BatchID0928580688_BILLPay ACHWIRE 89e525126be8edf88b5459a83c829446.msg

Status: finished

Submission Time: 2025-03-04 16:58:18 +01:00

Malicious

Phishing

HTMLPhisher, Invisible JS

Engine	Download Report	Detection	Info
	Full Report Management Report IOC Report	malicious Score: 76	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

IP	Country	Detection
188.114.96.3	European Union
20.189.173.16	United States
104.17.25.14	United States
Click to see the 17 hidden entries
172.217.16.196	United States
52.123.131.14	United States
142.250.184.227	United States
142.250.186.110	United States
142.250.185.163	United States
239.255.255.250	Reserved
142.250.181.227	United States
104.17.24.14	United States
151.101.2.137	United States
104.21.80.1	United States
104.18.95.41	United States
104.21.64.1	United States
172.217.18.14	United States
52.109.68.130	United States
74.125.133.84	United States
216.58.206.74	United States
1.1.1.1	Australia

Name	IP	Detection
hu.felmoq7rc.com	188.114.96.3
code.jquery.com	151.101.2.137
cdnjs.cloudflare.com	104.17.25.14
Click to see the 4 hidden entries
challenges.cloudflare.com	104.18.95.41
www.google.com	172.217.16.196
s-0005.dual-s-dc-msedge.net	52.123.131.14
7rm2cu.xvfzhzri.ru	104.21.80.1

Name	Detection
file:///C:/Users/user/AppData/Local/Microsoft/Windows/INetCache/Content.Outlook/P5R1IMYE/0928580688PAYTbconsulting.svg
https://hu.felmoq7rc.com/CNbP/?e=mmanchion@tbconsulting.com
https://code.jquery.com/jquery-3.6.0.min.js
Click to see the 4 hidden entries
https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js
https://7rm2cu.xvfzhzri.ru/pani$ubvvpy
https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback
https://challenges.cloudflare.com/turnstile/v0/g/f3b948d8acb8/api.js

No malicious files found. See full and IOC report for all dropped files.

BatchID0928580688_BILLPay ACHWIRE 89e525126be8edf88b5459a83c829446.msg Options