.com/processing/
Source: Filtering Rules	String found in binary or memory: http://affiliates.score-affiliates.com/
Source: Filtering Rules	String found in binary or memory: http://affiliates.thrixxx.com/
Source: Filtering Rules	String found in binary or memory: http://aflrm.com/
Source: Filtering Rules	String found in binary or memory: http://allaptair.club/
Source: Filtering Rules	String found in binary or memory: http://amzn.to/
Source: Filtering Rules	String found in binary or memory: http://anonymous-net.com/
Source: Filtering Rules	String found in binary or memory: http://api.content.ad/
Source: Filtering Rules	String found in binary or memory: http://at.atwola.com/
Source: Filtering Rules	String found in binary or memory: http://axdsz.pro/
Source: Filtering Rules	String found in binary or memory: http://azmobilestore.co/
Source: Filtering Rules	String found in binary or memory: http://banners.victor.com/processing/
Source: Filtering Rules	String found in binary or memory: http://bc.vc/?r=
Source: Filtering Rules	String found in binary or memory: http://bcntrack.com/
Source: Filtering Rules	String found in binary or memory: http://bcp.crwdcntrl.net/
Source: Filtering Rules	String found in binary or memory: http://bestorican.com/
Source: Filtering Rules	String found in binary or memory: http://betahit.click/
Source: Filtering Rules	String found in binary or memory: http://bluehost.com/track/
Source: Filtering Rules	String found in binary or memory: http://bodelen.com/
Source: Filtering Rules	String found in binary or memory: http://bs.serving-sys.com/
Source: Filtering Rules	String found in binary or memory: http://buysellads.com/
Source: Filtering Rules	String found in binary or memory: http://c.actiondesk.com/
Source: Filtering Rules	String found in binary or memory: http://c.jumia.io/
Source: Filtering Rules	String found in binary or memory: http://c.ketads.com/
Source: Filtering Rules	String found in binary or memory: http://c43a3cd8f99413891.com/
Source: Filtering Rules	String found in binary or memory: http://campaign.bharatmatrimony.com/cbstrack/
Source: Filtering Rules	String found in binary or memory: http://campaign.bharatmatrimony.com/track/
Source: Filtering Rules	String found in binary or memory: http://campeeks.com/
Source: Filtering Rules	String found in binary or memory: http://casino-x.com/?partner
Source: Filtering Rules	String found in binary or memory: http://cdn.adsrvmedia.net/
Source: Filtering Rules	String found in binary or memory: http://cdn.adstract.com/
Source: Filtering Rules	String found in binary or memory: http://cdn3.adexprts.com/
Source: Filtering Rules	String found in binary or memory: http://chaturbate.com/affiliates/
Source: Filtering Rules	String found in binary or memory: http://click.payserve.com/
Source: Filtering Rules	String found in binary or memory: http://click.plista.com/pets
Source: Filtering Rules	String found in binary or memory: http://clickandjoinyourgirl.com/
Source: Filtering Rules	String found in binary or memory: http://clicks.binarypromos.com/
Source: Filtering Rules	String found in binary or memory: http://clickserv.sitescout.com/
Source: Filtering Rules	String found in binary or memory: http://clkmon.com/adServe/
Source: Filtering Rules	String found in binary or memory: http://codec.codecm.com/
Source: Filtering Rules	String found in binary or memory: http://cpaway.afftrack.com/
Source: Filtering Rules	String found in binary or memory: http://cwcams.com/landing/click/
Source: Filtering Rules	String found in binary or memory: http://czotra-32.com/
Source: Filtering Rules	String found in binary or memory: http://d2.zedo.com/
Source: Filtering Rules	String found in binary or memory: http://databass.info/
Source: Filtering Rules	String found in binary or memory: http://deloplen.com/
Source: Filtering Rules	String found in binary or memory: http://dftrck.com/
Source: Filtering Rules	String found in binary or memory: http://down1oads.com/
Source: Filtering Rules	String found in binary or memory: http://download-performance.com/
Source: Filtering Rules	String found in binary or memory: http://dwn.pushtraffic.net/
Source: Filtering Rules	String found in binary or memory: http://earandmarketing.com/
Source: Filtering Rules	String found in binary or memory: http://eclkmpsa.com/
Source: Filtering Rules	String found in binary or memory: http://elitefuckbook.com/
Source: Filtering Rules	String found in binary or memory: http://engine.newsmaxfeednetwork.com/
Source: Filtering Rules	String found in binary or memory: http://enter.anabolic.com/track/
Source: Filtering Rules	String found in binary or memory: http://espn.zlbu.net/
Source: Filtering Rules	String found in binary or memory: http://ethfw0370q.com/
Source: Filtering Rules	String found in binary or memory: http://farm.plista.com/pets
Source: Filtering Rules	String found in binary or memory: http://feedads.g.doubleclick.net/
Source: Filtering Rules	String found in binary or memory: http://ffxitrack.com/
Source: Filtering Rules	String found in binary or memory: http://fileboom.me/pr/
Source: Filtering Rules	String found in binary or memory: http://finaljuyu.com/
Source: Filtering Rules	String found in binary or memory: http://findersocket.com/
Source: Filtering Rules	String found in binary or memory: http://freesoftwarelive.com/
Source: Filtering Rules	String found in binary or memory: http://fsoft4down.com/
Source: Filtering Rules	String found in binary or memory: http://fusionads.net
Source: Filtering Rules	String found in binary or memory: http://g1.v.fwmrm.net/ad/
Source: Filtering Rules	String found in binary or memory: http://galleries.securewebsiteaccess.com/
Source: Filtering Rules	String found in binary or memory: http://globsads.com/
Source: Filtering Rules	String found in binary or memory: http://go.247traffic.com/
Source: Filtering Rules	String found in binary or memory: http://go.ad2up.com/
Source: Filtering Rules	String found in binary or memory: http://go.cm-trk2.com/
Source: Filtering Rules	String found in binary or memory: http://go.fpmarkets.com/
Source: Filtering Rules	String found in binary or memory: http://go.mobisla.com/
Source: Filtering Rules	String found in binary or memory: http://go.oclaserver.com/
Source: Filtering Rules	String found in binary or memory: http://go.seomojo.com/tracking202/
Source: Filtering Rules	String found in binary or memory: http://go.xtbaffiliates.com/
Source: Filtering Rules	String found in binary or memory: http://goldmoney.com/?gmrefcode=
Source: Filtering Rules	String found in binary or memory: http://googleads.g.doubleclick.net/pcs/click
Source: Filtering Rules	String found in binary or memory: http://greensmoke.com/
Source: Filtering Rules	String found in binary or memory: http://guideways.info/
Source: Filtering Rules	String found in binary or memory: http://hd-plugins.com/download/
Source: Filtering Rules	String found in binary or memory: http://homemoviestube.com/
Source: Filtering Rules	String found in binary or memory: http://hotcandyland.com/partner/
Source: Filtering Rules	String found in binary or memory: http://hpn.houzz.com/
Source: Filtering Rules	String found in binary or memory: http://hyperlinksecure.com/go/
Source: Filtering Rules	String found in binary or memory: http://igromir.info/
Source: Filtering Rules	String found in binary or memory: http://imads.integral-marketing.com/
Source: Filtering Rules	String found in binary or memory: http://install.securewebsiteaccess.com/
Source: Filtering Rules	String found in binary or memory: http://intent.bingads.com/
Source: Filtering Rules	String found in binary or memory: http://istri.it/?
Source: Filtering Rules	String found in binary or memory: http://join.hardcoreshemalevideo.com/
Source: Filtering Rules	String found in binary or memory: http://join.michelle-austin.com/
Source: Filtering Rules	String found in binary or memory: http://join.rodneymoore.com/
Source: Filtering Rules	String found in binary or memory: http://join.shemale.xxx/
Source: Filtering Rules	String found in binary or memory: http://join.shemalepornstar.com/
Source: Filtering Rules	String found in binary or memory: http://join.shemalesfromhell.com/
Source: Filtering Rules	String found in binary or memory: http://join.trannies-fuck.com/
Source: Filtering Rules	String found in binary or memory: http://join.ts-dominopresley.com/
Source: Filtering Rules	String found in binary or memory: http://join3.bannedsextapes.com/track/
Source: Filtering Rules	String found in binary or memory: http://k2s.cc/code/
Source: Filtering Rules	String found in binary or memory: http://k2s.cc/pr/
Source: Filtering Rules	String found in binary or memory: http://keep2share.cc/pr/
Source: Filtering Rules	String found in binary or memory: http://landingpagegenius.com/
Source: Filtering Rules	String found in binary or memory: http://latestdownloads.net/download.php?
Source: Filtering Rules	String found in binary or memory: http://linksnappy.com/?ref=
Source: Filtering Rules	String found in binary or memory: http://liversely.com/
Source: Filtering Rules	String found in binary or memory: http://liversely.net/
Source: Filtering Rules	String found in binary or memory: http://look.djfiln.com/
Source: Filtering Rules	String found in binary or memory: http://lp.ezdownloadpro.info/
Source: Filtering Rules	String found in binary or memory: http://lp.ncdownloader.com/
Source: Filtering Rules	String found in binary or memory: http://marketgid.com
Source: Filtering Rules	String found in binary or memory: http://media.paddypower.com/redirect.aspx?
Source: Filtering Rules	String found in binary or memory: http://mgid.com/
Source: Filtering Rules	String found in binary or memory: http://mmo123.co/
Source: Filtering Rules	String found in binary or memory: http://mob1ledev1ces.com/
Source: Filtering Rules	String found in binary or memory: http://n.admagnet.net/
Source: Filtering Rules	String found in binary or memory: http://onclickads.net/
Source: Filtering Rules	String found in binary or memory: http://online.ladbrokes.com/promoRedirect?
Source: Filtering Rules	String found in binary or memory: http://pan.adraccoon.com?
Source: Filtering Rules	String found in binary or memory: http://papi.mynativeplatform.com:80/pub2/
Source: Filtering Rules	String found in binary or memory: http://partners.etoro.com/
Source: Filtering Rules	String found in binary or memory: http://pityhostngco2.xyz/
Source: Filtering Rules	String found in binary or memory: http://play4k.co/
Source: Filtering Rules	String found in binary or memory: http://pokershibes.com/index.php?ref=
Source: Filtering Rules	String found in binary or memory: http://promos.bwin.com/
Source: Filtering Rules	String found in binary or memory: http://pubads.g.doubleclick.net/
Source: Filtering Rules	String found in binary or memory: http://pwrads.net/
Source: Filtering Rules	String found in binary or memory: http://reallygoodlink.extremefreegames.com/
Source: Filtering Rules	String found in binary or memory: http://reallygoodlink.freehookupaffair.com/
Source: Filtering Rules	String found in binary or memory: http://record.betsafe.com/
Source: Filtering Rules	String found in binary or memory: http://record.sportsbetaffiliates.com.au/
Source: Filtering Rules	String found in binary or memory: http://refer.webhostingbuzz.com/
Source: Filtering Rules	String found in binary or memory: http://refpa.top/
Source: Filtering Rules	String found in binary or memory: http://refpaano.host/
Source: Filtering Rules	String found in binary or memory: http://rs-stripe.wsj.com/stripe/redirect
Source: Filtering Rules	String found in binary or memory: http://s5prou7ulr.com/
Source: Filtering Rules	String found in binary or memory: http://s9kkremkr0.com/
Source: Filtering Rules	String found in binary or memory: http://searchtabnew.com/
Source: Filtering Rules	String found in binary or memory: http://secure.cbdpure.com/aff/
Source: Filtering Rules	String found in binary or memory: http://secure.hostgator.com/~affiliat/
Source: Filtering Rules	String found in binary or memory: http://secure.signup-page.com/
Source: Filtering Rules	String found in binary or memory: http://secure.vivid.com/track/
Source: Filtering Rules	String found in binary or memory: http://see-work.info/
Source: Filtering Rules	String found in binary or memory: http://see.kmisln.com/
Source: Filtering Rules	String found in binary or memory: http://semi-cod.com/clicks/
Source: Filtering Rules	String found in binary or memory: http://serve.williamhill.com/promoRedirect?
Source: Filtering Rules	String found in binary or memory: http://server.cpmstar.com/click.aspx?poolid=
Source: Filtering Rules	String found in binary or memory: http://servicegetbook.net/
Source: Filtering Rules	String found in binary or memory: http://sharesuper.info/
Source: Filtering Rules	String found in binary or memory: http://spygasm.com/track?
Source: Filtering Rules	String found in binary or memory: http://srvpub.com/
Source: Filtering Rules	String found in binary or memory: http://stateresolver.link/
Source: Filtering Rules	String found in binary or memory: http://static.fleshlight.com/images/banners/
Source: Filtering Rules	String found in binary or memory: http://syndication.exoclick.com/
Source: Filtering Rules	String found in binary or memory: http://t.wowtrk.com/
Source: Filtering Rules	String found in binary or memory: http://tc.tradetracker.net/
Source: Filtering Rules	String found in binary or memory: http://tezfiles.com/pr/
Source: Filtering Rules	String found in binary or memory: http://tour.mrskin.com/
Source: Filtering Rules	String found in binary or memory: http://track.afcpatrk.com/
Source: Filtering Rules	String found in binary or memory: http://track.trkvluum.com/
Source: Filtering Rules	String found in binary or memory: http://tracking.deltamediallc.com/
Source: Filtering Rules	String found in binary or memory: http://traffic.tc-clicks.com/
Source: Filtering Rules	String found in binary or memory: http://trafficare.net/
Source: Filtering Rules	String found in binary or memory: http://trk.mdrtrck.com/
Source: Filtering Rules	String found in binary or memory: http://ucam.xxx/?utm_
Source: Filtering Rules	String found in binary or memory: http://ul.to/ref/
Source: Filtering Rules	String found in binary or memory: http://uploaded.net/ref/
Source: Filtering Rules	String found in binary or memory: http://us.marketgid.com
Source: Filtering Rules	String found in binary or memory: http://vinfdv6b4j.com/
Source: Filtering Rules	String found in binary or memory: http://vo2.qrlsx.com/
Source: Filtering Rules	String found in binary or memory: http://wct.link/
Source: Filtering Rules	String found in binary or memory: http://web.adblade.com/
Source: Filtering Rules	String found in binary or memory: http://webgirlz.online/landing/
Source: Filtering Rules	String found in binary or memory: http://websitedhoome.com/
Source: Filtering Rules	String found in binary or memory: http://webtrackerplus.com/
Source: Filtering Rules	String found in binary or memory: http://wgpartner.com/
Source: Filtering Rules	String found in binary or memory: http://wopertific.info/
Source: Filtering Rules	String found in binary or memory: http://www.123-reg.co.uk/affiliate2.cgi
Source: Filtering Rules	String found in binary or memory: http://www.1clickdownloader.com/
Source: Filtering Rules	String found in binary or memory: http://www.FriendlyDuck.com/
Source: Filtering Rules	String found in binary or memory: http://www.TwinPlan.com/AF_
Source: Filtering Rules	String found in binary or memory: http://www.adbrite.com/mb/commerce/purchase_form.php?
Source: Filtering Rules	String found in binary or memory: http://www.adskeeper.co.uk/
Source: Filtering Rules	String found in binary or memory: http://www.adultdvdempire.com/?partner_id=
Source: Filtering Rules	String found in binary or memory: http://www.adultempire.com/unlimited/promo?
Source: Filtering Rules	String found in binary or memory: http://www.advcashpro.com/aff/
Source: Filtering Rules	String found in binary or memory: http://www.adxpansion.com
Source: Filtering Rules	String found in binary or memory: http://www.affiliates1128.com/processing/
Source: Filtering Rules	String found in binary or memory: http://www.afgr2.com/
Source: Filtering Rules	String found in binary or memory: http://www.afgr3.com/
Source: Filtering Rules	String found in binary or memory: http://www.amazon.co.uk/exec/obidos/external-search?
Source: Filtering Rules	String found in binary or memory: http://www.babylon.com/welcome/index?affID
Source: Filtering Rules	String found in binary or memory: http://www.badoink.com/go.php?
Source: Filtering Rules	String found in binary or memory: http://www.bet365.com/
Source: Filtering Rules	String found in binary or memory: http://www.bitlord.me/share/
Source: Filtering Rules	String found in binary or memory: http://www.bluehost.com/track/
Source: Filtering Rules	String found in binary or memory: http://www.cdjapan.co.jp/aff/click.cgi/
Source: Filtering Rules	String found in binary or memory: http://www.clkads.com/adServe/
Source: Filtering Rules	String found in binary or memory: http://www.coiwqe.site/
Source: Filtering Rules	String found in binary or memory: http://www.dealcent.com/register.php?affid=
Source: Filtering Rules	String found in binary or memory: http://www.dl-provider.com/search/
Source: Filtering Rules	String found in binary or memory: http://www.down1oads.com/
Source: Filtering Rules	String found in binary or memory: http://www.download-provider.org/
Source: Filtering Rules	String found in binary or memory: http://www.downloadplayer1.com/
Source: Filtering Rules	String found in binary or memory: http://www.downloadthesefiles.com/
Source: Filtering Rules	String found in binary or memory: http://www.downloadweb.org/
Source: Filtering Rules	String found in binary or memory: http://www.easydownloadnow.com/
Source: Filtering Rules	String found in binary or memory: http://www.fbooksluts.com/
Source: Filtering Rules	String found in binary or memory: http://www.firstclass-download.com/
Source: Filtering Rules	String found in binary or memory: http://www.firstload.com/affiliate/
Source: Filtering Rules	String found in binary or memory: http://www.firstload.de/affiliate/
Source: Filtering Rules	String found in binary or memory: http://www.flashx.tv/downloadthis
Source: Filtering Rules	String found in binary or memory: http://www.fleshlight.com/
Source: Filtering Rules	String found in binary or memory: http://www.fonts.com/BannerScript/
Source: Filtering Rules	String found in binary or memory: http://www.fpcTraffic2.com/blind/in.cgi?
Source: Filtering Rules	String found in binary or memory: http://www.freefilesdownloader.com/
Source: Filtering Rules	String found in binary or memory: http://www.friendlyadvertisements.com/
Source: Filtering Rules	String found in binary or memory: http://www.friendlyduck.com/AF_
Source: Filtering Rules	String found in binary or memory: http://www.friendlyquacks.com/
Source: Filtering Rules	String found in binary or memory: http://www.gamebookers.com/cgi-bin/intro.cgi?
Source: Filtering Rules	String found in binary or memory: http://www.getyourguide.com/?partner_id=
Source: Filtering Rules	String found in binary or memory: http://www.gfrevenge.com/landing/
Source: Filtering Rules	String found in binary or memory: http://www.graboid.com/affiliates/
Source: Filtering Rules	String found in binary or memory: http://www.greenmangaming.com/?tap_a=
Source: Filtering Rules	String found in binary or memory: http://www.hibids10.com/
Source: Filtering Rules	String found in binary or memory: http://www.hitcpm.com/
Source: Filtering Rules	String found in binary or memory: http://www.idownloadplay.com/
Source: Filtering Rules	String found in binary or memory: http://www.linkbucks.com/referral/
Source: Filtering Rules	String found in binary or memory: http://www.liutilities.com/
Source: Filtering Rules	String found in binary or memory: http://www.liversely.net/
Source: Filtering Rules	String found in binary or memory: http://www.menaon.com/installs/
Source: Filtering Rules	String found in binary or memory: http://www.mobileandinternetadvertising.com/
Source: Filtering Rules	String found in binary or memory: http://www.mrskin.com/tour
Source: Filtering Rules	String found in binary or memory: http://www.my-dirty-hobby.com/?sub=
Source: Filtering Rules	String found in binary or memory: http://www.myfreepaysite.com/sfw.php?aid
Source: Filtering Rules	String found in binary or memory: http://www.myfreepaysite.com/sfw_int.php?aid
Source: Filtering Rules	String found in binary or memory: http://www.mysuperpharm.com/
Source: Filtering Rules	String found in binary or memory: http://www.on2url.com/app/adtrack.asp
Source: Filtering Rules	String found in binary or memory: http://www.onclickmega.com/jump/next.php?
Source: Filtering Rules	String found in binary or memory: http://www.onwebcam.com/random?t_link=
Source: Filtering Rules	String found in binary or memory: http://www.paddypower.com/?AFF_ID=
Source: Filtering Rules	String found in binary or memory: http://www.pingperfect.com/aff.php
Source: Filtering Rules	String found in binary or memory: http://www.pinkvisualgames.com/?revid=
Source: Filtering Rules	String found in binary or memory: http://www.pinkvisualpad.com/?revid=
Source: Filtering Rules	String found in binary or memory: http://www.plus500.com/?id=
Source: Filtering Rules	String found in binary or memory: http://www.quick-torrent.com/download.html?aff
Source: Filtering Rules	String found in binary or memory: http://www.ragazzeinvendita.com/?rcid=
Source: Filtering Rules	String found in binary or memory: http://www.reimageplus.com
Source: Filtering Rules	String found in binary or memory: http://www.revenuehits.com/
Source: Filtering Rules	String found in binary or memory: http://www.roboform.com/php/land.php
Source: Filtering Rules	String found in binary or memory: http://www.securegfm.com/
Source: Filtering Rules	String found in binary or memory: http://www.seekbang.com/cs/
Source: Filtering Rules	String found in binary or memory: http://www.sexgangsters.com/?pid=
Source: Filtering Rules	String found in binary or memory: http://www.sfippa.com/
Source: Filtering Rules	String found in binary or memory: http://www.socialsex.com/
Source: Filtering Rules	String found in binary or memory: http://www.streamate.com/exports/
Source: Filtering Rules	String found in binary or memory: http://www.streamtunerhd.com/signup?
Source: Filtering Rules	String found in binary or memory: http://www.terraclicks.com/
Source: Filtering Rules	String found in binary or memory: http://www.text-link-ads.com/
Source: Filtering Rules	String found in binary or memory: http://www.tirerack.com/affiliates/
Source: Filtering Rules	String found in binary or memory: http://www.torntv-downloader.com/
Source: Filtering Rules	String found in binary or memory: http://www.twinplan.com/AF_
Source: Filtering Rules	String found in binary or memory: http://www.uniblue.com/cm/
Source: Filtering Rules	String found in binary or memory: http://www.urmediazone.com/signup
Source: Filtering Rules	String found in binary or memory: http://www.usearchmedia.com/signup?
Source: Filtering Rules	String found in binary or memory: http://www.wantstraffic.com/
Source: Filtering Rules	String found in binary or memory: http://www.webtrackerplus.com/
Source: Filtering Rules	String found in binary or memory: http://www.xmediaserve.com/
Source: Filtering Rules	String found in binary or memory: http://wxdownloadmanager.com/dl/
Source: Filtering Rules	String found in binary or memory: http://xads.zedo.com/
Source: Filtering Rules	String found in binary or memory: http://xtgem.com/click?
Source: Filtering Rules	String found in binary or memory: http://yads.zedo.com/
Source: Filtering Rules	String found in binary or memory: http://z1.zedo.com/
Source: Filtering Rules	String found in binary or memory: http://zevera.com/afi.html
Source: Filtering Rules	String found in binary or memory: https://a-ads.com/?partner=
Source: Filtering Rules	String found in binary or memory: https://a-ads.com/campaigns/
Source: Filtering Rules	String found in binary or memory: https://a.adtng.com/
Source: Filtering Rules	String found in binary or memory: https://a.bestcontentfood.top/
Source: Filtering Rules	String found in binary or memory: https://a.bestcontentoperation.top/
Source: Filtering Rules	String found in binary or memory: https://a.bestcontentweb.top/
Source: Filtering Rules	String found in binary or memory: https://a.montangop.top/
Source: Filtering Rules	String found in binary or memory: https://aaucwbe.com/
Source: Filtering Rules	String found in binary or memory: https://ad.atdmt.com/
Source: Filtering Rules	String found in binary or memory: https://ad.doubleclick.net/
Source: Filtering Rules	String found in binary or memory: https://ad.zanox.com/ppc/
Source: Filtering Rules	String found in binary or memory: https://ad13.adfarm1.adition.com/
Source: Filtering Rules	String found in binary or memory: https://adclick.g.doubleclick.net/
Source: Filtering Rules	String found in binary or memory: https://adhealers.com/
Source: Filtering Rules	String found in binary or memory: https://adnetwrk.com/
Source: Filtering Rules	String found in binary or memory: https://ads-for-free.com/click.php?
Source: Filtering Rules	String found in binary or memory: https://ads.ad4game.com/
Source: Filtering Rules	String found in binary or memory: https://ads.betfair.com/redirect.aspx?
Source: Filtering Rules	String found in binary or memory: https://ads.cdn.live/
Source: Filtering Rules	String found in binary or memory: https://ads.leovegas.com/redirect.aspx?
Source: Filtering Rules	String found in binary or memory: https://ads.planetwin365affiliate.com/redirect.aspx?
Source: Filtering Rules	String found in binary or memory: https://ads.trafficpoizon.com/
Source: Filtering Rules	String found in binary or memory: https://adserver.adreactor.com/
Source: Filtering Rules	String found in binary or memory: https://adsrv4k.com/
Source: Filtering Rules	String found in binary or memory: https://adswick.com/
Source: Filtering Rules	String found in binary or memory: https://adultfriendfinder.com/go/page/landing
Source: Filtering Rules	String found in binary or memory: https://aff-ads.stickywilds.com/
Source: Filtering Rules	String found in binary or memory: https://affcpatrk.com/
Source: Filtering Rules	String found in binary or memory: https://affect3dnetwork.com/track/
Source: Filtering Rules	String found in binary or memory: https://affiliate.fastcomet.com/
Source: Filtering Rules	String found in binary or memory: https://affiliate.geekbuying.com/gkbaffiliate.php?
Source: Filtering Rules	String found in binary or memory: https://affiliates.bet-at-home.com/processing/
Source: Filtering Rules	String found in binary or memory: https://agacelebir.com/
Source: Filtering Rules	String found in binary or memory: https://ak.hetaruwg.com/
Source: Filtering Rules	String found in binary or memory: https://albionsoftwares.com/
Source: Filtering Rules	String found in binary or memory: https://americafirstpolls.com/
Source: Filtering Rules	String found in binary or memory: https://as.conjectwatson.com/
Source: Filtering Rules	String found in binary or memory: https://as.sexad.net/
Source: Filtering Rules	String found in binary or memory: https://ausoafab.net/
Source: Filtering Rules	String found in binary or memory: https://awbbjmp.com/
Source: Filtering Rules	String found in binary or memory: https://awecrptjmp.com/
Source: Filtering Rules	String found in binary or memory: https://awejmp.com/
Source: Filtering Rules	String found in binary or memory: https://awentw.com/
Source: Filtering Rules	String found in binary or memory: https://aweptjmp.com/
Source: Filtering Rules	String found in binary or memory: https://awptjmp.com/
Source: Filtering Rules	String found in binary or memory: https://axdsz.pro/
Source: Filtering Rules	String found in binary or memory: https://azpresearch.club/
Source: Filtering Rules	String found in binary or memory: https://badoinkvr.com/
Source: Filtering Rules	String found in binary or memory: https://bestcond1tions.com/
Source: Filtering Rules	String found in binary or memory: https://betway.com/
Source: Filtering Rules	String found in binary or memory: https://blackorange.go2cloud.org/
Source: Filtering Rules	String found in binary or memory: https://bluedelivery.pro/
Source: Filtering Rules	String found in binary or memory: https://bngpt.com/
Source: Filtering Rules	String found in binary or memory: https://bnsjb1ab1e.com/
Source: Filtering Rules	String found in binary or memory: https://bongacams10.com/track?
Source: Filtering Rules	String found in binary or memory: https://bongacams2.com/track?
Source: Filtering Rules	String found in binary or memory: https://bs.serving-sys.com
Source: Filtering Rules	String found in binary or memory: https://bullads.net/get/
Source: Filtering Rules	String found in binary or memory: https://burpee.xyz/
Source: Filtering Rules	String found in binary or memory: https://cagothie.net/
Source: Filtering Rules	String found in binary or memory: https://camfapr.com/landing/click/
Source: Filtering Rules	String found in binary or memory: https://cams.imagetwist.com/in/?track=
Source: Filtering Rules	String found in binary or memory: https://chaturbate.com/affiliates/
Source: Filtering Rules	String found in binary or memory: https://chaturbate.com/in/?tour=
Source: Filtering Rules	String found in binary or memory: https://chaturbate.com/in/?track=
Source: Filtering Rules	String found in binary or memory: https://chaturbate.jjgirls.com/?track=
Source: Filtering Rules	String found in binary or memory: https://chaturbate.xyz/
Source: Filtering Rules	String found in binary or memory: https://claring-loccelkin.com/
Source: Filtering Rules	String found in binary or memory: https://click.a-ads.com/
Source: Filtering Rules	String found in binary or memory: https://click.hoolig.app/
Source: Filtering Rules	String found in binary or memory: https://click.plista.com/pets
Source: Filtering Rules	String found in binary or memory: https://click2cvs.com/
Source: Filtering Rules	String found in binary or memory: https://clickadilla.com/
Source: Filtering Rules	String found in binary or memory: https://clicks.pipaffiliates.com/
Source: Filtering Rules	String found in binary or memory: https://clixtrac.com/
Source: Filtering Rules	String found in binary or memory: https://content.oneindia.com/www/delivery/
Source: Filtering Rules	String found in binary or memory: https://control.trafficfabrik.com/
Source: Filtering Rules	String found in binary or memory: https://cpartner.bdswiss.com/
Source: Filtering Rules	String found in binary or memory: https://cpmspace.com/
Source: Filtering Rules	String found in binary or memory: https://creacdn.top-convert.com/
Source: Filtering Rules	String found in binary or memory: https://dediseedbox.com/clients/aff.php?
Source: Filtering Rules	String found in binary or memory: https://deliver.ptgncdn.com/
Source: Filtering Rules	String found in binary or memory: https://deliver.tf2www.com/
Source: Filtering Rules	String found in binary or memory: https://delivery.porn.com/
Source: Filtering Rules	String found in binary or memory: https://detachedbates.com/
Source: Filtering Rules	String found in binary or memory: https://dianches-inchor.com/
Source: Filtering Rules	String found in binary or memory: https://dltags.com/
Source: Filtering Rules	String found in binary or memory: https://dooloust.net/
Source: Filtering Rules	String found in binary or memory: https://dynamicadx.com/
Source: Filtering Rules	String found in binary or memory: https://earandmarketing.com/
Source: Filtering Rules	String found in binary or memory: https://easygamepromo.com/ef/custom_affiliate/
Source: Filtering Rules	String found in binary or memory: https://engine.phn.doublepimp.com/
Source: Filtering Rules	String found in binary or memory: https://explore.findanswersnow.net/
Source: Filtering Rules	String found in binary or memory: https://fakelay.com/
Source: Filtering Rules	String found in binary or memory: https://farm.plista.com/pets
Source: Filtering Rules	String found in binary or memory: https://fast-redirecting.com/
Source: Filtering Rules	String found in binary or memory: https://fertilitycommand.com/
Source: Filtering Rules	String found in binary or memory: https://fileboom.me/pr/
Source: Filtering Rules	String found in binary or memory: https://financeads.net/tc.php?
Source: Filtering Rules	String found in binary or memory: https://fleshlight.sjv.io/
Source: Filtering Rules	String found in binary or memory: https://flirtaescopa.com/
Source: Filtering Rules	String found in binary or memory: https://fonts.fontplace9.com/
Source: Filtering Rules	String found in binary or memory: https://frameworkdeserve.com/
Source: Filtering Rules	String found in binary or memory: https://freeadult.games/
Source: Filtering Rules	String found in binary or memory: https://galaxyroms.net/?scr=
Source: Filtering Rules	String found in binary or memory: https://gamescarousel.com/
Source: Filtering Rules	String found in binary or memory: https://geniusdexchange.com/
Source: Filtering Rules	String found in binary or memory: https://gghf.mobi/
Source: Filtering Rules	String found in binary or memory: https://giftsale.co.uk/?utm_
Source: Filtering Rules	String found in binary or memory: https://glersakr.com/
Source: Filtering Rules	String found in binary or memory: https://go.247traffic.com/
Source: Filtering Rules	String found in binary or memory: https://go.4rabettraff.com/
Source: Filtering Rules	String found in binary or memory: https://go.ad2up.com/
Source: Filtering Rules	String found in binary or memory: https://go.admjmp.com/
Source: Filtering Rules	String found in binary or memory: https://go.affiliatexe.com/
Source: Filtering Rules	String found in binary or memory: https://go.alxbgo.com/
Source: Filtering Rules	String found in binary or memory: https://go.astutelinks.com/
Source: Filtering Rules	String found in binary or memory: https://go.cmrdr.com/
Source: Filtering Rules	String found in binary or memory: https://go.currency.com/
Source: Filtering Rules	String found in binary or memory: https://go.ebrokerserve.com/
Source: Filtering Rules	String found in binary or memory: https://go.etoro.com/
Source: Filtering Rules	String found in binary or memory: https://go.gldrdr.com/
Source: Filtering Rules	String found in binary or memory: https://go.goaserv.com/
Source: Filtering Rules	String found in binary or memory: https://go.goasrv.com/
Source: Filtering Rules	String found in binary or memory: https://go.hpyjmp.com/
Source: Filtering Rules	String found in binary or memory: https://go.hpyrdr.com/
Source: Filtering Rules	String found in binary or memory: https://go.julrdr.com/
Source: Filtering Rules	String found in binary or memory: https://go.markets.com/visit/?bta=
Source: Filtering Rules	String found in binary or memory: https://go.onclasrv.com/
Source: Filtering Rules	String found in binary or memory: https://go.strpjmp.com/
Source: Filtering Rules	String found in binary or memory: https://go.tmrjmp.com
Source: Filtering Rules	String found in binary or memory: https://go.trackitalltheway.com/
Source: Filtering Rules	String found in binary or memory: https://go.trkclick2.com/
Source: Filtering Rules	String found in binary or memory: https://go.xtbaffiliates.com/
Source: Filtering Rules	String found in binary or memory: https://go.xxxjmp.com
Source: Filtering Rules	String found in binary or memory: https://gogoman.me/
Source: Filtering Rules	String found in binary or memory: https://gohere.pl/
Source: Filtering Rules	String found in binary or memory: https://googleads.g.doubleclick.net/pcs/click
Source: Filtering Rules	String found in binary or memory: https://goraps.com/
Source: Filtering Rules	String found in binary or memory: https://graizoah.com/
Source: Filtering Rules	String found in binary or memory: https://horny-pussies.com/tds
Source: Filtering Rules	String found in binary or memory: https://iac.ampxdirect.com/
Source: Filtering Rules	String found in binary or memory: https://iactrivago.ampxdirect.com/
Source: Filtering Rules	String found in binary or memory: https://incisivetrk.cvtr.io/click?
Source: Filtering Rules	String found in binary or memory: https://infinitytrk.com/
Source: Filtering Rules	String found in binary or memory: https://intenseaffiliates.com/redirect/
Source: Filtering Rules	String found in binary or memory: https://intrev.co/
Source: Filtering Rules	String found in binary or memory: https://iqbroker.com/
Source: Filtering Rules	String found in binary or memory: https://ismlks.com/
Source: Filtering Rules	String found in binary or memory: https://jmp.awempire.com/
Source: Filtering Rules	String found in binary or memory: https://join.dreamsexworld.com/
Source: Filtering Rules	String found in binary or memory: https://join.girlsoutwest.com/
Source: Filtering Rules	String found in binary or memory: https://join.playboyplus.com/track/
Source: Filtering Rules	String found in binary or memory: https://join.sexworld3d.com/track/
Source: Filtering Rules	String found in binary or memory: https://join.virtuallust3d.com/
Source: Filtering Rules	String found in binary or memory: https://join.virtualtaboo.com/track/
Source: Filtering Rules	String found in binary or memory: https://join3.bannedsextapes.com
Source: Filtering Rules	String found in binary or memory: https://juicyads.in/
Source: Filtering Rules	String found in binary or memory: https://k2s.cc/pr/
Source: Filtering Rules	String found in binary or memory: https://keep2share.cc/pr/
Source: Filtering Rules	String found in binary or memory: https://land.brazzersnetwork.com/landing/
Source: Filtering Rules	String found in binary or memory: https://land.rk.com/landing/
Source: Filtering Rules	String found in binary or memory: https://landing.brazzersnetwork.com/
Source: Filtering Rules	String found in binary or memory: https://landing.brazzersplus.com/
Source: Filtering Rules	String found in binary or memory: https://landing1.brazzersnetwork.com
Source: Filtering Rules	String found in binary or memory: https://lead1.pl/
Source: Filtering Rules	String found in binary or memory: https://leg.xyz/?track=
Source: Filtering Rules	String found in binary or memory: https://look.utndln.com/
Source: Filtering Rules	String found in binary or memory: https://m.do.co/c/
Source: Filtering Rules	String found in binary or memory: https://maymooth-stopic.com/
Source: Filtering Rules	String found in binary or memory: https://mcdlks.com/
Source: Filtering Rules	String found in binary or memory: https://mediaserver.entainpartners.com/renderBanner.do?
Source: Filtering Rules	String found in binary or memory: https://mediaserver.gvcaffiliates.com/renderBanner.do?
Source: Filtering Rules	String found in binary or memory: https://mylead.global/stl/
Source: Filtering Rules	String found in binary or memory: https://mypillow.com/
Source: Filtering Rules	String found in binary or memory: https://r.kraken.com/
Source: Filtering Rules	String found in binary or memory: https://rapidgator.net/article/premium/ref/
Source: Filtering Rules	String found in binary or memory: https://secure.bmtmicro.com/servlets/
Source: Filtering Rules	String found in binary or memory: https://shiftnetwork.infusionsoft.com/go/
Source: Filtering Rules	String found in binary or memory: https://shrugartisticelder.com
Source: Filtering Rules	String found in binary or memory: https://stvkr.com/
Source: Filtering Rules	String found in binary or memory: https://t.ajrkm.link/
Source: Filtering Rules	String found in binary or memory: https://totlnkcl.com/
Source: Filtering Rules	String found in binary or memory: https://track.fiverr.com/visit/
Source: Filtering Rules	String found in binary or memory: https://traffserve.com/
Source: Filtering Rules	String found in binary or memory: https://v.investologic.co.uk/
Source: Filtering Rules	String found in binary or memory: https://wct.link/
Source: Filtering Rules	String found in binary or memory: https://www.dcpodj3k5.com/
Source: Filtering Rules	String found in binary or memory: https://www.hostg.xyz/aff_c
Source: Filtering Rules	String found in binary or memory: https://www.mypillow.com/
Source: Filtering Rules	String found in binary or memory: https://www.reimageplus.com/
Source: Filtering Rules	String found in binary or memory: https://www.restoro.com/
Source: Filtering Rules	String found in binary or memory: https://www.targetingpartner.com/
Source: Filtering Rules	String found in binary or memory: https://zone.gotrackier.com/

Source: classification engine

Classification label: mal48.win@0/0@0/0

Source: Filtering Rules

Static file information: File size 1850055 > 1048576

Mitre Att&ck Matrix

⊘No Mitre Att&ck techniques found

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Download Video

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
Filtering Rules	0%	ReversingLabs

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

⊘No Antivirus matches

URLs

Source	Detection	Scanner	Label
http://www.freefilesdownloader.com/	0%	Avira URL Cloud	safe
https://iactrivago.ampxdirect.com/	0%	Avira URL Cloud	safe
http://join.rodneymoore.com/	0%	Avira URL Cloud	safe
https://gamescarousel.com/	100%	Avira URL Cloud	malware
https://cpmspace.com/	0%	Avira URL Cloud	safe
http://record.betsafe.com/	0%	Avira URL Cloud	safe
http://ad-apac.doubleclick.net/	0%	Avira URL Cloud	safe
http://www.onclickmega.com/jump/next.php?	100%	Avira URL Cloud	malware
http://see-work.info/	0%	Avira URL Cloud	safe
https://traffserve.com/	0%	Avira URL Cloud	safe
http://www.linkbucks.com/referral/	0%	Avira URL Cloud	safe
http://go.ad2up.com/	0%	Avira URL Cloud	safe
http://www.sexgangsters.com/?pid=	0%	Avira URL Cloud	safe
http://papi.mynativeplatform.com:80/pub2/	0%	Avira URL Cloud	safe
http://www.affiliates1128.com/processing/	0%	Avira URL Cloud	safe
http://www.flashx.tv/downloadthis	0%	Avira URL Cloud	safe
http://reallygoodlink.freehookupaffair.com/	0%	Avira URL Cloud	safe
http://www.friendlyduck.com/AF_	0%	Avira URL Cloud	safe
https://m.do.co/c/	0%	Avira URL Cloud	safe
https://ads.planetwin365affiliate.com/redirect.aspx?	0%	Avira URL Cloud	safe
http://install.securewebsiteaccess.com/	0%	Avira URL Cloud	safe
https://gohere.pl/	0%	Avira URL Cloud	safe
http://affiliates.thrixxx.com/	0%	Avira URL Cloud	safe
http://servicegetbook.net/	0%	Avira URL Cloud	safe
http://greensmoke.com/	0%	Avira URL Cloud	safe
http://www.downloadweb.org/	0%	Avira URL Cloud	safe
http://adprovider.adlure.net/	0%	Avira URL Cloud	safe
http://www.graboid.com/affiliates/	0%	Avira URL Cloud	safe
http://360ads.go2cloud.org/	0%	Avira URL Cloud	safe
https://v.investologic.co.uk/	0%	Avira URL Cloud	safe
https://ads.trafficpoizon.com/	0%	Avira URL Cloud	safe
http://engine.newsmaxfeednetwork.com/	0%	Avira URL Cloud	safe
https://albionsoftwares.com/	100%	Avira URL Cloud	malware
https://cpartner.bdswiss.com/	0%	Avira URL Cloud	safe
https://dianches-inchor.com/	0%	Avira URL Cloud	safe
http://adsrv.keycaptcha.com	0%	Avira URL Cloud	safe
https://americafirstpolls.com/	0%	Avira URL Cloud	safe
http://join3.bannedsextapes.com/track/	0%	Avira URL Cloud	safe
https://burpee.xyz/	0%	Avira URL Cloud	safe
https://badoinkvr.com/	0%	Avira URL Cloud	safe
http://vinfdv6b4j.com/	0%	Avira URL Cloud	safe
http://findersocket.com/	0%	Avira URL Cloud	safe
http://ffxitrack.com/	0%	Avira URL Cloud	safe
https://adnetwrk.com/	0%	Avira URL Cloud	safe
http://hotcandyland.com/partner/	0%	Avira URL Cloud	safe
http://affiliates.pinnaclesports.com/processing/	0%	Avira URL Cloud	safe
http://elitefuckbook.com/	0%	Avira URL Cloud	safe
https://bestcond1tions.com/	0%	Avira URL Cloud	safe
http://www.friendlyquacks.com/	0%	Avira URL Cloud	safe
https://land.rk.com/landing/	0%	Avira URL Cloud	safe
http://join.shemalesfromhell.com/	0%	Avira URL Cloud	safe
http://pityhostngco2.xyz/	100%	Avira URL Cloud	malware
https://join.sexworld3d.com/track/	0%	Avira URL Cloud	safe
http://secure.hostgator.com/~affiliat/	0%	Avira URL Cloud	safe
http://www.onwebcam.com/random?t_link=	0%	Avira URL Cloud	safe
https://adswick.com/	0%	Avira URL Cloud	safe
http://dftrck.com/	0%	Avira URL Cloud	safe
http://cdn.adstract.com/	0%	Avira URL Cloud	safe
http://www.firstload.de/affiliate/	0%	Avira URL Cloud	safe
http://enter.anabolic.com/track/	0%	Avira URL Cloud	safe
http://zevera.com/afi.html	0%	Avira URL Cloud	safe
https://jmp.awempire.com/	0%	Avira URL Cloud	safe
http://www.text-link-ads.com/	0%	Avira URL Cloud	safe
https://fast-redirecting.com/	100%	Avira URL Cloud	malware
http://clkmon.com/adServe/	0%	Avira URL Cloud	safe
https://clixtrac.com/	0%	Avira URL Cloud	safe
http://www.TwinPlan.com/AF_	0%	Avira URL Cloud	safe
http://www.mysuperpharm.com/	0%	Avira URL Cloud	safe
https://chaturbate.jjgirls.com/?track=	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

⊘No contacted domains info

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://k2s.cc/pr/	Filtering Rules	false		high
https://clicks.pipaffiliates.com/	Filtering Rules	false		high
https://iactrivago.ampxdirect.com/	Filtering Rules	false	Avira URL Cloud: safe	unknown
https://landing1.brazzersnetwork.com	Filtering Rules	false		high
http://see-work.info/	Filtering Rules	false	Avira URL Cloud: safe	unknown
http://record.betsafe.com/	Filtering Rules	false	Avira URL Cloud: safe	unknown
https://financeads.net/tc.php?	Filtering Rules	false		high
http://adclick.g.doubleclick.net/	Filtering Rules	false		high
http://ad-apac.doubleclick.net/	Filtering Rules	false	Avira URL Cloud: safe	unknown
https://gamescarousel.com/	Filtering Rules	false	Avira URL Cloud: malware	unknown
https://go.strpjmp.com/	Filtering Rules	false		high
http://join.rodneymoore.com/	Filtering Rules	false	Avira URL Cloud: safe	unknown
https://traffserve.com/	Filtering Rules	false	Avira URL Cloud: safe	unknown
https://cpmspace.com/	Filtering Rules	false	Avira URL Cloud: safe	unknown
http://www.onclickmega.com/jump/next.php?	Filtering Rules	false	Avira URL Cloud: malware	unknown
https://clickadilla.com/	Filtering Rules	false		high
http://www.freefilesdownloader.com/	Filtering Rules	false	Avira URL Cloud: safe	unknown
http://www.plus500.com/?id=	Filtering Rules	false		high
http://papi.mynativeplatform.com:80/pub2/	Filtering Rules	false	Avira URL Cloud: safe	unknown
http://adf.ly/?id=	Filtering Rules	false		high
https://www.reimageplus.com/	Filtering Rules	false		high
http://www.linkbucks.com/referral/	Filtering Rules	false	Avira URL Cloud: safe	unknown
http://homemoviestube.com/	Filtering Rules	false		high
http://go.ad2up.com/	Filtering Rules	false	Avira URL Cloud: safe	unknown
http://www.sexgangsters.com/?pid=	Filtering Rules	false	Avira URL Cloud: safe	unknown
http://bcp.crwdcntrl.net/	Filtering Rules	false		high
https://m.do.co/c/	Filtering Rules	false	Avira URL Cloud: safe	unknown
http://adserver.adtechus.com/	Filtering Rules	false		high
http://reallygoodlink.freehookupaffair.com/	Filtering Rules	false	Avira URL Cloud: safe	unknown
https://ads.cdn.live/	Filtering Rules	false		high
https://as.sexad.net/	Filtering Rules	false		high
http://www.affiliates1128.com/processing/	Filtering Rules	false	Avira URL Cloud: safe	unknown
http://wct.link/	Filtering Rules	false		high
http://www.friendlyduck.com/AF_	Filtering Rules	false	Avira URL Cloud: safe	unknown
http://www.flashx.tv/downloadthis	Filtering Rules	false	Avira URL Cloud: safe	unknown
http://ad.yieldmanager.com/	Filtering Rules	false		high
https://ads.planetwin365affiliate.com/redirect.aspx?	Filtering Rules	false	Avira URL Cloud: safe	unknown
http://install.securewebsiteaccess.com/	Filtering Rules	false	Avira URL Cloud: safe	unknown
https://geniusdexchange.com/	Filtering Rules	false		high
https://gohere.pl/	Filtering Rules	false	Avira URL Cloud: safe	unknown
http://affiliates.thrixxx.com/	Filtering Rules	false	Avira URL Cloud: safe	unknown
http://adprovider.adlure.net/	Filtering Rules	false	Avira URL Cloud: safe	unknown
http://bc.vc/?r=	Filtering Rules	false		high
https://ads.betfair.com/redirect.aspx?	Filtering Rules	false		high
http://greensmoke.com/	Filtering Rules	false	Avira URL Cloud: safe	unknown
http://www.bluehost.com/track/	Filtering Rules	false		high
http://servicegetbook.net/	Filtering Rules	false	Avira URL Cloud: safe	unknown
http://www.downloadweb.org/	Filtering Rules	false	Avira URL Cloud: safe	unknown
http://www.graboid.com/affiliates/	Filtering Rules	false	Avira URL Cloud: safe	unknown
http://360ads.go2cloud.org/	Filtering Rules	false	Avira URL Cloud: safe	unknown
https://v.investologic.co.uk/	Filtering Rules	false	Avira URL Cloud: safe	unknown
https://ads.trafficpoizon.com/	Filtering Rules	false	Avira URL Cloud: safe	unknown
https://go.goasrv.com/	Filtering Rules	false		high
https://albionsoftwares.com/	Filtering Rules	false	Avira URL Cloud: malware	unknown
http://engine.newsmaxfeednetwork.com/	Filtering Rules	false	Avira URL Cloud: safe	unknown
https://cpartner.bdswiss.com/	Filtering Rules	false	Avira URL Cloud: safe	unknown
http://adsrv.keycaptcha.com	Filtering Rules	false	Avira URL Cloud: safe	unknown
https://dianches-inchor.com/	Filtering Rules	false	Avira URL Cloud: safe	unknown
http://join3.bannedsextapes.com/track/	Filtering Rules	false	Avira URL Cloud: safe	unknown
https://americafirstpolls.com/	Filtering Rules	false	Avira URL Cloud: safe	unknown
https://badoinkvr.com/	Filtering Rules	false	Avira URL Cloud: safe	unknown
https://burpee.xyz/	Filtering Rules	false	Avira URL Cloud: safe	unknown
http://syndication.exoclick.com/	Filtering Rules	false		high
http://www.tirerack.com/affiliates/	Filtering Rules	false		high
http://findersocket.com/	Filtering Rules	false	Avira URL Cloud: safe	unknown
http://vinfdv6b4j.com/	Filtering Rules	false	Avira URL Cloud: safe	unknown
http://ffxitrack.com/	Filtering Rules	false	Avira URL Cloud: safe	unknown
https://adnetwrk.com/	Filtering Rules	false	Avira URL Cloud: safe	unknown
http://hotcandyland.com/partner/	Filtering Rules	false	Avira URL Cloud: safe	unknown
https://ad.doubleclick.net/	Filtering Rules	false		high
http://affiliates.pinnaclesports.com/processing/	Filtering Rules	false	Avira URL Cloud: safe	unknown
https://land.rk.com/landing/	Filtering Rules	false	Avira URL Cloud: safe	unknown
http://elitefuckbook.com/	Filtering Rules	false	Avira URL Cloud: safe	unknown
http://ad-emea.doubleclick.net/	Filtering Rules	false		high
http://www.friendlyquacks.com/	Filtering Rules	false	Avira URL Cloud: safe	unknown
https://bestcond1tions.com/	Filtering Rules	false	Avira URL Cloud: safe	unknown
https://join.sexworld3d.com/track/	Filtering Rules	false	Avira URL Cloud: safe	unknown
http://join.shemalesfromhell.com/	Filtering Rules	false	Avira URL Cloud: safe	unknown
http://secure.hostgator.com/~affiliat/	Filtering Rules	false	Avira URL Cloud: safe	unknown
http://pityhostngco2.xyz/	Filtering Rules	false	Avira URL Cloud: malware	unknown
http://server.cpmstar.com/click.aspx?poolid=	Filtering Rules	false		high
http://www.onwebcam.com/random?t_link=	Filtering Rules	false	Avira URL Cloud: safe	unknown
https://adswick.com/	Filtering Rules	false	Avira URL Cloud: safe	unknown
http://enter.anabolic.com/track/	Filtering Rules	false	Avira URL Cloud: safe	unknown
http://www.firstload.de/affiliate/	Filtering Rules	false	Avira URL Cloud: safe	unknown
http://dftrck.com/	Filtering Rules	false	Avira URL Cloud: safe	unknown
http://cdn.adstract.com/	Filtering Rules	false	Avira URL Cloud: safe	unknown
http://marketgid.com	Filtering Rules	false		high
https://chaturbate.com/in/?track=	Filtering Rules	false		high
http://zevera.com/afi.html	Filtering Rules	false	Avira URL Cloud: safe	unknown
https://click.hoolig.app/	Filtering Rules	false		high
https://jmp.awempire.com/	Filtering Rules	false	Avira URL Cloud: safe	unknown
http://www.text-link-ads.com/	Filtering Rules	false	Avira URL Cloud: safe	unknown
https://fast-redirecting.com/	Filtering Rules	false	Avira URL Cloud: malware	unknown
http://clkmon.com/adServe/	Filtering Rules	false	Avira URL Cloud: safe	unknown
http://www.mysuperpharm.com/	Filtering Rules	false	Avira URL Cloud: safe	unknown
https://clixtrac.com/	Filtering Rules	false	Avira URL Cloud: safe	unknown
http://www.mrskin.com/tour	Filtering Rules	false		high
http://www.TwinPlan.com/AF_	Filtering Rules	false	Avira URL Cloud: safe	unknown
https://chaturbate.jjgirls.com/?track=	Filtering Rules	false	Avira URL Cloud: safe	unknown

World Map of Contacted IPs

⊘No contacted IP infos

General Information

Joe Sandbox version:	41.0.0 Charoite
Analysis ID:	1586205
Start date and time:	2025-01-08 20:39:30 +01:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 1m 28s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	default.jbs
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	0
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Sample name:	Filtering Rules
Detection:	MAL
Classification:	mal48.win@0/0@0/0
Cookbook Comments:	Unable to launch sample, stop analysis

Errors

No process behavior to analyse as no analysis process or sample was found
Corrupt sample or wrongly selected analyzer. Details: invalid parameter

Warnings

VT rate limit hit for: Filtering Rules

Simulations

Behavior and APIs

⊘No simulations

Joe Sandbox View / Context

IPs

⊘No context

Domains

⊘No context

ASNs

⊘No context

JA3 Fingerprints

⊘No context

Dropped Files

⊘No context

Created / dropped Files

⊘No created / dropped files found

Static File Info

General

File type:	data
Entropy (8bit):	5.679579246502512
TrID:
File name:	Filtering Rules
File size:	1'850'055 bytes
MD5:	a97ea939d1b6d363d1a41c4ab55b9ecb
SHA1:	3669e6477eddf2521e874269769b69b042620332
SHA256:	97115a369f33b66a7ffcfb3d67c935c1e7a24fc723bb8380ad01971c447cfa9f
SHA512:	399cb37e5790effcd4d62b9b09f706c4fb19eb2ab220f1089698f1e1c6f1efdd2f55d9f4c6d58ddbcc64d7a7cf689ab0dbbfae52ce96d5baa53c43775e018279
SSDEEP:	24576:y+DPoZGeOT4JQm1zX3nJhS33dpuaQcLzNPNPCoMB50TcpdGGi:FAZxu3dplQcxNPCoMB50TcpYGi
TLSH:	0185D7137929FEB11BB22F6D98079D08C138A3F083D7ECC6EA27D11DD1E164EB9505A9
File Content Preview:	............0.8.@.R.&action=getads&..........0.8.@.R.&ad_code=..........0.8.@.R.&ad_height=..........0.8.@.R.&ad_ids=..........0.8.@.R.&ad_network_..........0.8.@.R.&ad_slot=..........0.8.@.R.&ad_sub=..........0.8.@.R.&ad_system=..........0.8.@.R.&ad_time

File Icon


Icon Hash:	72e2a2a292a2a2b2

Network Behavior

⊘No network behavior found

Statistics

⊘No statistics

System Behavior

⊘No system behavior

Disassembly

⊘No disassembly

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report Filtering Rules

Overview

General Information

Detection

Signatures

Classification

Malware Configuration

Yara Signatures

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

AV Detection

Networking

System Summary

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

URLs from Memory and Binaries

World Map of Contacted IPs

General Information

Errors

Warnings

Simulations

Behavior and APIs

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

Static File Info

General

File Icon

Network Behavior

Statistics

System Behavior

Disassembly

Windows Analysis Report
Filtering Rules