Warning! We are currently in recovery mode. The complete archive is not available.

Sample details: 226bdb11b7364ed2770a2ef4fef4d2af --

Hashes
MD5: 226bdb11b7364ed2770a2ef4fef4d2af
SHA1: 7e8cf77d355db3ef18b8f41ad5aaf260530c4a9c
SHA256: da75b15594ef79ddcc4b0f13f4ca0d33d6578feb39e10a414014a3a21f0e2b9c
SSDEEP: 24:k3iymIsYv5WuVL4ntNvyF8WFgGQFxR9gI:mx5WuF8tpya2gJH
Details
File Type: HTML
Yara Hits
Source
http://www.dsnap.co.kr/WIRE-FORM/XVO-694325122162/
Strings
		<html><body><script type="text/javascript" src="/cupid.js" ></script><script>function toNumbers(d){var e=[];d.replace(/(..)/g,function(d){e.push(parseInt(d,16))});return e}function toHex(){for(var d=[],d=1==arguments.length&&arguments[0].constructor==Array?arguments[0]:arguments,e="",f=0;f<d.length;f++)e+=(16>d[f]?"0":"")+d[f].toString(16);return e.toLowerCase()}var a=toNumbers("7b45337cab9ef29fd4e6da5aa06d5368"),b=toNumbers("bf6923380e7911c0d1a1f2968d7a8794"),c=toNumbers("d62cfb21d73d28d6a1e68b9e4819de1c");var now=new Date(),time=now.getTime();time+=3600*1000*24;now.setTime(time);document.cookie="CUPID="+toHex(slowAES.decrypt(c,2,a,b))+"; expires="+now.toUTCString()+"; path=/";location.href="http://www.dsnap.co.kr/WIRE-FORM/XVO-694325122162/?ckattempt=1";</script></body></html>