Warning! We are currently in recovery mode. The complete archive is not available.

Sample details: 2700042e6ae73ade8bb3fb60570e381e --

Hashes
MD5: 2700042e6ae73ade8bb3fb60570e381e
SHA1: 02d30119595caca44a8d4ac822f31672f75269a3
SHA256: add17e834c23ae0bbfd7b05b56d6f22501186a1827c5bf2d5671254351fbb13b
SSDEEP: 12:4X04BHaRMcpfJsh6vLjcD0FrxmqJmr5t7fJsh6vLjcD0Fr5JA7Fz4AEdeRmral0g:004EM2fJsidf4t7fJsidLARNEIvlCg
Details
File Type: HTML
Yara Hits
Source
http://www.xn--888-pkl1gae7eta2fa0dbb7y5b4d.ga/AUbrG-nFCq_uhJTpVa-srk/WO51/invoicing/En/Paid-Invoices/
Strings
		<html> 
  <head>
    <title>xn--888-pkl1gae7eta2fa0dbb7y5b4d.ga</title>
    <meta http-equiv="refresh" content="1; URL=http://domain.dot.tk/p/?d=XN--888-PKL1GAE7ETA2FA0DBB7Y5B4D.GA&i=173.254.233.139&c=1&ro=0&ref=unknown&_=1549947915812"/>
    <script type="text/javascript">
    <!--
      function redir(){ var $fwd = 'http://domain.dot.tk/p/?d=XN--888-PKL1GAE7ETA2FA0DBB7Y5B4D.GA&i=173.254.233.139&c=1&ro=0&ref=unknown&_=1549947915812'; if(window.parent){ window.parent.location=$fwd; }else{ window.location=$fwd; }}
    //-->
    </script>
  </head>
  <body onload="redir()">
    <script language="text/javascript">
    <!--
      window.setTimeout('redir();', 50 * 1);
    //-->
    </script>
  </body>
</html>