URL Details

URL
http://mwjifyomvcoj.com/

Score

This url appears fairly benign with a score of 0.2 out of 10.

Please notice: The scoring system is currently still in development and should be considered an alpha feature.

Information on Execution

Category Started Completed Duration Logs
URL Jan. 20, 2019, 9:24 p.m. Jan. 20, 2019, 9:25 p.m. 24 seconds

Machine

Name Label Started On Shutdown On
win7x64 win7x64 2019-01-20 21:24:42 2019-01-20 21:25:06

Analyzer Log

2019-01-20 13:24:41,046 [analyzer] DEBUG: Starting analyzer from: C:\rzjlb
2019-01-20 13:24:41,078 [analyzer] DEBUG: Pipe server name: \\.\PIPE\OwStDuHtyirkdPrPlRjin
2019-01-20 13:24:41,078 [analyzer] DEBUG: Log pipe server name: \\.\PIPE\KyuYRnqTfqLAIrzaymJCtaD
2019-01-20 13:24:43,214 [analyzer] DEBUG: Started auxiliary module Disguise
2019-01-20 13:24:43,588 [analyzer] DEBUG: Loaded monitor into process with pid 508
2019-01-20 13:24:43,588 [analyzer] DEBUG: Started auxiliary module DumpTLSMasterSecrets
2019-01-20 13:24:43,588 [analyzer] DEBUG: Started auxiliary module Human
2019-01-20 13:24:43,588 [analyzer] DEBUG: Started auxiliary module InstallCertificate
2019-01-20 13:24:43,588 [analyzer] DEBUG: Started auxiliary module Reboot
2019-01-20 13:24:43,885 [analyzer] DEBUG: Started auxiliary module RecentFiles
2019-01-20 13:24:43,885 [modules.auxiliary.screenshots] WARNING: Python Image Library is not installed, screenshots are disabled
2019-01-20 13:24:43,885 [analyzer] DEBUG: Started auxiliary module Screenshots
2019-01-20 13:24:44,088 [lib.api.process] INFO: Successfully executed process from path 'bin/execsc.exe' with arguments ['http://mwjifyomvcoj.com/'] and pid 2324
2019-01-20 13:24:44,463 [analyzer] DEBUG: Loaded monitor into process with pid 2324
2019-01-20 13:24:45,164 [lib.api.process] INFO: Memory dump of process with pid 2324 completed
2019-01-20 13:24:46,148 [analyzer] INFO: Process with pid 2324 has terminated
2019-01-20 13:24:46,148 [analyzer] INFO: Process list is empty, terminating analysis.
2019-01-20 13:24:47,161 [analyzer] INFO: Terminating remaining processes before shutdown.
2019-01-20 13:24:47,161 [analyzer] INFO: Analysis completed.

Cuckoo Log

2019-01-20 21:24:42,112 [lib.cuckoo.core.scheduler] INFO: Task #1184: acquired machine win7x64 (label=win7x64)
2019-01-20 21:24:42,226 [modules.auxiliary.sniffer] INFO: Started sniffer with PID 6123 (interface=eth2, host=192.168.128.109, pcap=/opt/cuckoo/storage/analyses/1184/dump.pcap)
2019-01-20 21:24:48,786 [lib.cuckoo.core.guest] INFO: Starting analysis on guest (id=win7x64, ip=192.168.128.109)
2019-01-20 21:25:05,522 [lib.cuckoo.core.guest] INFO: win7x64: analysis completed successfully
2019-01-20 21:25:06,625 [lib.cuckoo.core.plugins] WARNING: The processing module "Suricata" returned the following error: Unable to locate Suricata binary
2019-01-20 21:25:07,640 [elasticsearch] WARNING: HEAD http://127.0.0.1:9200/_template/cuckoo_template [status:N/A request:0.000s]
Traceback (most recent call last):
  File "/usr/local/lib/python2.7/dist-packages/elasticsearch/connection/http_urllib3.py", line 94, in perform_request
    response = self.pool.urlopen(method, url, body, retries=False, headers=self.headers, **kw)
  File "/usr/local/lib/python2.7/dist-packages/urllib3/connectionpool.py", line 643, in urlopen
    _stacktrace=sys.exc_info()[2])
  File "/usr/local/lib/python2.7/dist-packages/urllib3/util/retry.py", line 251, in increment
    raise six.reraise(type(error), error, _stacktrace)
  File "/usr/local/lib/python2.7/dist-packages/urllib3/connectionpool.py", line 594, in urlopen
    chunked=chunked)
  File "/usr/local/lib/python2.7/dist-packages/urllib3/connectionpool.py", line 361, in _make_request
    conn.request(method, url, **httplib_request_kw)
  File "/usr/lib/python2.7/httplib.py", line 1017, in request
    self._send_request(method, url, body, headers)
  File "/usr/lib/python2.7/httplib.py", line 1051, in _send_request
    self.endheaders(body)
  File "/usr/lib/python2.7/httplib.py", line 1013, in endheaders
    self._send_output(message_body)
  File "/usr/lib/python2.7/httplib.py", line 864, in _send_output
    self.send(msg)
  File "/usr/lib/python2.7/httplib.py", line 826, in send
    self.connect()
  File "/usr/local/lib/python2.7/dist-packages/urllib3/connection.py", line 163, in connect
    conn = self._new_conn()
  File "/usr/local/lib/python2.7/dist-packages/urllib3/connection.py", line 147, in _new_conn
    self, "Failed to establish a new connection: %s" % e)
NewConnectionError: <urllib3.connection.HTTPConnection object at 0x7f937f515a50>: Failed to establish a new connection: [Errno 111] Connection refused
2019-01-20 21:25:07,641 [elasticsearch] WARNING: HEAD http://127.0.0.1:9200/_template/cuckoo_template [status:N/A request:0.000s]
Traceback (most recent call last):
  File "/usr/local/lib/python2.7/dist-packages/elasticsearch/connection/http_urllib3.py", line 94, in perform_request
    response = self.pool.urlopen(method, url, body, retries=False, headers=self.headers, **kw)
  File "/usr/local/lib/python2.7/dist-packages/urllib3/connectionpool.py", line 643, in urlopen
    _stacktrace=sys.exc_info()[2])
  File "/usr/local/lib/python2.7/dist-packages/urllib3/util/retry.py", line 251, in increment
    raise six.reraise(type(error), error, _stacktrace)
  File "/usr/local/lib/python2.7/dist-packages/urllib3/connectionpool.py", line 594, in urlopen
    chunked=chunked)
  File "/usr/local/lib/python2.7/dist-packages/urllib3/connectionpool.py", line 361, in _make_request
    conn.request(method, url, **httplib_request_kw)
  File "/usr/lib/python2.7/httplib.py", line 1017, in request
    self._send_request(method, url, body, headers)
  File "/usr/lib/python2.7/httplib.py", line 1051, in _send_request
    self.endheaders(body)
  File "/usr/lib/python2.7/httplib.py", line 1013, in endheaders
    self._send_output(message_body)
  File "/usr/lib/python2.7/httplib.py", line 864, in _send_output
    self.send(msg)
  File "/usr/lib/python2.7/httplib.py", line 826, in send
    self.connect()
  File "/usr/local/lib/python2.7/dist-packages/urllib3/connection.py", line 163, in connect
    conn = self._new_conn()
  File "/usr/local/lib/python2.7/dist-packages/urllib3/connection.py", line 147, in _new_conn
    self, "Failed to establish a new connection: %s" % e)
NewConnectionError: <urllib3.connection.HTTPConnection object at 0x7f937f515ad0>: Failed to establish a new connection: [Errno 111] Connection refused
2019-01-20 21:25:07,642 [elasticsearch] WARNING: HEAD http://127.0.0.1:9200/_template/cuckoo_template [status:N/A request:0.000s]
Traceback (most recent call last):
  File "/usr/local/lib/python2.7/dist-packages/elasticsearch/connection/http_urllib3.py", line 94, in perform_request
    response = self.pool.urlopen(method, url, body, retries=False, headers=self.headers, **kw)
  File "/usr/local/lib/python2.7/dist-packages/urllib3/connectionpool.py", line 643, in urlopen
    _stacktrace=sys.exc_info()[2])
  File "/usr/local/lib/python2.7/dist-packages/urllib3/util/retry.py", line 251, in increment
    raise six.reraise(type(error), error, _stacktrace)
  File "/usr/local/lib/python2.7/dist-packages/urllib3/connectionpool.py", line 594, in urlopen
    chunked=chunked)
  File "/usr/local/lib/python2.7/dist-packages/urllib3/connectionpool.py", line 361, in _make_request
    conn.request(method, url, **httplib_request_kw)
  File "/usr/lib/python2.7/httplib.py", line 1017, in request
    self._send_request(method, url, body, headers)
  File "/usr/lib/python2.7/httplib.py", line 1051, in _send_request
    self.endheaders(body)
  File "/usr/lib/python2.7/httplib.py", line 1013, in endheaders
    self._send_output(message_body)
  File "/usr/lib/python2.7/httplib.py", line 864, in _send_output
    self.send(msg)
  File "/usr/lib/python2.7/httplib.py", line 826, in send
    self.connect()
  File "/usr/local/lib/python2.7/dist-packages/urllib3/connection.py", line 163, in connect
    conn = self._new_conn()
  File "/usr/local/lib/python2.7/dist-packages/urllib3/connection.py", line 147, in _new_conn
    self, "Failed to establish a new connection: %s" % e)
NewConnectionError: <urllib3.connection.HTTPConnection object at 0x7f937f5159d0>: Failed to establish a new connection: [Errno 111] Connection refused
2019-01-20 21:25:07,643 [elasticsearch] WARNING: HEAD http://127.0.0.1:9200/_template/cuckoo_template [status:N/A request:0.000s]
Traceback (most recent call last):
  File "/usr/local/lib/python2.7/dist-packages/elasticsearch/connection/http_urllib3.py", line 94, in perform_request
    response = self.pool.urlopen(method, url, body, retries=False, headers=self.headers, **kw)
  File "/usr/local/lib/python2.7/dist-packages/urllib3/connectionpool.py", line 643, in urlopen
    _stacktrace=sys.exc_info()[2])
  File "/usr/local/lib/python2.7/dist-packages/urllib3/util/retry.py", line 251, in increment
    raise six.reraise(type(error), error, _stacktrace)
  File "/usr/local/lib/python2.7/dist-packages/urllib3/connectionpool.py", line 594, in urlopen
    chunked=chunked)
  File "/usr/local/lib/python2.7/dist-packages/urllib3/connectionpool.py", line 361, in _make_request
    conn.request(method, url, **httplib_request_kw)
  File "/usr/lib/python2.7/httplib.py", line 1017, in request
    self._send_request(method, url, body, headers)
  File "/usr/lib/python2.7/httplib.py", line 1051, in _send_request
    self.endheaders(body)
  File "/usr/lib/python2.7/httplib.py", line 1013, in endheaders
    self._send_output(message_body)
  File "/usr/lib/python2.7/httplib.py", line 864, in _send_output
    self.send(msg)
  File "/usr/lib/python2.7/httplib.py", line 826, in send
    self.connect()
  File "/usr/local/lib/python2.7/dist-packages/urllib3/connection.py", line 163, in connect
    conn = self._new_conn()
  File "/usr/local/lib/python2.7/dist-packages/urllib3/connection.py", line 147, in _new_conn
    self, "Failed to establish a new connection: %s" % e)
NewConnectionError: <urllib3.connection.HTTPConnection object at 0x7f937f515990>: Failed to establish a new connection: [Errno 111] Connection refused
2019-01-20 21:25:07,643 [lib.cuckoo.core.plugins] ERROR: Failed to run the reporting module "ElasticSearch":
Traceback (most recent call last):
  File "/opt/cuckoo/lib/cuckoo/core/plugins.py", line 533, in process
    current.run(self.results)
  File "/opt/cuckoo/modules/reporting/elasticsearch.py", line 196, in run
    self.connect()
  File "/opt/cuckoo/modules/reporting/elasticsearch.py", line 79, in connect
    if not self.es.indices.exists_template("cuckoo_template"):
  File "/usr/local/lib/python2.7/dist-packages/elasticsearch/client/utils.py", line 69, in _wrapped
    return func(*args, params=params, **kwargs)
  File "/usr/local/lib/python2.7/dist-packages/elasticsearch/client/indices.py", line 491, in exists_template
    name), params=params)
  File "/usr/local/lib/python2.7/dist-packages/elasticsearch/transport.py", line 327, in perform_request
    status, headers, data = connection.perform_request(method, url, params, body, ignore=ignore, timeout=timeout)
  File "/usr/local/lib/python2.7/dist-packages/elasticsearch/connection/http_urllib3.py", line 105, in perform_request
    raise ConnectionError('N/A', str(e), e)
ConnectionError: ConnectionError(<urllib3.connection.HTTPConnection object at 0x7f937f515990>: Failed to establish a new connection: [Errno 111] Connection refused) caused by: NewConnectionError(<urllib3.connection.HTTPConnection object at 0x7f937f515990>: Failed to establish a new connection: [Errno 111] Connection refused)

Signatures

One or more processes crashed (1 event)
Time & API Arguments Status Return Repeated
Jan. 20, 2019, 4:24 p.m.
__exception__
stacktrace:
execsc+0x13ea @ 0x4013ea
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x775c33ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77cd9ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77cd9ea5

exception.instruction_r: ff ff ff 08 00 00 00 40 0f 3e 00 88 ff 28 00 ea
exception.exception_code: 0xc000001d
exception.symbol:
exception.address: 0x28febd
registers.esp: 2684572
registers.edi: 2686648
registers.eax: 4278200566
registers.ebp: 2686664
registers.edx: 123
registers.ebx: 2684600
registers.esi: 25
registers.ecx: 1996438390
success 0 0

Screenshots

No screenshots available.

Network

DNS

No domains contacted.

Hosts

No hosts contacted.

Summary

Process execsc.exe (2324)

Process execsc.exe (2324)

Process execsc.exe (2324)

Process execsc.exe (2324)

Process execsc.exe (2324)

No static analysis available.
No antivirus signatures available.

Process Tree


execsc.exe, PID: 2324, Parent PID: 2300

default registry file network process services synchronisation iexplore office pdf

Deprecation note: While processing this analysis you did not have the httpreplay Python library installed. Installing this library (i.e., pip install httpreplay) will allow Cuckoo to do more proper PCAP analysis including but not limited to showing full HTTP and HTTPS (!) requests and responses. It is recommended that you install this library and possibly reprocess any interesting analysis tasks.

Hosts

No hosts contacted.

DNS

No domains contacted.

TCP

No TCP connections recorded.

UDP

No UDP connections recorded.

HTTP & HTTPS Requests

No HTTP requests performed.

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts

Sorry! No dropped files.
Sorry! No dropped buffers.
Task ID 1184
Mongo ID 5c452d8311d30812ab71ed0d
Cuckoo release 2.0-dev