Analysis report for http://www.ladyoscaroverview.com

Sample Overview

URL http://www.ladyoscaroverview.com
Domainwww.ladyoscaroverview.com
Analysis Started 2013-07-05 00:50:58
Report Generated 2013-07-05 00:51:13
Jsand version 2.3.6

See the report for domain www.ladyoscaroverview.com.

Detection results

DetectorResult
Jsand 2.3.6 benign

Exploits

No exploits were identified.

Deobfuscation results

Evals

Writes

Network Activity

Requests

URL StatusContent Type
http://www.ladyoscaroverview.com/ 200text/html
about:blank 200text/html
http://www.ladyoscaroverview.com/?fp=F6wN0phTM42e%2BYauH0TMCLEBfbG7LfoL2OEFVLCVO2yGFWM4R57uNeaSsyTBirZrL3knG%2BbAttFLK3oGgexc4A%3D%3D&prvtof=IkG08jRl0GBN3HIJ63Vt2dRJZ21LDCn54BNY56lF0ZM%3D&poru=rEW8jBqdMImRh%2FRwbumnLhBZqZVz9gCKSEkVRKOL5BngdF0ResUMrbGB3GM1e0DIMLOhPti6Jv0X%2FqELui2BkA%3D%3D& 200text/html
http://i2.cdn-image.com/__media__/js/min.js?v1.6 200application/x-javascript
http://i2.cdn-image.com/__media__/pics/471/cufon-yui.js 200application/x-javascript
http://i4.cdn-image.com/__media__/pics/471/ChunkFive_400.font.js 200application/x-javascript
http://oascentral.register.com/RealMedia/ads/adstream_mjx.ads/register.com/skenzo/house/1213230793@Bottom,Bottom1,Bottom2? 200application/x-javascript
http://view.atdmt.com/00F/iview/428571547/direct;wi.720;hi.300/01?click= 200text/html
http://cdn.atdmt.com/ds/VS00FVISUVIS/720x300_FBCStamp_12759.swf?ver=1&clickTag1=http://clk.atdmt.com/go/428571547/direct;wi.720;hi.300;ai.307358798;ct.1/01&clickTag=http://clk.atdmt.com/go/428571547/direct;wi.720;hi.300;ai.307358798;ct.1/01 200application/x-shockwave-flash
http://cdn.atdmt.com/ds/Ad.autoLoad.js?plugin=AdChoices 200application/x-javascript
http://www.google-analytics.com/ga.js 200text/javascript
http://www.google-analytics.com/__utm.gif?utmwv=5.4.3&utms=1&utmn=1606656719&utmhn=www.ladyoscaroverview.com&utmcs=-&utmsr=1024x768&utmvp=1256x605&utmsc=24-bit&utmul=en-us&utmje=1&utmfl=9.0%20r115&utmdt=ladyoscaroverview.com&utmhid=1438940084&utmr=0&utmp=%2F%3Ffp%3DF6wN0phTM42e%25252BYauH0TMCLEBfbG7LfoL2OEFVLCVO2yGFWM4R57uNeaSsyTBirZrL3knG%25252BbAttFLK3oGgexc4A%25253D%25253D%26prvtof%3DIkG08jRl0GBN3HIJ63Vt2dRJZ21LDCn54BNY56lF0ZM%25253D%26poru%3DrEW8jBqdMImRh%25252FRwbumnLhBZqZVz9gCKSEkVRKOL5BngdF0ResUMrbGB3GM1e0DIMLOhPti6Jv0X%25252FqELui2BkA%25253D%25253D%26&utmht=1373010666640&utmac=UA-3012248-27&utmcc=__utma%3D38573758.1287466073.1373010666.1373010666.1373010666.1%3B%2B__utmz%3D38573758.1373010666.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmu=D~ 200image/gif
http://ad.yieldmanager.com/st?ad_type=iframe&ad_size=728x90,468x60&entity=286128&site_code=ROS&section_code=816799066 200text/html
http://ad.yieldmanager.com/imp?Z=728x90%2c468x60&e=286128&S=816799066&I=ROS&T=3&_salt=3839409364&B=10&u=http%3A%2F%2Fwww.ladyoscaroverview.com%2F%3Ffp%3DF6wN0phTM42e%252BYauH0TMCLEBfbG7LfoL2OEFVLCVO2yGFWM4R57uNeaSsyTBirZrL3knG%252BbAttFLK3oGgexc4A%253D%253D%26prvtof%3DIkG08jRl0GBN3HIJ63Vt2dRJZ21LDCn54BNY56lF0ZM%253D%26poru%3DrEW8jBqdMImRh%252FRwbumnLhBZqZVz9&r=0&H=http%3A%2F%2Fwww.ladyoscaroverview.com%2F%3Ffp%3DF6wN0phTM42e%252BYauH0TMCLEBfbG7LfoL2OEFVLCVO2yGFWM4R57uNeaSsyTBirZrL3knG%252BbAttFLK3oGgexc4A%253D%253D%26prvtof%3DIkG08jRl0GBN3HIJ63Vt2dRJZ21LDCn54BNY56lF0ZM%253D%26poru%3DrEW8jBqdMImRh%252FRwbumnLhBZqZVz9&M=3 302text/html
http://cookex.amp.yahoo.com/v2/cexposer/SIG=1jnl4j8br/*http%3A//ad.yieldmanager.com/imp?Z=728x90%2c468x60&e=286128&S=816799066&I=ROS&T=3&_salt=3839409364&B=10&u=http%3A%2F%2Fwww.ladyoscaroverview.com%2F%3Ffp%3DF6wN0phTM42e%252BYauH0TMCLEBfbG7LfoL2OEFVLCVO2yGFWM4R57uNeaSsyTBirZrL3knG%252BbAttFLK3oGgexc4A%253D%253D%26prvtof%3DIkG08jRl0GBN3HIJ63Vt2dRJZ21LDCn54BNY56lF0ZM%253D%26poru%3DrEW8jBqdMImRh%252FRwbumnLhBZqZVz9&r=0&H=http%3A%2F%2Fwww.ladyoscaroverview.com%2F%3Ffp%3DF6wN0phTM42e%252BYauH0TMCLEBfbG7LfoL2OEFVLCVO2yGFWM4R57uNeaSsyTBirZrL3knG%252BbAttFLK3oGgexc4A%253D%253D%26prvtof%3DIkG08jRl0GBN3HIJ63Vt2dRJZ21LDCn54BNY56lF0ZM%253D%26poru%3DrEW8jBqdMImRh%252FRwbumnLhBZqZVz9&M=3 302text/html
http://ad.yieldmanager.com/imp?Z=728x90%2c468x60&e=286128&S=816799066&I=ROS&T=3&_salt=3839409364&B=10&u=http%3A%2F%2Fwww.ladyoscaroverview.com%2F%3Ffp%3DF6wN0phTM42e%252BYauH0TMCLEBfbG7LfoL2OEFVLCVO2yGFWM4R57uNeaSsyTBirZrL3knG%252BbAttFLK3oGgexc4A%253D%253D%26prvtof%3DIkG08jRl0GBN3HIJ63Vt2dRJZ21LDCn54BNY56lF0ZM%253D%26poru%3DrEW8jBqdMImRh%252FRwbumnLhBZqZVz9&r=0&H=http%3A%2F%2Fwww.ladyoscaroverview.com%2F%3Ffp%3DF6wN0phTM42e%252BYauH0TMCLEBfbG7LfoL2OEFVLCVO2yGFWM4R57uNeaSsyTBirZrL3knG%252BbAttFLK3oGgexc4A%253D%253D%26prvtof%3DIkG08jRl0GBN3HIJ63Vt2dRJZ21LDCn54BNY56lF0ZM%253D%26poru%3DrEW8jBqdMImRh%252FRwbumnLhBZqZVz9&M=3&SIG=10vubtc1h;x-cookie=5t0v9q98gphat&o=3&f=f1 200application/x-javascript

Redirects

FromTo
http://ad.yieldmanager.com/imp?Z=728x90%2c468x60&e=286128&S=816799066&I=ROS&T=3&_salt=3839409364&B=10&u=http%3A%2F%2Fwww.ladyoscaroverview.com%2F%3Ffp%3DF6wN0phTM42e%252BYauH0TMCLEBfbG7LfoL2OEFVLCVO2yGFWM4R57uNeaSsyTBirZrL3knG%252BbAttFLK3oGgexc4A%253D%253D%26prvtof%3DIkG08jRl0GBN3HIJ63Vt2dRJZ21LDCn54BNY56lF0ZM%253D%26poru%3DrEW8jBqdMImRh%252FRwbumnLhBZqZVz9&r=0&H=http%3A%2F%2Fwww.ladyoscaroverview.com%2F%3Ffp%3DF6wN0phTM42e%252BYauH0TMCLEBfbG7LfoL2OEFVLCVO2yGFWM4R57uNeaSsyTBirZrL3knG%252BbAttFLK3oGgexc4A%253D%253D%26prvtof%3DIkG08jRl0GBN3HIJ63Vt2dRJZ21LDCn54BNY56lF0ZM%253D%26poru%3DrEW8jBqdMImRh%252FRwbumnLhBZqZVz9&M=3http://cookex.amp.yahoo.com/v2/cexposer/SIG=1jnl4j8br/*http%3A//ad.yieldmanager.com/imp?Z=728x90%2c468x60&e=286128&S=816799066&I=ROS&T=3&_salt=3839409364&B=10&u=http%3A%2F%2Fwww.ladyoscaroverview.com%2F%3Ffp%3DF6wN0phTM42e%252BYauH0TMCLEBfbG7LfoL2OEFVLCVO2yGFWM4R57uNeaSsyTBirZrL3knG%252BbAttFLK3oGgexc4A%253D%253D%26prvtof%3DIkG08jRl0GBN3HIJ63Vt2dRJZ21LDCn54BNY56lF0ZM%253D%26poru%3DrEW8jBqdMImRh%252FRwbumnLhBZqZVz9&r=0&H=http%3A%2F%2Fwww.ladyoscaroverview.com%2F%3Ffp%3DF6wN0phTM42e%252BYauH0TMCLEBfbG7LfoL2OEFVLCVO2yGFWM4R57uNeaSsyTBirZrL3knG%252BbAttFLK3oGgexc4A%253D%253D%26prvtof%3DIkG08jRl0GBN3HIJ63Vt2dRJZ21LDCn54BNY56lF0ZM%253D%26poru%3DrEW8jBqdMImRh%252FRwbumnLhBZqZVz9&M=3
http://cookex.amp.yahoo.com/v2/cexposer/SIG=1jnl4j8br/*http%3A//ad.yieldmanager.com/imp?Z=728x90%2c468x60&e=286128&S=816799066&I=ROS&T=3&_salt=3839409364&B=10&u=http%3A%2F%2Fwww.ladyoscaroverview.com%2F%3Ffp%3DF6wN0phTM42e%252BYauH0TMCLEBfbG7LfoL2OEFVLCVO2yGFWM4R57uNeaSsyTBirZrL3knG%252BbAttFLK3oGgexc4A%253D%253D%26prvtof%3DIkG08jRl0GBN3HIJ63Vt2dRJZ21LDCn54BNY56lF0ZM%253D%26poru%3DrEW8jBqdMImRh%252FRwbumnLhBZqZVz9&r=0&H=http%3A%2F%2Fwww.ladyoscaroverview.com%2F%3Ffp%3DF6wN0phTM42e%252BYauH0TMCLEBfbG7LfoL2OEFVLCVO2yGFWM4R57uNeaSsyTBirZrL3knG%252BbAttFLK3oGgexc4A%253D%253D%26prvtof%3DIkG08jRl0GBN3HIJ63Vt2dRJZ21LDCn54BNY56lF0ZM%253D%26poru%3DrEW8jBqdMImRh%252FRwbumnLhBZqZVz9&M=3http://ad.yieldmanager.com/imp?Z=728x90%2c468x60&e=286128&S=816799066&I=ROS&T=3&_salt=3839409364&B=10&u=http%3A%2F%2Fwww.ladyoscaroverview.com%2F%3Ffp%3DF6wN0phTM42e%252BYauH0TMCLEBfbG7LfoL2OEFVLCVO2yGFWM4R57uNeaSsyTBirZrL3knG%252BbAttFLK3oGgexc4A%253D%253D%26prvtof%3DIkG08jRl0GBN3HIJ63Vt2dRJZ21LDCn54BNY56lF0ZM%253D%26poru%3DrEW8jBqdMImRh%252FRwbumnLhBZqZVz9&r=0&H=http%3A%2F%2Fwww.ladyoscaroverview.com%2F%3Ffp%3DF6wN0phTM42e%252BYauH0TMCLEBfbG7LfoL2OEFVLCVO2yGFWM4R57uNeaSsyTBirZrL3knG%252BbAttFLK3oGgexc4A%253D%253D%26prvtof%3DIkG08jRl0GBN3HIJ63Vt2dRJZ21LDCn54BNY56lF0ZM%253D%26poru%3DrEW8jBqdMImRh%252FRwbumnLhBZqZVz9&M=3&SIG=10vubtc1h;x-cookie=5t0v9q98gphat&o=3&f=f1

ActiveX controls

Shellcode

No shellcode was identified.

Malware

Additional (potential) malware:

URLTypeHashAnalysis
http://clk.atdmt.com/go/428571547/direct;wi.720;hi.300;ai.307358798;ct.$num$/01/ &ArmClickToken=$num$ HTML document text c376103a47be7744ae39e9b38729f271
FEEDBACK

Comments