Windows
Analysis Report
https://hnt.zkg.mybluehost.me/CA/LET
Overview
Detection
Score: | 64 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Classification
- System is w10x64_ra
- chrome.exe (PID: 2932 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed "about :blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 6732 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2188 --fi eld-trial- handle=199 6,i,781584 4777174740 821,735146 0656353072 926,262144 --disable -features= Optimizati onGuideMod elDownload ing,Optimi zationHint s,Optimiza tionHintsF etching,Op timization TargetPred iction /pr efetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- chrome.exe (PID: 7160 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" "htt ps://hnt.z kg.myblueh ost.me/CA/ LET" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- cleanup
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_HtmlPhish_34 | Yara detected HtmlPhish_34 | Joe Security |
Click to jump to signature section
Phishing |
---|
Source: | LLM: | ||
Source: | LLM: | ||
Source: | LLM: | ||
Source: | LLM: | ||
Source: | LLM: |
Source: | File source: |
Source: | Matcher: | ||
Source: | Matcher: | ||
Source: | Matcher: | ||
Source: | Matcher: | ||
Source: | Matcher: |
Source: | HTTP Parser: | ||
Source: | HTTP Parser: |
Source: | HTTP Parser: |
Source: | HTTP Parser: | ||
Source: | HTTP Parser: |
Source: | HTTP Parser: | ||
Source: | HTTP Parser: | ||
Source: | HTTP Parser: | ||
Source: | HTTP Parser: | ||
Source: | HTTP Parser: | ||
Source: | HTTP Parser: | ||
Source: | HTTP Parser: | ||
Source: | HTTP Parser: |
Source: | HTTP Parser: | ||
Source: | HTTP Parser: |
Source: | HTTP Parser: |
Source: | HTTP Parser: | ||
Source: | HTTP Parser: | ||
Source: | HTTP Parser: | ||
Source: | HTTP Parser: | ||
Source: | HTTP Parser: | ||
Source: | HTTP Parser: | ||
Source: | HTTP Parser: |
Source: | HTTP Parser: | ||
Source: | HTTP Parser: |
Source: | HTTP Parser: | ||
Source: | HTTP Parser: |
Source: | Directory created: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Classification label: |
Source: | File created: |
Source: | File created: |
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: |
Source: | Window detected: |
Source: | Directory created: |
Persistence and Installation Behavior |
---|
Source: | LLM: | ||
Source: | LLM: | ||
Source: | LLM: | ||
Source: | LLM: |
Source: | File created: | ||
Source: | File created: | ||
Source: | File created: | ||
Source: | File created: | ||
Source: | File created: | ||
Source: | File created: | ||
Source: | File created: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | 1 Browser Extensions | 1 Process Injection | 3 Masquerading | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 2 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | 1 Registry Run Keys / Startup Folder | 1 Registry Run Keys / Startup Folder | 1 Process Injection | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 1 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | 1 Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 2 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
cdnjs.cloudflare.com | 104.17.25.14 | true | false | unknown | |
hnt.zkg.mybluehost.me | 50.6.153.248 | true | true | unknown | |
www.google.com | 142.250.184.196 | true | false | unknown | |
cdn.lr-in.com | 104.21.234.145 | true | false | unknown | |
dispatching-centre.lasamericascargo.com | 135.181.58.223 | true | false | unknown | |
api.livechatinc.com | unknown | unknown | false | unknown | |
cdn.livechatinc.com | unknown | unknown | false | unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
true | unknown | ||
true | unknown | ||
true | unknown | ||
true | unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
23.38.98.94 | unknown | United States | 16625 | AKAMAI-ASUS | false | |
142.250.186.174 | unknown | United States | 15169 | GOOGLEUS | false | |
104.21.234.145 | cdn.lr-in.com | United States | 13335 | CLOUDFLARENETUS | false | |
95.101.111.159 | unknown | European Union | 12956 | TELEFONICATELXIUSES | false | |
23.38.98.79 | unknown | United States | 16625 | AKAMAI-ASUS | false | |
142.250.186.132 | unknown | United States | 15169 | GOOGLEUS | false | |
142.250.184.206 | unknown | United States | 15169 | GOOGLEUS | false | |
142.250.186.138 | unknown | United States | 15169 | GOOGLEUS | false | |
142.250.184.195 | unknown | United States | 15169 | GOOGLEUS | false | |
142.250.184.196 | www.google.com | United States | 15169 | GOOGLEUS | false | |
1.1.1.1 | unknown | Australia | 13335 | CLOUDFLARENETUS | false | |
108.177.15.84 | unknown | United States | 15169 | GOOGLEUS | false | |
142.250.186.163 | unknown | United States | 15169 | GOOGLEUS | false | |
172.217.18.4 | unknown | United States | 15169 | GOOGLEUS | false | |
142.250.185.132 | unknown | United States | 15169 | GOOGLEUS | false | |
50.6.153.248 | hnt.zkg.mybluehost.me | United States | 46606 | UNIFIEDLAYER-AS-1US | true | |
135.181.58.223 | dispatching-centre.lasamericascargo.com | Germany | 24940 | HETZNER-ASDE | false | |
142.250.186.106 | unknown | United States | 15169 | GOOGLEUS | false | |
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
142.250.185.131 | unknown | United States | 15169 | GOOGLEUS | false | |
142.250.185.195 | unknown | United States | 15169 | GOOGLEUS | false | |
172.217.16.195 | unknown | United States | 15169 | GOOGLEUS | false | |
95.101.111.161 | unknown | European Union | 12956 | TELEFONICATELXIUSES | false | |
104.17.25.14 | cdnjs.cloudflare.com | United States | 13335 | CLOUDFLARENETUS | false |
IP |
---|
192.168.2.16 |
192.168.2.4 |
Joe Sandbox version: | 41.0.0 Charoite |
Analysis ID: | 1529180 |
Start date and time: | 2024-10-08 17:58:27 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | defaultwindowsinteractivecookbook.jbs |
Sample URL: | https://hnt.zkg.mybluehost.me/CA/LET |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 13 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | stream |
Analysis stop reason: | Timeout |
Detection: | MAL |
Classification: | mal64.phis.win@19/43@30/245 |
- Exclude process from analysis (whitelisted): svchost.exe
- Excluded IPs from analysis (whitelisted): 172.217.16.195, 142.250.184.206, 108.177.15.84, 34.104.35.123, 142.250.185.195, 23.38.98.79, 23.38.98.94, 88.221.110.91, 95.101.111.159, 95.101.111.146, 95.101.111.174, 142.250.185.131, 142.250.186.106, 142.250.186.138, 216.58.206.74, 142.250.186.170, 142.250.186.74, 142.250.185.234, 172.217.16.202, 142.250.186.42, 216.58.212.170, 172.217.16.138, 142.250.185.138, 142.250.181.234, 172.217.23.106, 142.250.184.234, 142.250.184.202, 172.217.18.10, 95.101.111.161, 142.250.184.195
- Excluded domains from analysis (whitelisted): e39296.b.akamaiedge.net, clients2.google.com, accounts.google.com, edgedl.me.gvt1.com, e39296.f.akamaiedge.net, content-autofill.googleapis.com, ctldl.windowsupdate.com, clientservices.googleapis.com, clients.l.google.com, www.gstatic.com, cdn.livechat.com.edgekey.net, api.livechat.com.edgekey.net
- Not all processes where analyzed, report is missing behavior information
- VT rate limit hit for: https://hnt.zkg.mybluehost.me/CA/LET
Input | Output |
---|---|
URL: https://hnt.zkg.mybluehost.me/CA/ALMA/ Model: jbxai | { "brand":["DHL"], "contains_trigger_text":false, "trigger_text":"", "prominent_button_name":"unknown", "text_input_field_labels":"unknown", "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "text":"Why this process?", "has_visible_qrcode":false} |
URL: https://hnt.zkg.mybluehost.me/CA/ALMA/ Model: jbxai | { "brand":["DHL"], "contains_trigger_text":false, "trigger_text":"", "prominent_button_name":"unknown", "text_input_field_labels":"unknown", "pdf_icon_visible":false, "has_visible_captcha":true, "has_urgent_text":false, "text":"I'm not a robot", "has_visible_qrcode":false} |
URL: https://hnt.zkg.mybluehost.me/CA/ALMA/ Model: jbxai | { "brand":["DHL"], "contains_trigger_text":true, "trigger_text":"Select all images with traffic lights", "prominent_button_name":"VERIFY", "text_input_field_labels":"unknown", "pdf_icon_visible":false, "has_visible_captcha":true, "has_urgent_text":false, "text":"Select all images with traffic lights", "has_visible_qrcode":false} |
URL: https://hnt.zkg.mybluehost.me/CA/ALMA/ Model: jbxai | { "brand":["DHL"], "contains_trigger_text":true, "trigger_text":"Select all images with traffic lights", "prominent_button_name":"VERIFY", "text_input_field_labels":"unknown", "pdf_icon_visible":false, "has_visible_captcha":true, "has_urgent_text":false, "text":"Select all images with traffic lights", "has_visible_qrcode":false} |
URL: https://hnt.zkg.mybluehost.me/CA/ALMA/ Model: jbxai | { "brand":["DHL"], "contains_trigger_text":true, "trigger_text":"Select all images with traffic lights", "prominent_button_name":"VERIFY", "text_input_field_labels":"unknown", "pdf_icon_visible":false, "has_visible_captcha":true, "has_urgent_text":false, "text":"I'm not a robot reCAPTCHA Privacy - Terms Why this process?", "has_visible_qrcode":false} |
URL: https://hnt.zkg.mybluehost.me/CA/ALMA/ Model: jbxai | { "brand":["DHL"], "contains_trigger_text":true, "trigger_text":"Select all images with traffic lights", "prominent_button_name":"VERIFY", "text_input_field_labels":"unknown", "pdf_icon_visible":false, "has_visible_captcha":true, "has_urgent_text":false, "text":"I'm not a robot reCAPTCHA Privacy - Terms Why this process?", "has_visible_qrcode":false} |
URL: https://hnt.zkg.mybluehost.me/CA/ALMA/ Model: jbxai | { "phishing_score":9, "brands":"DHL", "legit_domain":"dhl.com", "classification":"wellknown", "reasons":["The brand 'DHL' is a well-known international logistics company.", "The legitimate domain for DHL is 'dhl.com'.", "The provided URL 'hnt.zkg.mybluehost.me' does not match the legitimate domain for DHL.", "The URL uses a subdomain structure that is not associated with DHL.", "The domain 'mybluehost.me' suggests a hosting service, which is often used for phishing attempts.", "There is no direct association between the URL and the DHL brand."], "brand_matches":[false], "url_match":false, "brand_input":"DHL", "input_fields":"unknown"} |
URL: https://hnt.zkg.mybluehost.me/CA/ALMA/ Model: jbxai | { "phishing_score":9, "brands":"DHL", "legit_domain":"dhl.com", "classification":"wellknown", "reasons":["The brand 'DHL' is a well-known international logistics company.", "The legitimate domain for DHL is 'dhl.com'.", "The provided URL 'hnt.zkg.mybluehost.me' does not match the legitimate domain for DHL.", "The URL uses a subdomain structure that is not associated with DHL.", "The domain 'mybluehost.me' suggests a hosting service, which is often used for phishing attempts.", "There is no direct association between the URL and the DHL brand."], "brand_matches":[false], "url_match":false, "brand_input":"DHL", "input_fields":"unknown"} |
URL: https://hnt.zkg.mybluehost.me/CA/ALMA/ Model: jbxai | { "phishing_score":9, "brands":"DHL", "legit_domain":"dhl.com", "classification":"wellknown", "reasons":["The brand 'DHL' is a well-known international logistics company.", "The legitimate domain for DHL is 'dhl.com'.", "The provided URL 'hnt.zkg.mybluehost.me' does not match the legitimate domain for DHL.", "The URL uses a subdomain structure that is not associated with DHL.", "The domain 'mybluehost.me' suggests a hosting service, which is often used for phishing attempts.", "There is no direct association between the brand DHL and the domain 'mybluehost.me'."], "brand_matches":[false], "url_match":false, "brand_input":"DHL", "input_fields":"unknown"} |
URL: https://hnt.zkg.mybluehost.me/CA/ALMA/ Model: jbxai | { "phishing_score":9, "brands":"DHL", "legit_domain":"dhl.com", "classification":"wellknown", "reasons":["The brand 'DHL' is a well-known international logistics company.", "The legitimate domain for DHL is 'dhl.com'.", "The provided URL 'hnt.zkg.mybluehost.me' does not match the legitimate domain for DHL.", "The URL contains multiple subdomains and a domain that is not associated with DHL, which is suspicious.", "The use of 'mybluehost.me' suggests a hosting service, which is often used for phishing attempts."], "brand_matches":[false], "url_match":false, "brand_input":"DHL", "input_fields":"unknown"} |
URL: https://hnt.zkg.mybluehost.me/CA/ALMA/TM86/home.php?enc=216cebe87e59f7d733a55cb34caac745&p=0&dispatch=2e859a3c5bf05618f3198065172f3e675b61b5f7 Model: jbxai | { "brand":["DHL"], "contains_trigger_text":false, "trigger_text":"", "prominent_button_name":"unknown", "text_input_field_labels":"unknown", "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "text":"End of Day, Full Shipment Protection, Box 2 DHL - 1 piece - 1 (34 x 18 x 10), Shipping Date: Tue, Oct, 2024, Shipping: a 3.57, Meeting: Fri, Oct, 2024, Delivered by: End of Day, WORLDWIDE EXPRESS, Fri, Oct, 2024 - End of Day, Volumetric Weight 1.2 kg, Taxable Weight 1.3, Total Weight 2.5 kg, Transportation Fees: USD 1, 73, Local Delivery: USD 0, 70, Emergency Situation: USD 1, 14, Total: USD 3, 57, Address, First Name, Last Name, Email Address, Address, Postal Code, City, State", "has_visible_qrcode":false} |
URL: https://hnt.zkg.mybluehost.me/CA/ALMA/TM86/cc.php Model: jbxai | { "brand":["DHL"], "contains_trigger_text":false, "trigger_text":"", "prominent_button_name":"Pay with PayPal", "text_input_field_labels":["Card Number", "Expiration Date", "PIN Code"], "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "text":"End of Day Box 2 DHL - 1 piece - 1 (34 x 18 x 10) Shipping Date: Tue, Oct, 2024 Shipping: a 3.57 Meeting: Fri, Oct, 2024 Delivered by: End of Day WORLDWIDE EXPRESS Fri, Oct, 2024 - End of Day Volumetric Weight 1.2 kg Taxable Weight 1.3 Total Weight 2, 5 kg Transportation Fees: USD 2, 73 Local Delivery: USD 0, 70 Emergency Situation: USD 0, 14 Total USD 3, 57 Payment Form Choose Payment Method Pay with PayPal Card Number 1234 1234 1234 1234 Expiration Date MM/YY CVV 123 PIN Code", "has_visible_qrcode":false} |
URL: https://hnt.zkg.mybluehost.me/CA/ALMA/TM86/cc.php Model: jbxai | { "phishing_score":9, "brands":"DHL", "legit_domain":"dhl.com", "classification":"wellknown", "reasons":["The brand 'DHL' is a well-known international logistics company.", "The legitimate domain for DHL is 'dhl.com'.", "The provided URL 'hnt.zkg.mybluehost.me' does not match the legitimate domain for DHL.", "The URL uses a subdomain structure that is not associated with DHL.", "The domain 'mybluehost.me' suggests a hosting service, which is often used for phishing attempts.", "Presence of input fields for sensitive information like 'Card Number' on a non-legitimate domain is suspicious."], "brand_matches":[false], "url_match":false, "brand_input":"DHL", "input_fields":"Card Number"} |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2673 |
Entropy (8bit): | 3.9825785239156137 |
Encrypted: | false |
SSDEEP: | |
MD5: | 9BBC6546532247BD0ED8ADCC8DA39909 |
SHA1: | 53CE9A0FFECCCF0B65A2E3920A1E75C6AA46E9EB |
SHA-256: | 16A93394A60FE3D6A1F2B1D7A82F792308E67760A662FD6616CFFF18A87FF979 |
SHA-512: | 6DBD1941EF8C531175AC854F1D41A565E72AB8F7DE3D3B05B353B8243AE88948D56F8B0D3A428C9A89F1BFB74E6CC135364957EA93C4D73B8898DFE1ADE1E157 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2675 |
Entropy (8bit): | 4.000241590562707 |
Encrypted: | false |
SSDEEP: | |
MD5: | D342D7A9BA97D6121A96B2A816132F3A |
SHA1: | 46C7F629D4881D161AA2A021D24782788C302F6E |
SHA-256: | 5915D8278FADE10CA72E7C7061CDFB9B0959D134FF86B3BF1645CC8EAF9171DB |
SHA-512: | 2DA1E6801375BD29F0D55C204AD3F40A26A8657D5F704D19742D4F8F4CA904E1881908345025BDC68336E6750A92124775DEA29FE809C2D19CE335ECCA04E78F |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2689 |
Entropy (8bit): | 4.005597317236649 |
Encrypted: | false |
SSDEEP: | |
MD5: | 1900DD5A50ED1A736C7FFC56A095F187 |
SHA1: | 22D6C494E961FB9E40546C9B99694ABB3703DCA5 |
SHA-256: | BBEB53EC151DD60878DE28AD76161CFC8276A17C79379057D50E5B3BA5BD0C63 |
SHA-512: | A0306818AA440C73F02D2F476E713EA2F9EFD16329E11C9896E501B77FFBF5131B9113FCA53833714CEFAD6396B6137B03E5D01C066812D09C876FF03066FCF0 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2677 |
Entropy (8bit): | 3.9970410262055536 |
Encrypted: | false |
SSDEEP: | |
MD5: | 607A375B134F7E0118859FB9495B848E |
SHA1: | A7EF3AE037674169AB2B3A402B37F6ACC3A1C7A1 |
SHA-256: | 7D2B48F5ADAFD625BE7C351446E2439DBF90C5B5BAC4294060AC2E21CA8005F0 |
SHA-512: | FC8C037AC5B2E22F730F7A7262E722FC740D1D28105897F39389990907FF73E75C080BBBED967302D19338E83F6D307F3C8680A234476F451AE0FDA9A72A4353 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2677 |
Entropy (8bit): | 3.985185067154715 |
Encrypted: | false |
SSDEEP: | |
MD5: | 89C2B13739D4C8D67D052C8293928639 |
SHA1: | A0DCEEA6F453EB88209612833004729083ECFAC5 |
SHA-256: | B106FAB1F1F0C7E05C654C40840A6EEB674ED09303E210F93FA98A6AAE10CEAA |
SHA-512: | F056325A4F02BB5289FDF4134D1F3A96B02A76C73DEB5BA9C11FEFCC45A37FCD81C583F9834B3F00DEDAB3F976F6021FFDCE050B3740F4438F6D3C90E89B7729 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2679 |
Entropy (8bit): | 3.9953524164599274 |
Encrypted: | false |
SSDEEP: | |
MD5: | AA5A598C1F7B6C0F69933C9632232278 |
SHA1: | F839D76BFD66A2BDCAF06F0C23E21969B0BA6FE5 |
SHA-256: | 72F29225CAA97F483686579871225BE77A0C4A2D88EE3B3B5C565C78DEF0591C |
SHA-512: | E62A72F4A3CF31E2736233287DDE336C2ADD6E244761191D7F7863CFC7ED8D8E7F2239911F81A46706A685C56C6756DEC7A4BDA907F539C81018956D2BE39663 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 600 |
Entropy (8bit): | 7.391634169810707 |
Encrypted: | false |
SSDEEP: | |
MD5: | 0F2A4639B8A4CB30C76E8333C00D30A6 |
SHA1: | 57E273A270BB864970D747C74B3F0A7C8E515B13 |
SHA-256: | 44B988703019CD6BFA86C91840FECF2A42B611B364E3EEA2F4EB63BF62714E98 |
SHA-512: | 3EA72C7E8702D2E9D94B0FAA6FA095A33AB8BC6EC2891F8B3165CE29A9CCF2114FAEF424FA03FD4B9D06785326284C1BB2087CE05E249CCAC65418361BFA7C51 |
Malicious: | false |
Reputation: | unknown |
URL: | https://www.gstatic.com/recaptcha/api2/refresh_2x.png |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 16 |
Entropy (8bit): | 3.75 |
Encrypted: | false |
SSDEEP: | |
MD5: | AFB69DF47958EB78B4E941270772BD6A |
SHA1: | D9FE9A625E906FF25C1F165E7872B1D9C731E78E |
SHA-256: | 874809FB1235F80831B706B9E9B903D80BD5662D036B7712CC76F8C684118878 |
SHA-512: | FD92B98859FFCCFD12AD57830887259F03C7396DA6569C0629B64604CD964E0DF15D695F1A770D2E7F8DF238140F0E6DA7E7D176B54E31C3BB75DDE9B9127C45 |
Malicious: | false |
Reputation: | unknown |
URL: | https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISEAkCNOcHAY28mBIFDVNaR8U=?alt=proto |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1434 |
Entropy (8bit): | 5.782287307315429 |
Encrypted: | false |
SSDEEP: | |
MD5: | E7F4945A3458503BDEE0AD9476537604 |
SHA1: | CD049E2F8F9D05ABC087BBEF7EFEDA01EFB0F3A6 |
SHA-256: | 8AB3BC08E25F6A7E24EF75EE66ED06360BCEEACE487D22822D7724B3F2BBED50 |
SHA-512: | BD30B50396E0015B723FFD185972E37094A5CFF4A42CB5AE5D439AE3B85F2735F33145B363E2657AC174D66ED2E3F97FC0C2BFC9FDEE6B06C61E5A01FD1CFF34 |
Malicious: | false |
Reputation: | unknown |
URL: | https://www.google.com/recaptcha/api.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 469 |
Entropy (8bit): | 7.288594655186755 |
Encrypted: | false |
SSDEEP: | |
MD5: | 16291265180A2DBCD246ADA0B44EA35A |
SHA1: | 63EB909A37D9730A40955BEBF35542CFC1A5EDE9 |
SHA-256: | B36E63B78F7AB077C9F74269DEEC4010AE803B687B27CA13E6AA58712520BB84 |
SHA-512: | 85F687F93406B168E61A7AF0A169ACC3D7BC44FBEB0D2E6EC1A8748901691EBE41DDC1D25E4BA40BCAC0EFA75583E7D7C5B13EE7B95A84C5AAF26EFB0CBF9469 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 15344 |
Entropy (8bit): | 7.984625225844861 |
Encrypted: | false |
SSDEEP: | |
MD5: | 5D4AEB4E5F5EF754E307D7FFAEF688BD |
SHA1: | 06DB651CDF354C64A7383EA9C77024EF4FB4CEF8 |
SHA-256: | 3E253B66056519AA065B00A453BAC37AC5ED8F3E6FE7B542E93A9DCDCC11D0BC |
SHA-512: | 7EB7C301DF79D35A6A521FAE9D3DCCC0A695D3480B4D34C7D262DD0C67ABEC8437ED40E2920625E98AAEAFBA1D908DEC69C3B07494EC7C29307DE49E91C2EF48 |
Malicious: | false |
Reputation: | unknown |
URL: | https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 665 |
Entropy (8bit): | 7.42832670119013 |
Encrypted: | false |
SSDEEP: | |
MD5: | 07BF314AAB04047B9E9A959EE6F63DA3 |
SHA1: | 17BEF6602672E2FD9956381E01356245144003E5 |
SHA-256: | 55EAF62CB05DA20088DC12B39D7D254D046CB1FD61DDF3AE641F1439EFD0A5EE |
SHA-512: | 2A1D4EBC7FBA6951881FD1DDA745480B504E14E3ADAC3B27EC5CF4045DE14FF030D45DDA99DC056285C7980446BA0FC37F489B7534BE46107B21BD43CEE87BA0 |
Malicious: | false |
Reputation: | unknown |
URL: | https://www.gstatic.com/recaptcha/api2/info_2x.png |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 85564 |
Entropy (8bit): | 5.229924398061931 |
Encrypted: | false |
SSDEEP: | |
MD5: | 21FD12D4C4CD7D39C23A36F224A66EB9 |
SHA1: | 5689730E4E82ACE438C8620CD5857DA5FF8FD7E9 |
SHA-256: | 81DAE82116236F818E682C0A16E637AC112F7E47540E0CD39C145253C11F27C1 |
SHA-512: | 9FC27CAA0EAE09A88DF7497F2C69B785326E7EE515579C6DD9CC5FD0A1222A82988D57B24569645A4E08D91BE2EF3F3739FF1FF0EDCBD8E529DEC67460E1FDD5 |
Malicious: | false |
Reputation: | unknown |
URL: | https://cdn.livechatinc.com/tracking.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 17648 |
Entropy (8bit): | 3.1179926070389947 |
Encrypted: | false |
SSDEEP: | |
MD5: | F748283F1BDEF35CBE2D225ECCBE3895 |
SHA1: | C03C1864CA13CC124D7FAF7D4BB11515FD40D814 |
SHA-256: | CAE9D5ADF2B0220C74A93B644C26D53E27C3A87F9B5D3FE57D06442E808074A2 |
SHA-512: | 093DD0969F8C46A318B3F92885A84CC763C9A03D7EF81074DF92E27084BD8BE18AF807CAC4FBA28BC32DDF8A5BDDA2CFFC6071F6D6CB2AB5CDB4F4D021F15A73 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 32144 |
Entropy (8bit): | 7.972124726978186 |
Encrypted: | false |
SSDEEP: | |
MD5: | 3802183531A8C02171AAD890ACD2A766 |
SHA1: | D07097FB8C4587C03F8C4EFDA49212F4C3DFB07F |
SHA-256: | 9D1509EC7B2C0242A0DC7A8D96BDFE38297B0F2ADFE9435CCEAD5DA4A2E2BEDE |
SHA-512: | D790243B465A351F97305333882B9C4FBE2075ED59C20FFDFBBC7C0359DFC2A36476D2948C7CA96B9E1AAF47EC85C90811D351EDF2EC4CDF7A39D76B78A41DF5 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1016 |
Entropy (8bit): | 4.49400262382634 |
Encrypted: | false |
SSDEEP: | |
MD5: | FC4D11AE088EA7CCE9416CBB4A83BAB0 |
SHA1: | 4B8919F589AC9E848640CD1863CB4E018E1DDE1F |
SHA-256: | EF1C4B96FAA10240BFD3E9FFC991947A9D32237ECF61A1399B2C2C2FCF55C47B |
SHA-512: | 94F437F9B651E0AE529DE1230A7C35CC4767585988BF60EBD4E39A7D60FB916D5EE4C1797BEACD959FBC0DD8F27053F2B474BDC56CDD38096929ECE5BAEE9B85 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 58666 |
Entropy (8bit): | 5.400779200714718 |
Encrypted: | false |
SSDEEP: | |
MD5: | 30E93A747BA8285615CFBC3643DC1A62 |
SHA1: | 3A55F9D6AC708F519D351EA0B69083457778EC9D |
SHA-256: | 18C4B9B4C27233B541A47300A4EE98239E1F8DEC4BBCD9FABB6BDAD12CA82025 |
SHA-512: | 9487532066928C5592C665834B229B2F3D4E277735A38566E855D182E287D47CCE54245217C629837D3ECA06BB8F94D4321E127F9885BC2F7F35042BD4ABA642 |
Malicious: | false |
Reputation: | unknown |
URL: | https://dispatching-centre.lasamericascargo.com/js/card.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 127 |
Entropy (8bit): | 4.979513751267317 |
Encrypted: | false |
SSDEEP: | |
MD5: | D59B2080D315804504A8452FB872F3C5 |
SHA1: | 946D25788C32C6CEEB5D8D5AAF3ECDD3C4FF1A4B |
SHA-256: | 391E87738708E8C885A042E48BF2E13A755453CF5E2F3F56E472BF29B9C2596E |
SHA-512: | 1443AA34BD3C2FED8C79362FB6C65D9399B90F6ECB494D1654C660E8ADC017C4CC8703040C45AEFED85D21F0C80980039CB968B591316A5F72211661742D305F |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 125064 |
Entropy (8bit): | 7.994213368618236 |
Encrypted: | true |
SSDEEP: | |
MD5: | 57B380D27F14F16E737BCCA7E849CF79 |
SHA1: | 2E4280929D4D76FC0E31601C98F167F14630C209 |
SHA-256: | 94E1BBC1C2A41EBC73FA5253FD563256C0035B4D69181E48F9AEF9E474A11251 |
SHA-512: | 88DD2321CC4711333411A24DAB612DAA68CAF7CC31C892405BCBB9E89629CA15FCDD781BB26D7485F5819B5B48170EC8EAA2135701F4695CF94A1CB0C15BF649 |
Malicious: | false |
Reputation: | unknown |
URL: | https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/webfonts/fa-solid-900.woff2 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 78318 |
Entropy (8bit): | 5.178659111862382 |
Encrypted: | false |
SSDEEP: | |
MD5: | BCBBAE1082B38962E877FD490C47173A |
SHA1: | 323A7B29AB4B755D6204208C534804EED6497231 |
SHA-256: | 182717D4E386CC3DA173CAD4562B61BD2CD9EF8BDCC19D7C7CA4C89254C1C340 |
SHA-512: | A6B6707096064C4F0DE5F3F3A50D5E2A56FA9C9B8CB3B10E51CDC5C8A49BFA0E0F5187F7F70BB36CB3C4730B2FE86581DC4417CD005131DF9A056C4BC201731B |
Malicious: | false |
Reputation: | unknown |
URL: | https://hnt.zkg.mybluehost.me/CA/ALMA/log.css |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 682 |
Entropy (8bit): | 7.551216573501762 |
Encrypted: | false |
SSDEEP: | |
MD5: | F9F5C8CCD73ADC2DF4D9E3ACB9E24F85 |
SHA1: | AE26C7C6A83B6446179383C3B109FBAD8B92C034 |
SHA-256: | 381941FC8B5DF86879D6E2FCF3392D281B796C33F430F045405A0E6AF0E474B9 |
SHA-512: | B8433C2F8767F3D0CE611B5A278310FC554ECECBD6F8AC567D30471BD21FC1DDFB7DE2922C0C905926D12B2B955FA849F8B0CB32D538F205E54A2F4E8104933A |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 78840 |
Entropy (8bit): | 6.022413301778022 |
Encrypted: | false |
SSDEEP: | |
MD5: | 0CA290F7801B0434CFE66A0F300A324C |
SHA1: | 0891B431E5F2671A211DDD8F03ACF1D07792F076 |
SHA-256: | 0C613DC5F9E10DFF735C7A102433381C97B89C4A26CE26C78D9FFAD1ADDDC528 |
SHA-512: | AF70C75F30B08D731042C45091681B55E398EA6E6D96189BC9935CE25584A57240C678FF44C0C0428F93BF1F6A504E0558BC63F233D66D1B9A5B477BA1EF1533 |
Malicious: | false |
Reputation: | unknown |
URL: | https://www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/styles__ltr.css |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 551834 |
Entropy (8bit): | 5.646059185430787 |
Encrypted: | false |
SSDEEP: | |
MD5: | 33AFF52B82A1DF246136E75500D93220 |
SHA1: | 4675754451AF81F996EAB925923C31EF5115A9F4 |
SHA-256: | B5E8EC5D4DCC080657DEB2D004F65D974BF4EC9E9AA5D621E10749182FFF8731 |
SHA-512: | 2E1BAAE95052737BDB3613A6165589643516A1F4811D19C2F037D426265AA5ADF3C70334C1106B1B0EEF779244389F0D7C8C52B4CD55FCE9BAB2E4FCB0642720 |
Malicious: | false |
Reputation: | unknown |
URL: | https://www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__en.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 475 |
Entropy (8bit): | 7.334075153511776 |
Encrypted: | false |
SSDEEP: | |
MD5: | E00004714CE72691E26F9B61C9810780 |
SHA1: | 51385AF6CB9A9D372C3151E67D331DDC1B92B3C4 |
SHA-256: | B8B7E6C193F0B11BECE8C12B305CBF15130BC99B32AE92426EB747A3DA3264D6 |
SHA-512: | A2DFB57AB3C8458E0EED2A565C3355982F078DB347FE9AF4C67C13980E7E04DB243DE7D2681545DADDFEC375F9E5F0AE931BECC36EB40332135F87F8099407A0 |
Malicious: | false |
Reputation: | unknown |
URL: | https://hnt.zkg.mybluehost.me/CA/ALMA/TM86/assets/clan.png |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2228 |
Entropy (8bit): | 7.82817506159911 |
Encrypted: | false |
SSDEEP: | |
MD5: | EF9941290C50CD3866E2BA6B793F010D |
SHA1: | 4736508C795667DCEA21F8D864233031223B7832 |
SHA-256: | 1B9EFB22C938500971AAC2B2130A475FA23684DD69E43103894968DF83145B8A |
SHA-512: | A0C69C70117C5713CAF8B12F3B6E8BBB9CDAF72768E5DB9DB5831A3C37541B87613C6B020DD2F9B8760064A8C7337F175E7234BFE776EEE5E3588DC5662419D9 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 2238 |
Entropy (8bit): | 1.4858300861878153 |
Encrypted: | false |
SSDEEP: | |
MD5: | A6F1AF8E79A11829BA9A66474B06BB97 |
SHA1: | D99E3EC7747C865033A8DFAD43C9F49634404BC1 |
SHA-256: | B0DBD00F3650FA6B931E678A9D8F79A405D23C7ADF111AB91B1A01A0E7109807 |
SHA-512: | F229B3A71EC1568DBC9F422097CDE564EAA6EA530B370D47B82756B660C3342E4402C40600A22C988A5973039860AD2FAF83C6721D8D1725C5D61DB6044A6D69 |
Malicious: | false |
Reputation: | unknown |
URL: | https://dispatching-centre.lasamericascargo.com/images/favicon.gif |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 15340 |
Entropy (8bit): | 7.983406336508752 |
Encrypted: | false |
SSDEEP: | |
MD5: | 19B7A0ADFDD4F808B53AF7E2CE2AD4E5 |
SHA1: | 81D5D4C7B5035AD10CCE63CF7100295E0C51FDDA |
SHA-256: | C912A9CE0C3122D4B2B29AD26BFE06B0390D1A5BDAA5D6128692C0BEFD1DFBBD |
SHA-512: | 49DA16000687AC81FC4CA9E9112BDCA850BB9F32E0AF2FE751ABC57A8E9C3382451B50998CEB9DE56FC4196F1DC7EF46BBA47933FC47EB4538124870B7630036 |
Malicious: | false |
Reputation: | unknown |
URL: | https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 80 |
Entropy (8bit): | 4.827132546808606 |
Encrypted: | false |
SSDEEP: | |
MD5: | F0D2E38A21FCABB439D0D6B37DEF93C0 |
SHA1: | 1A99ADBD0420973769020D1B008B19326684510B |
SHA-256: | 26BC12F58A29277524339F1A3BE35C51A41078E9A423C59DB49351A889CDF772 |
SHA-512: | 032B76951F266E71E008CA48FCE029CBD0B8E9A7D9E816C01EBCB7A593FF4840A6CCD092C661E988821240611364C8B558FCBEC2BE553AB67CA150D29A5FF89D |
Malicious: | false |
Reputation: | unknown |
URL: | https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISEAnU2t0q37vVDBIFDXzgTfwSEAmUl0qLh_JRhxIFDYOPjWcSJQmn5nRSH4_9VRIFDaOKs4QSBQ3NRZMrEgUNCL5bpxIFDS3bGyA=?alt=proto |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 12985 |
Entropy (8bit): | 7.828068740605507 |
Encrypted: | false |
SSDEEP: | |
MD5: | 520EFF7678B3394540C9A96F96CC5F0A |
SHA1: | 5FD6255611AE63E3EE63D448A490142068968937 |
SHA-256: | E28BCF171178BD4731B024D70B21FD5BF931895399B397C9DCB28284B22DCC50 |
SHA-512: | FD81E0855504AE6F2E84EB46B5060CD3CEF197BFF64115FBA69610556A6E7401BCB19AE298BDFFC318E9DA8294E6BA9243E30F442A5BD2E969F1A5B735B381F3 |
Malicious: | false |
Reputation: | unknown |
URL: | https://hnt.zkg.mybluehost.me/CA/ALMA/TM86/assets/npay.jpg |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 874356 |
Entropy (8bit): | 5.361488834882149 |
Encrypted: | false |
SSDEEP: | |
MD5: | F72950DA27494D79A660FA85BDCADA9B |
SHA1: | 65761985B59A41AA4763163DFAC1B3C0DD4F0F61 |
SHA-256: | 27022E814341E4D2E1CACF656B385A6F7F184C124E3122E990E7784096FF78B5 |
SHA-512: | 0D7B20E6D3C9E2E96BBAE40395B00F7876069E333E4520473E32589BA2870E275993BB27C596E5EF4BFB1DA887A186B66B7937C76E5E64AB57DAE6EC370412A3 |
Malicious: | false |
Reputation: | unknown |
URL: | https://cdn.lr-in.com/logger-1.min.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 315 |
Entropy (8bit): | 5.0572271090563765 |
Encrypted: | false |
SSDEEP: | |
MD5: | A34AC19F4AFAE63ADC5D2F7BC970C07F |
SHA1: | A82190FC530C265AA40A045C21770D967F4767B8 |
SHA-256: | D5A89E26BEAE0BC03AD18A0B0D1D3D75F87C32047879D25DA11970CB5C4662A3 |
SHA-512: | 42E53D96E5961E95B7A984D9C9778A1D3BD8EE0C87B8B3B515FA31F67C2D073C8565AFC2F4B962C43668C4EFA1E478DA9BB0ECFFA79479C7E880731BC4C55765 |
Malicious: | false |
Reputation: | unknown |
URL: | https://hnt.zkg.mybluehost.me/fonts/vendor/@fontsource/roboto/files/roboto-latin-400-normal.woff2?4673b4537a84c7f7a130799aa6af329b |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 140 |
Entropy (8bit): | 4.826313929997279 |
Encrypted: | false |
SSDEEP: | |
MD5: | F0EFF7EE5D234E56CCA708A6C380528C |
SHA1: | 371C1FED2470DC5DC53E8A3C79D8810AA511A375 |
SHA-256: | 19468D9485A94BB9B18A671AD8BB910AA07C1DE869087295AB00ECECF4E506BD |
SHA-512: | 5C8DBB360A0CACECEA63577B6E93A76E34071F615BC38BCC1DB78FF15412A49467771185DB77B8A4F0E54C91C1CADDE25951A45773F89E11773D443BD412735D |
Malicious: | false |
Reputation: | unknown |
URL: | https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISEAnU2t0q37vVDBIFDXzgTfwSEAmUl0qLh_JRhxIFDYOPjWcSSAnn2ITUSAUg2hIFDe-_jXMSBQ0AoAvKEgUNg6hbPRIFDf2GJkASBQ1u1ykLEgUNRmcVfRIFDfKo5J0SBQ0F1X72EgUNU_J1YQ==?alt=proto |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 83981 |
Entropy (8bit): | 4.7735566283508355 |
Encrypted: | false |
SSDEEP: | |
MD5: | 3D5EF2BF867C4054A2F336CDBAD9E1DC |
SHA1: | 07228D1FA3245EE156A27A353F45758A3207849F |
SHA-256: | A361E7885C36BACB3FD9CB068DA207C3B9329962CAC022D06E28923939F575E8 |
SHA-512: | 168DEB96B663FE4EEE8D39C78380864760FB912B34BF82CB6A7C36AA4B18B91944CCEFAD71A10F428810D0A6A818DDBAFF3AE7DB42264750DFB8B5A73A8EDA04 |
Malicious: | false |
Reputation: | unknown |
URL: | https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 415045 |
Entropy (8bit): | 4.865472000389467 |
Encrypted: | false |
SSDEEP: | |
MD5: | B33E59C592EB453D12F6A53179D8EF19 |
SHA1: | 5D1863F728B58D4456E1B1D824D98FE56810E69E |
SHA-256: | A0B9419777F544B665051CAE80F11BF8FF9F925072A9F062A3D82C383E6CDFDE |
SHA-512: | 9AA37B0D4A45E03E532311D89CBE2D527FA31C31F8C2E88A3B162BF8E567120A878158FD24C94B3C9AFE6A2F22497055295D101C04AA8362C3B44B17E58CB596 |
Malicious: | false |
Reputation: | unknown |
URL: | https://hnt.zkg.mybluehost.me/CA/ALMA/TM86/assets/app.css |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 102 |
Entropy (8bit): | 4.921030304008144 |
Encrypted: | false |
SSDEEP: | |
MD5: | 59EE3965FCB16F88E9BDC20B9CD8612E |
SHA1: | 3D93A27E4DAC9DDA01DC5BBCCA9E1F53E827DAF2 |
SHA-256: | 020A92F2FB27981D1398F916AE17400F8F11473962EBD858B7BF6901814EDD7B |
SHA-512: | 3E4C07D9CE3DEDE2998A59C32A3FE12D781AAE33C4AFE8D2B9B0D12C18EB96257373098497B5F3C909EC1EDE64FEB4B4074DBDB9678B4D6B019CD64360222849 |
Malicious: | false |
Reputation: | unknown |
URL: | https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=xds0rzGrktR88uEZ2JUvdgOY |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 380 |
Entropy (8bit): | 7.010478036190101 |
Encrypted: | false |
SSDEEP: | |
MD5: | 5C71F27C78F2FA4C03011A7C22B82496 |
SHA1: | 686900B9EAD294FF018699E3FA65C023E5B41DE0 |
SHA-256: | EB6CA62C1E5D64C52BE3FFA63C298DCDA2483C04C4B17D1BFE605D134E52F91B |
SHA-512: | CEB51685733CFE4F2D353A314E032A8FC7BDFB2AFA4B0F4991702DEB9264D4ACE7C949EE248963FF64E0FCD9C2337E141080C36875BF19B8E0F52721DE7FC371 |
Malicious: | false |
Reputation: | unknown |
URL: | https://hnt.zkg.mybluehost.me/CA/ALMA/TM86/assets/pak.png |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 530 |
Entropy (8bit): | 7.2576396280117494 |
Encrypted: | false |
SSDEEP: | |
MD5: | 88E0F42C9FA4F94AA8BCD54D1685C180 |
SHA1: | 5AD9D47A49B82718BAA3BE88550A0B3350270C42 |
SHA-256: | 89C62095126FCA89EA1511CF35B49B8306162946B0C26D6F60C5506C51D85992 |
SHA-512: | FAFF842E9FF4CC838EC3C724E95EEE6D36B2F8C768DC23E48669E28FC5C19AA24B1B34CF1DBCBE877B3537D6A325B4C35AF440C2B6D58F6A77A04A208D9296F8 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 17585 |
Entropy (8bit): | 7.887872148050432 |
Encrypted: | false |
SSDEEP: | |
MD5: | F3FFB13CF88B13EC557E6149371B361D |
SHA1: | 3C72F0855B4BD6E3B45675A5E8B08C8FB7A98F49 |
SHA-256: | CE6A239FDE88D8FB01C7A10D6F7B27D1BC23F5462D02F5EBB4927479FA32A302 |
SHA-512: | 0A550E6436209D0E19611BB52C4530F578A056504D370D5ED48D95FE058200902D5A37FC7154FB3BB5CAA7013FDC4093421FD6D8D4A8125F31F4B2CA888564BF |
Malicious: | false |
Reputation: | unknown |
URL: | https://hnt.zkg.mybluehost.me/CA/ALMA/TM86/assets/loading.gif |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1998 |
Entropy (8bit): | 7.900986621763582 |
Encrypted: | false |
SSDEEP: | |
MD5: | 5D14AB93691604E826E1319D53599EB9 |
SHA1: | 78724360E9D25DA584445B851E37BCA05ABE6B85 |
SHA-256: | 3F0C62B5CCDCDBF3B3AE3885F1E6959E2D937EBA9B29DEA9A6BDB98788041756 |
SHA-512: | DC91304849C5D9B54124CE5A0FA47C9D0BFFB35090479FAFB4DCD7CFF9B75D0467A3AA3D7837D1E1EF418F3F961DC9D31D65387C701646FEBB792F1AB2EDEDAA |
Malicious: | false |
Reputation: | unknown |
URL: | https://hnt.zkg.mybluehost.me/CA/ALMA/TM86/assets/logo.png |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 71949 |
Entropy (8bit): | 4.4179085591070795 |
Encrypted: | false |
SSDEEP: | |
MD5: | 4F963B0960B787ED07AA934CA27F8A17 |
SHA1: | 448661C5BBEDCD8E91F613F783056341924A2075 |
SHA-256: | E3C09E3AE0138A6AEBEAAFE2BF96DD724EC7D6DC358A69344DAFA2697ADD3B81 |
SHA-512: | 54DCF38BF562659A547BE86C2B9A6DC34899A99605F615059924F95F0F47101587E5A540756E4C2323772D9A737168BF170E60FE7DB06917F5562FF1B32E855D |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 15552 |
Entropy (8bit): | 7.983966851275127 |
Encrypted: | false |
SSDEEP: | |
MD5: | 285467176F7FE6BB6A9C6873B3DAD2CC |
SHA1: | EA04E4FF5142DDD69307C183DEF721A160E0A64E |
SHA-256: | 5A8C1E7681318CAA29E9F44E8A6E271F6A4067A2703E9916DFD4FE9099241DB7 |
SHA-512: | 5F9BB763406EA8CE978EC675BD51A0263E9547021EA71188DBD62F0212EB00C1421B750D3B94550B50425BEBFF5F881C41299F6A33BBFA12FB1FF18C12BC7FF1 |
Malicious: | false |
Reputation: | unknown |
URL: | https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 18673 |
Entropy (8bit): | 5.593695094312822 |
Encrypted: | false |
SSDEEP: | |
MD5: | 61721B9FC4880C88E14E0251D0FFC033 |
SHA1: | 27A8A3835B9F801E3D9302631D0DB87D7C5CD4E6 |
SHA-256: | 4B36D33EB3E3D1164C877B0A91EEC39B6475100390683D65AC524A0219C9D2D1 |
SHA-512: | F7C3A9572E54ADC10991450521E16F89127965466E4500239E5A2B72646D212B2B8524E4BF0A761901F1A0232B1119C8ACE823AEEDD495A64A3ED812851E95E1 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 89338 |
Entropy (8bit): | 4.33317544061384 |
Encrypted: | false |
SSDEEP: | |
MD5: | BE78A3E1D45F0451D605431C05961C22 |
SHA1: | 13F65075B0AD9774F95406A2529423A631032A31 |
SHA-256: | 691FF3918FB72CDDC3ABF2B84AF0D66E0D2875B18B032EF6864923789C7E4077 |
SHA-512: | 45EF5C59CF21927EDA5AC3C71E55FE16EB26232ACD78A432D7B8A6B2AF4AC483DAB83C755C69C18499FBF88B568BB7F04F7E62FBCD690C9190B68945C2751766 |
Malicious: | false |
Reputation: | unknown |
URL: | https://dispatching-centre.lasamericascargo.com/js/intlTelInput.js |
Preview: |