WEBMAIL phish running on qkjwjhf[.]cf

1. Found: 2018-03-30 10:54:56
2. URL: http://qkjwjhf.cf/staticweb.accountverification.com-qkjwjhf.cf.zip
3. File: staticweb.accountverification.com-qkjwjhf.cf.zip
4. Domain: qkjwjhf.cf
5. Target: WEBMAIL
6. Name Size Date MD5 staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/126/accounts.php 93942 2017-09-09 11:04:58 b6687cbb5ca7a0650b43f5450835b802
7. File appears in 3 kits
8. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/126/geoplugin.class.php 4338 2017-09-09 11:04:58 89fd0b818f3c0793f136fe6141bc266f
9. File appears in 40 kits
10. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/126/hellion.php 2241 2017-10-02 22:39:20 844774f91203095187d9add1e8ed7f94
11. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/126/index.php 1008 2017-09-09 11:04:58 51dfc4a258f062bf445ed3fc2c57916c
12. File appears in 25 kits
13. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/163/accounts.php 100866 2017-09-09 11:04:58 ae7812bb2bc21f2e1fe98db9f5b1f90c
14. File appears in 3 kits
15. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/163/code.png 21540 2017-09-09 11:04:58 5437dfd45dea55e79d832e44985d5526
16. File appears in 30 kits
17. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/163/geoplugin.class.php 4338 2017-09-09 11:05:00 89fd0b818f3c0793f136fe6141bc266f
18. File appears in 40 kits
19. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/163/hellion.php 2234 2018-02-21 22:16:32 08cf50d1ecd027b4ace50656e547d67a
20. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/163/index.php 1008 2017-09-09 11:05:02 51dfc4a258f062bf445ed3fc2c57916c
21. File appears in 25 kits
22. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/163/promPic.jpg 145434 2017-09-09 11:05:02 3d8afd2aff3dbebbf6e484aabcf62b4f
23. File appears in 30 kits
24. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/general/end.php 953 2017-09-09 11:05:02 9a21458627ec6636b4150cc0d377bcc2
25. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/general/flogon.js 4197 2017-09-09 11:05:02 bdea90d626df8985a6b776ad857873a4
26. File appears in 28 kits
27. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/general/geoplugin.class.php 4338 2017-09-09 11:05:02 7e79e7c99462b748cb7383f0a94c7af8
28. File appears in 27 kits
29. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/general/hellion.php 2357 2017-10-02 22:39:40 fc97c5756e52a707985260573f383684
30. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/general/hellion/lgntopl.gif 4375 2017-09-09 11:08:46 3606446dbda031ee0c2c624b1a23bb7a
31. File appears in 25 kits
32. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/general/hellion/lgntopr.gif 581 2017-09-09 11:08:46 031bed6f568fbddddf550a97400b273f
33. File appears in 46 kits and under 3 different file names
34. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/general/index.php 1038 2017-09-09 11:05:02 c9ad697aa90f05bd58b4fae4c138d7f3
35. File appears in 21 kits
36. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/general/login.php 11954 2017-09-09 11:05:02 ffc09c02736eac97b678450337ebc54e
37. File appears in 20 kits
38. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/general/logon.css 2519 2017-09-09 11:05:04 7c7c47bf6228a15df7ac83946dae580d
39. File appears in 26 kits
40. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/general/owafont.css 4820 2017-09-09 11:05:04 3a01d9b90d24f39ac4c4b015b071fe64
41. File appears in 26 kits
42. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/general/success.php 9717 2017-10-02 22:43:32 2cd420677e1726c852ccfc1860c67bca
43. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/gmail/geoplugin.class.php 4273 2017-09-09 11:05:04 e817b1a8bca7f2e8ccb3d11edb120b5d
44. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/gmail/index.php 1093 2017-09-09 11:05:04 1140a76eeb0edb08ee466b21cc0da91d
45. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/gmail/mail.php 69981 2017-09-09 11:05:04 740cf3d6f895dad89d3f555c22fdce43
46. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/gmail/sender.php 2307 2017-10-02 22:39:56 058e7341169732c7967a6d91a53225f9
47. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/gmail/verification.php 43506 2017-09-09 11:05:04 c95b5c2f5fcb92adf3cdfd27f22ab7bb
48. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/gmail/verified.accounts.google.php 4011 2017-09-09 11:05:04 8882851fa2a47039b1e24214492d871f
49. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/hotmail/accts.php 6953 2017-09-09 11:05:04 bf57c4c555f3660f20758118d3b1e2c3
50. File appears in 20 kits
51. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/hotmail/geoplugin.class.php 4339 2017-09-09 11:05:06 e640ad2bfa0f56fef8404e4575b268f9
52. File appears in 25 kits
53. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/hotmail/hellion.php 2423 2017-10-02 22:40:06 cac3c9b1640c384566062efc01faddc7
54. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/hotmail/hellion/14441.htm 755 2017-09-09 11:08:46 4d558a5e25968150d65dbb2900e44934
55. File appears in 25 kits
56. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/hotmail/hellion/big-feedback_ltr.png 3638 2017-09-09 11:08:46 7cf20c68fd4e468013c001536b0bc796
57. File appears in 75 kits
58. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/hotmail/hellion/controls.png 5218 2017-09-09 11:08:46 b1647dd6fd0d21b4c0b05a7bf9e1356b
59. File appears in 41 kits
60. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/hotmail/hellion/EN-US(1).htm 1937 2017-09-09 11:08:46 ff430c056b98f7056d4f91b3b671ca5b
61. File appears in 31 kits
62. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/hotmail/hellion/EN-US.htm 627 2017-09-09 11:08:48 a8ce4b070465692357bd7508672a446f
63. File appears in 33 kits
64. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/hotmail/hellion/ht_microsoft_cc_120823_wg.jpg 7898 2017-09-09 11:08:50 034d0457cdb40a9f9648c7c2f656e31f
65. File appears in 31 kits
66. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/hotmail/hellion/logo_mail.png 5104 2017-09-09 11:08:50 4901cfc069f5d64ec8d47550486cb420
67. File appears in 580 kits and under 5 different file names
68. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/hotmail/hellion/memorialday475x340.png 389601 2017-09-09 11:08:50 71832e491b0ca15ef26a9b91d55eb5df
69. File appears in 31 kits
70. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/hotmail/hellion/Outlook_Logo_140x40_ltr.png 3907 2017-09-09 11:08:50 13943c1b8f7c108e8e2efb7b5f66fe4c
71. File appears in 75 kits
72. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/hotmail/hellion/Outlook_SISU Refresh_Categories.jpg 64545 2017-09-09 11:08:50 cc6f9fbf7f0aecde0f8b0198e1fbfd20
73. File appears in 25 kits
74. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/hotmail/hellion/progressindicator.gif 12304 2017-09-09 11:08:50 c14861e598c2b51f624ad32b729c60a0
75. File appears in 81 kits
76. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/hotmail/hellion/R3WinLive1033.css 25349 2017-09-09 11:08:50 9844843e1f22c95720e3558653486a2d
77. File appears in 43 kits
78. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/hotmail/hellion/style.css 5719 2017-09-09 11:08:50 6b90d21424b1293c704745d143acd2c9
79. File appears in 54 kits and under 2 different file names
80. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/hotmail/hellion/style2.css 6914 2017-09-09 11:08:50 63ec8aa2725a9ab9e81ff25c2ba4abae
81. File appears in 45 kits
82. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/hotmail/hellion/style_win8.css 1622 2017-09-09 11:08:52 37353d24572c1835d1982560bdc755d4
83. File appears in 72 kits and under 2 different file names
84. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/hotmail/hellion/Windows_Live_v_thumb.jpg 3141 2017-09-09 11:08:54 d852a492a7aa83377ab4d563f2bbcb7a
85. File appears in 31 kits
86. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/hotmail/index.php 1163 2017-09-09 11:05:08 fe7d6ae5b6ef36363d22350a3b348e03
87. File appears in 20 kits
88. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/hotmail/maintenance.php 2121 2017-09-09 11:05:08 c6775e9eef9fea5558322146fec68686
89. File appears in 20 kits
90. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/hotmail/success.php 1935 2017-09-09 11:05:08 c877dbacfa102caa58e3e852a295745f
91. File appears in 20 kits
92. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/index.php 2628 2017-09-09 11:01:10 bb02ed570f4a2e94b46311c0a1dd1f4b
93. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/README.txt 1557 2017-09-09 11:01:10 f94d84ff229258baeee6f6793662b1be
94. File appears in 25 kits
95. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/vip.126/geoplugin.class.php 4337 2017-09-09 11:05:10 24ab3ed282311a6fabd973b9f51eb2de
96. File appears in 27 kits
97. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/vip.126/hellion.php 2555 2017-10-02 22:40:16 87dcd20f5c93ddc5354429e6cf9b9895
98. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/vip.126/index.php 1012 2017-09-09 11:05:10 bf668c98bf0de8bd3d52c9c3aba349d0
99. File appears in 3 kits
100. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/vip.126/vip.126.com.php 14778 2017-09-09 11:05:14 17dd0e0c56ebe5355687a14c24f154d5
101. File appears in 3 kits
102. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/vip.163/geoplugin.class.php 4338 2017-09-09 11:05:14 89fd0b818f3c0793f136fe6141bc266f
103. File appears in 40 kits
104. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/vip.163/hellion.php 2448 2017-10-02 22:40:28 8b2f834e67b04a9636c87f0dec60199e
105. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/vip.163/index.php 1006 2017-09-09 11:05:14 6a6dd415ad8410a65cd330f2b2fd9772
106. File appears in 3 kits
107. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/vip.163/vip.163.com.php 14725 2017-09-09 11:05:14 efea86312b76989f561ba8d3ab0d6266
108. File appears in 3 kits
109. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/yahoo/geoplugin.class.php 4337 2017-09-09 11:05:14 24ab3ed282311a6fabd973b9f51eb2de
110. File appears in 27 kits
111. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/yahoo/hellion.php 2327 2017-10-02 22:40:38 7607f847ae9210e3acdec13f4cdef636
112. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/yahoo/hellion/base-ltr.css 11553 2017-09-09 11:08:46 f5c5c2834e94d741213856bddf53c2bb
113. File appears in 25 kits
114. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/yahoo/hellion/modules.js 7536 2017-09-09 11:08:46 1528053bcbdc9674f84cc4eebae5f8dc
115. File appears in 25 kits
116. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/yahoo/hellion/yui-config.js 306 2017-09-09 11:08:46 61b9be2477d752fa5ba402dc7308d368
117. File appears in 25 kits
118. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/yahoo/index.php 1087 2017-09-09 11:05:14 17c78dfdc1b513962a254bc80da63b56
119. File appears in 20 kits
120. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/yahoo/pass.php 15021 2017-09-09 11:05:14 4ea7ab9ca5fd5dd4be700e1f7615a51c
121. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/yahoo/success.php 8622 2017-09-09 11:05:14 7bd315b156ce0354ce9928ca1c431233
122. File appears in 20 kits
123. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/yeah/geoplugin.class.php 4337 2017-09-09 11:05:16 24ab3ed282311a6fabd973b9f51eb2de
124. File appears in 27 kits
125. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/yeah/hellion.php 2465 2017-10-02 22:40:50 0d7d0c6c8014080312a6f7a14bb9dbba
126. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/yeah/index.php 1009 2017-09-09 11:05:18 d4e1b69d9e83343c3fff3d8b5ff09831
127. File appears in 23 kits
128. staticweb.accountverification.com-qkjwjhf.cf/staticweb.accountverification.com/yeah/yeah.net.php 47301 2017-09-09 11:05:18 643f6959401f5af5ccd42d6aee6dcb9a
129. File appears in 23 kits
130.  
131. 6 Email addresses found:
132. team_pbg@yahoo.com (appears in 38 kits)
133. sureblessings101@mail.ru
134. '@163.com (appears in 46 kits)
135. team_p@mail.com
136. team_p@mail.combla-emailadd-bla
137. '@yahoo.com (appears in 24 kits)
138.  
139.  
140.  
141. https://texasmalwareblog.blogspot.com @phish_total