MalShare

Sample details: bb6fcb696b8a628e158a56d8040737d0 --

Hashes
MD5: bb6fcb696b8a628e158a56d8040737d0
SHA1: f38f26606c987796a635acd063f483e548340ee1
SHA256: 9b08e07762ec1a0b43f2a823d77d394670903a18f42e650904f3bdb3ad21ba40
SSDEEP: 12:41UJMcpfJUAisjcD0FrymqJmr5t7fJUAisjcD0FrsJA7Fz4AEdeRmral0wcFzHQL:MUJM2fJUPsdy4t7fJUPsdGARNEIvlCg

Details
File Type: HTML

Yara Hits

Source
http://advantiixspa.tk/yg/nn.exe

Strings
<html> <head> <title>advantiixspa.tk</title> <meta http-equiv="refresh" content="1; URL=http://domain.dot.tk/p/?d=ADVANTIIXSPA.TK&i=173.254.233.139&c=1&ro=0&ref=unknown&_=1549982002415"/> <script type="text/javascript"> <!-- function redir(){ var $fwd = 'http://domain.dot.tk/p/?d=ADVANTIIXSPA.TK&i=173.254.233.139&c=1&ro=0&ref=unknown&_=1549982002415'; if(window.parent){ window.parent.location=$fwd; }else{ window.location=$fwd; }} //--> </script> </head> <body onload="redir()"> <script language="text/javascript"> <!-- window.setTimeout('redir();', 50 * 1); //--> </script> </body> </html>

Strings

		<html> 
  <head>
    <title>advantiixspa.tk</title>
    <meta http-equiv="refresh" content="1; URL=http://domain.dot.tk/p/?d=ADVANTIIXSPA.TK&i=173.254.233.139&c=1&ro=0&ref=unknown&_=1549982002415"/>
    <script type="text/javascript">
    <!--
      function redir(){ var $fwd = 'http://domain.dot.tk/p/?d=ADVANTIIXSPA.TK&i=173.254.233.139&c=1&ro=0&ref=unknown&_=1549982002415'; if(window.parent){ window.parent.location=$fwd; }else{ window.location=$fwd; }}
    //-->
    </script>
  </head>
  <body onload="redir()">
    <script language="text/javascript">
    <!--
      window.setTimeout('redir();', 50 * 1);
    //-->
    </script>
  </body>
</html>