IOC Report
http://hybrid-web.global.blackspider.com/urlwrap/?q=AXicFczBaoMwHIDx_0PsutOgx6RqN-lAmNGaouig1m7JZYQY0JFqiFnFZ9vLlL3D7ltP3-XHd0fh-g3w-wNg9eKFLZrsBZ1Fr-U4ODtqJMczbLbFE4m3vh8-ev4aJtEJi4wY-k-lXxYxdb39d6jX0DlnpmeM53lGvdTjV3sbYCm0GlphsbqoweEHF_kf-5gdy5Kf6C5I65KzW2mVH2hQ-Lu6puQ1rbKsOu6TOts0hJ7eGQk55wfWxGmd

loading gif

Files

File Path
Type
Category
Malicious
Chrome Cache Entry: 100
ASCII text, with very long lines (65026)
downloaded
Chrome Cache Entry: 101
ASCII text
dropped
Chrome Cache Entry: 102
PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 103
Unicode text, UTF-8 text, with very long lines (47124), with NEL line terminators
dropped
Chrome Cache Entry: 104
ASCII text, with very long lines (65026)
dropped
Chrome Cache Entry: 105
HTML document, ASCII text, with very long lines (2715)
downloaded
Chrome Cache Entry: 106
Web Open Font Format (Version 2), TrueType, length 215624, version 1.0
downloaded
Chrome Cache Entry: 107
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 108
PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 109
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 110
Web Open Font Format (Version 2), TrueType, length 234260, version 1.0
downloaded
Chrome Cache Entry: 111
data
downloaded
Chrome Cache Entry: 112
Web Open Font Format (Version 2), TrueType, length 215624, version 1.0
downloaded
Chrome Cache Entry: 113
Unicode text, UTF-8 text, with very long lines (46673)
downloaded
Chrome Cache Entry: 114
ASCII text, with very long lines (65021)
dropped
Chrome Cache Entry: 115
ASCII text, with very long lines (60050)
downloaded
Chrome Cache Entry: 116
Unicode text, UTF-8 text, with CRLF, LF line terminators
downloaded
Chrome Cache Entry: 117
JSON data
dropped
Chrome Cache Entry: 118
Unicode text, UTF-8 text, with very long lines (65366), with no line terminators
downloaded
Chrome Cache Entry: 119
ASCII text, with very long lines (44491), with no line terminators
dropped
Chrome Cache Entry: 120
PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 121
JSON data
downloaded
Chrome Cache Entry: 122
PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 123
ASCII text, with very long lines (65026)
downloaded
Chrome Cache Entry: 124
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 125
ASCII text, with very long lines (44491), with no line terminators
downloaded
Chrome Cache Entry: 126
PNG image data, 486 x 205, 8-bit/color RGBA, interlaced
downloaded
Chrome Cache Entry: 127
ASCII text
downloaded
Chrome Cache Entry: 128
ASCII text, with very long lines (65026)
downloaded
Chrome Cache Entry: 129
ASCII text
dropped
Chrome Cache Entry: 130
ASCII text, with very long lines (12505)
downloaded
Chrome Cache Entry: 131
PNG image data, 430 x 388, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 132
Web Open Font Format (Version 2), TrueType, length 7708, version 1.0
downloaded
Chrome Cache Entry: 133
MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
downloaded
Chrome Cache Entry: 134
ASCII text, with CRLF line terminators
dropped
Chrome Cache Entry: 135
data
dropped
Chrome Cache Entry: 136
PNG image data, 1324 x 950, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 137
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 138
ASCII text, with very long lines (61121)
dropped
Chrome Cache Entry: 139
data
downloaded
Chrome Cache Entry: 140
PNG image data, 145 x 35, 8-bit/color RGBA, interlaced
downloaded
Chrome Cache Entry: 141
ISO Media, MP4 v2 [ISO 14496-14]
downloaded
Chrome Cache Entry: 142
ASCII text, with very long lines (65453)
downloaded
Chrome Cache Entry: 143
gzip compressed data, from Unix, original size modulo 2^32 98995
downloaded
Chrome Cache Entry: 144
Unicode text, UTF-8 text, with very long lines (47124), with NEL line terminators
downloaded
Chrome Cache Entry: 145
ASCII text, with very long lines (60050)
dropped
Chrome Cache Entry: 146
HTML document, ASCII text
downloaded
Chrome Cache Entry: 147
Unicode text, UTF-8 text, with CRLF, LF line terminators
downloaded
Chrome Cache Entry: 148
Unicode text, UTF-8 text, with very long lines (46673)
dropped
Chrome Cache Entry: 149
ASCII text, with very long lines (65026)
dropped
Chrome Cache Entry: 150
ASCII text, with very long lines (65453)
dropped
Chrome Cache Entry: 151
ASCII text, with very long lines (65026)
downloaded
Chrome Cache Entry: 152
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 153
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 154
ASCII text
downloaded
Chrome Cache Entry: 155
JSON data
downloaded
Chrome Cache Entry: 156
HTML document, ASCII text, with very long lines (452), with CRLF, LF line terminators
downloaded
Chrome Cache Entry: 157
PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 158
ASCII text, with very long lines (65021)
downloaded
Chrome Cache Entry: 159
data
downloaded
Chrome Cache Entry: 160
gzip compressed data, from Unix, original size modulo 2^32 23928
downloaded
Chrome Cache Entry: 161
ASCII text, with very long lines (61121)
downloaded
Chrome Cache Entry: 162
PNG image data, 1324 x 950, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 163
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 164
data
downloaded
Chrome Cache Entry: 165
Web Open Font Format (Version 2), TrueType, length 231048, version 1.0
downloaded
Chrome Cache Entry: 166
ASCII text, with very long lines (12505)
dropped
Chrome Cache Entry: 167
PNG image data, 486 x 205, 8-bit/color RGBA, interlaced
dropped
Chrome Cache Entry: 168
PNG image data, 430 x 388, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 169
Web Open Font Format (Version 2), TrueType, length 220536, version 1.0
downloaded
Chrome Cache Entry: 170
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 171
Windows Precompiled iNF, version 1.0, flags 0x89c70200, at 0x524448,, LanguageID c41e, at 0x88758a8b, at 0x5c120a8
dropped
Chrome Cache Entry: 172
ASCII text, with very long lines (65026)
downloaded
Chrome Cache Entry: 173
Windows Precompiled iNF, version 1.0, flags 0x89c70200, at 0x524448,, LanguageID c41e, at 0x88758a8b, at 0x5c120a8
downloaded
Chrome Cache Entry: 174
HTML document, ASCII text, with very long lines (4646)
downloaded
Chrome Cache Entry: 175
TrueType Font data, 15 tables, 1st "FFTM", 14 names, Macintosh, Copyright (c) 2018, Gurpreet Kaur Balgir1shared-iconsiconsFontForge 2.0 : shared-icons : 23-7-20
downloaded
Chrome Cache Entry: 176
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 177
ASCII text, with very long lines (65026)
dropped
Chrome Cache Entry: 178
gzip compressed data, from Unix, original size modulo 2^32 14308
downloaded
Chrome Cache Entry: 179
HTML document, ASCII text, with very long lines (451), with CRLF, LF line terminators
downloaded
Chrome Cache Entry: 180
PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 181
MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
dropped
Chrome Cache Entry: 97
Unicode text, UTF-8 text, with very long lines (64945), with no line terminators
downloaded
Chrome Cache Entry: 98
Web Open Font Format (Version 2), TrueType, length 220536, version 1.0
downloaded
Chrome Cache Entry: 99
PNG image data, 145 x 35, 8-bit/color RGBA, interlaced
dropped
There are 76 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2292 --field-trial-handle=2200,i,14995416763360869801,3715102301362132616,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "http://hybrid-web.global.blackspider.com/urlwrap/?q=AXicFczBaoMwHIDx_0PsutOgx6RqN-lAmNGaouig1m7JZYQY0JFqiFnFZ9vLlL3D7ltP3-XHd0fh-g3w-wNg9eKFLZrsBZ1Fr-U4ODtqJMczbLbFE4m3vh8-ev4aJtEJi4wY-k-lXxYxdb39d6jX0DlnpmeM53lGvdTjV3sbYCm0GlphsbqoweEHF_kf-5gdy5Kf6C5I65KzW2mVH2hQ-Lu6puQ1rbKsOu6TOts0hJ7eGQk55wfWxGmdJG8FKbIyyBuWs2RlIuN565VVRi-RkFIZBwD3V4A_lcRInA&Z"

URLs

Name
IP
Malicious
http://hybrid-web.global.blackspider.com/urlwrap/?q=AXicFczBaoMwHIDx_0PsutOgx6RqN-lAmNGaouig1m7JZYQY0JFqiFnFZ9vLlL3D7ltP3-XHd0fh-g3w-wNg9eKFLZrsBZ1Fr-U4ODtqJMczbLbFE4m3vh8-ev4aJtEJi4wY-k-lXxYxdb39d6jX0DlnpmeM53lGvdTjV3sbYCm0GlphsbqoweEHF_kf-5gdy5Kf6C5I65KzW2mVH2hQ-Lu6puQ1rbKsOu6TOts0hJ7eGQk55wfWxGmdJG8FKbIyyBuWs2RlIuN565VVRi-RkFIZBwD3V4A_lcRInA&Z
http://www.mailcontrol.com/http-resources/notification-pages/icons60/warning.png
85.115.52.220
http://www.apache.org/licenses/LICENSE-2.0
unknown
http://www.mailcontrol.com
unknown
http://baris.aydinoglu.info)
unknown
http://www.mailcontrol.com/http-resources/notification-pages/notification-ie6.css
unknown
http://www.mailcontrol.com/http-resources/iepngfix/blank.gif
unknown
http://www.mailcontrol.com/http-resources/notification-pages/jquery-1.4.2.min.js
unknown
https://github.com/zloirock/core-js
unknown
https://p110-calendarws.icloud.com/ca/invitereply/2_HAYTMMZVGE3DSMZYGE3DGNJRG3K2ESSGBODNFFNTHCSF4UBGVXYB7ZZZRYUADSCCWKBKFM3JUYJYC?usertz=America%2FNew_York&lang=en-us&clientBuildNumber=2426Hotfix45&clientMasteringNumber=2426Hotfix45&clientId=a49b5d01-7c84-4678-9f96-7463c1e7f4db
17.248.209.73
http://www.mailcontrol.com/http-resources/ie6_joined_classes.js
unknown
http://barisaydinoglu.github.com/Detectizr/
unknown
http://www.mailcontrol.com/http-resources/iepngfix/jquery.iepngfix.js
unknown
https://github.com/zloirock/core-js/blob/v3.36.0/LICENSE
unknown
http://www.mailcontrol.com/http-resources/notification-pages/notification-ie.css
unknown
http://www.mailcontrol.com/http-resources/head.js
unknown
http://www.mailcontrol.com/http-resources/notification-pages/notification.css
85.115.52.220
http://hybrid-web.global.blackspider.com/urlwrap/?q=AXicFczLaoNAGEDh_yG67aqQ5RjvKAj1EidotRBj0nFThlHQ
unknown
http://www.mailcontrol.com/http-resources/bootstrap/css/bootstrap.css
85.115.52.220
https://setup.icloud.com/setup/ws/1/validate?clientBuildNumber=2426Hotfix45&clientMasteringNumber=2426Hotfix45&clientId=a49b5d01-7c84-4678-9f96-7463c1e7f4db
17.248.209.70
http://hybrid-web.global.blackspider.com/urlwrap/?q=AXicFczBaoMwHIDx_0PsutOgx6RqN-lAmNGaouig1m7JZYQY0JFqiFnFZ9vLlL3D7ltP3-XHd0fh-g3w-wNg9eKFLZrsBZ1Fr-U4ODtqJMczbLbFE4m3vh8-ev4aJtEJi4wY-k-lXxYxdb39d6jX0DlnpmeM53lGvdTjV3sbYCm0GlphsbqoweEHF_kf-5gdy5Kf6C5I65KzW2mVH2hQ-Lu6puQ1rbKsOu6TOts0hJ7eGQk55wfWxGmdJG8FKbIyyBuWs2RlIuN565VVRi-RkFIZBwD3V4A_lcRInA&Z
http://canjs.com/
unknown
https://jquery.org/license
unknown
http://www.mailcontrol.com/http-resources/notification-pages/2020/notification_page_logo_145x35.png
85.115.52.220
http://hybrid-web.global.blackspider.com/favicon.ico
85.115.56.150
https://feross.org/opensource
unknown
https://jquery.com/
unknown
http://www.mailcontrol.com/http-resources/bootstrap/css/ie.css
unknown
https://feedbackws.icloud.com/reportStats
17.248.209.68
http://www.videolan.org/x264.html
unknown
http://www.mailcontrol.com/http-resources/notification-pages/respond.src.js
unknown
https://p110-calendarws.icloud.com/ca/inviterequest/2_HAYTMMZVGE3DSMZYGE3DGNJRG3K2ESSGBODNFFNTHCSF4UBGVXYB7ZZZRYUADSCCWKBKFM3JUYJYC?usertz=America%2FNew_York&lang=en-us&clientBuildNumber=2426Hotfix45&clientMasteringNumber=2426Hotfix45&clientId=a49b5d01-7c84-4678-9f96-7463c1e7f4db
17.248.209.73
http://www.mailcontrol.com/http-resources/bootstrap/css/bootstrap-responsive.css
85.115.52.220
http://www.mailcontrol.com/http-resources/notification-pages/icons60/success.png
85.115.52.220
http://feross.org
unknown
http://www.mailcontrol.com/http-resources/notification-pages/empty.js
85.115.52.220
http://www.mailcontrol.com/http-resources/bootstrap/css/bootstrap-ie6.min.css
unknown
There are 26 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
hybrid-web.global.blackspider.com
85.115.56.150
calendarws.fe2.apple-dns.net
17.248.209.73
setup.fe2.apple-dns.net
17.248.209.70
s-part-0017.t-0009.fb-t-msedge.net
13.107.253.45
www.google.com
216.58.206.68
gateway.fe2.apple-dns.net
17.248.209.69
ckdatabasews.fe2.apple-dns.net
17.248.209.70
cvws.apple-dns.net
17.248.209.42
feedbackws.fe2.apple-dns.net
17.248.209.68
cluster-aa.mailcontrol.com
85.115.52.220
fp2e7a.wpc.phicdn.net
192.229.221.95
s-part-0032.t-0009.t-msedge.net
13.107.246.60
setup.icloud.com
unknown
feedbackws.icloud.com
unknown
www.mailcontrol.com
unknown
cvws.icloud-content.com
unknown
ckdatabasews.icloud.com
unknown
p110-calendarws.icloud.com
unknown
There are 8 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
85.115.56.150
hybrid-web.global.blackspider.com
United Kingdom
17.248.209.73
calendarws.fe2.apple-dns.net
United States
17.248.209.70
setup.fe2.apple-dns.net
United States
192.168.2.4
unknown
unknown
216.58.206.68
www.google.com
United States
17.248.209.69
gateway.fe2.apple-dns.net
United States
17.248.209.68
feedbackws.fe2.apple-dns.net
United States
239.255.255.250
unknown
Reserved
17.248.209.42
cvws.apple-dns.net
United States
85.115.52.220
cluster-aa.mailcontrol.com
United Kingdom

DOM / HTML

URL
Malicious
http://hybrid-web.global.blackspider.com/urlwrap/?q=AXicFczBaoMwHIDx_0PsutOgx6RqN-lAmNGaouig1m7JZYQY0JFqiFnFZ9vLlL3D7ltP3-XHd0fh-g3w-wNg9eKFLZrsBZ1Fr-U4ODtqJMczbLbFE4m3vh8-ev4aJtEJi4wY-k-lXxYxdb39d6jX0DlnpmeM53lGvdTjV3sbYCm0GlphsbqoweEHF_kf-5gdy5Kf6C5I65KzW2mVH2hQ-Lu6puQ1rbKsOu6TOts0hJ7eGQk55wfWxGmdJG8FKbIyyBuWs2RlIuN565VVRi-RkFIZBwD3V4A_lcRInA&Z
http://hybrid-web.global.blackspider.com/urlwrap/?q=AXicFczLaoNAGEDh_yG67aqQ5RjvKAj1EidotRBj0nFThlHQZKIyTiPm1foyoe_QfZvV2XycJwz3b4DfHwDBF9Wu0SSu6EI7zoZeioEjNlzAcFIr8B1Ns01VW8NEWyrQSPvu1PDXhU5tJ_4d6ji0Uo6TqyjzPKOO8eGrfgwURnnT11QozbXppfIiPe1z65N9llUHvNGjIqvIozhPdlhPtU1R4OA9yuM432_DIjbKAB8-SGBXVbUjpR8VYXhMgzTO9KQkCQlXozeq6nolmpEvHmWsGSWc3-TteHKNs3BVx3JM0wJ4vgP8AfmDTgA&action=scan
https://www.icloud.com/calendar/event/#t=2_HAYTMMZVGE3DSMZYGE3DGNJRG3K2ESSGBODNFFNTHCSF4UBGVXYB7ZZZRYUADSCCWKBKFM3JUYJYC&p=p110
https://www.icloud.com/calendar/event/#t=2_HAYTMMZVGE3DSMZYGE3DGNJRG3K2ESSGBODNFFNTHCSF4UBGVXYB7ZZZRYUADSCCWKBKFM3JUYJYC&p=p110
https://www.icloud.com/calendar/event/#t=2_HAYTMMZVGE3DSMZYGE3DGNJRG3K2ESSGBODNFFNTHCSF4UBGVXYB7ZZZRYUADSCCWKBKFM3JUYJYC&p=p110
https://www.icloud.com/calendar/event/#t=2_HAYTMMZVGE3DSMZYGE3DGNJRG3K2ESSGBODNFFNTHCSF4UBGVXYB7ZZZRYUADSCCWKBKFM3JUYJYC&p=p110
https://www.icloud.com/calendar/event/#t=2_HAYTMMZVGE3DSMZYGE3DGNJRG3K2ESSGBODNFFNTHCSF4UBGVXYB7ZZZRYUADSCCWKBKFM3JUYJYC&p=p110
https://www.icloud.com/
https://www.icloud.com/
https://www.icloud.com/