← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
VirusTotal report for document.html
WHITE msudosos 2026-04-14 Modified: 2026-05-14
481
IOCs
HIGH VOLUME
A full report on malicious code found in an HTML file, compiled by Adobe, has been published by the University of California, San Francisco, at £1.5m (US$2.3m).
licenseperforms dnsmitre attacknetwork infoprocesses extrat1055 processoverviewoverview zenboxverdictguest systemphishingnextscriptadobeapache licenseversionunlessas isbasisany kinddoctype htmlmetabodype filebinaryaslrole filecnamestronglibraryacceptcape sandboxpdb pathnameaddress virtualip addressshutdownpe32ms windowswin16 neos2 executablegeneric windosexecutabledos executablepe64 compilerltcgclinkerwindows thirdparty componentvalid fromvalidvalid usagewhql cryptocode signingalgorithmthumbprintserial numbermore
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
Indicators of Compromise (114 / 481 total)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL hostname domain
TYPEINDICATORDESCRIPTIONCREATED
URL https://brand-sdk.kmsmep.com/unified/unified.sdk.js 2026-04-14
URL http://150.171.109.115:443 2026-04-14
URL http://150.171.109.118:443 2026-04-14
URL http://150.171.109.70:443 2026-04-14
URL http://150.171.74.13:443 2026-04-14
URL http://45.60.122.133:443 2026-04-14
URL http://6rj5334y6jmqv7ehiiffxbn4hvynzkbd.yysssgi.1.0.rxjwfgcn3jxqukvgmoz7k7khbm.7tcp547.dns0.org/ 2026-04-14
URL https://6rj5334y6jmqv7ehiiffxbn4hvynzkbd.yysssgi.1.0.rxjwfgcn3jxqukvgmoz7k7khbm.7tcp547.dns0.org/ 2026-04-14
URL https://gqjfz2z5qb6upnbdtpethpohoudm74ep.l2fxuwa.1.0.edwalnilxlgclrefenf237aogox322jsmmd47gq.ib3b4ie.dns0.org 2026-04-14
URL http://ax-0002.ax-msedge.net/wpad.dat 2026-04-14
URL https://ax-0002.ax-msedge.net/wpad.dat 2026-04-14
URL https://brand-sdk.kmsmep.com/bundle.js 2026-04-14
URL https://brand-sdk.kmsmep.com/versatile/storefront.min.js 2026-04-14
URL http://edge-staging-microsoft-com.ax-0002.ax-msedge.net 2026-04-14
URL http://star-explicit-bing-net.ax-0002.ax-msedge.net 2026-04-14
URL http://tse1-explicit-bing-net.ax-0002.ax-msedge.net/ 2026-04-14
URL https://edge-staging-microsoft-com.ax-0002.ax-msedge.net 2026-04-14
URL https://edge-staging-microsoft-com.ax-0002.ax-msedge.net/ 2026-04-14
URL https://hpevndt47zcqci7gmhjfhcqhyctt523q.t2zswyy.1.0.zgcdopx26a5ym7mbodpfc3zxbm.n3gtxw3.dns0.org 2026-04-14
URL https://tse1-explicit-bing-net.ax-0002.ax-msedge.net 2026-04-14
URL https://zena3c67e.ax-0002.ax-msedge.net 2026-04-14
URL http://www.apache.org/licenses/LICENSE-2.0 2026-04-14
URL https://app.ace.aaa.com/zip-router/ace-zip-router-1.0.3.js 2026-04-14
URL https://app.ace.aaa.com/ziprouter/1.0.9/ace-zip-router.js 2026-04-14
URL https://chat.ace.aaa.com 2026-04-14
URL https://www.ace.aaa.com 2026-04-14
URL http://131.107.255.255 2026-04-14
URL http://disallowedcertstl.cab?8bd36caac179f1ab 2026-04-14
URL http://disallowedcertstl.cab?dcb0773841a799dc 2026-04-14
URL http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab?8bd36caac179f1ab 2026-04-14
URL http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab?dcb0773841a799dc 2026-04-14
URL http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQ50otx%2Fh0Ztl%2Bz8SiPI7wEWVxDlQQUTiJUIBiV5uNu5g%2F6%2BrkS7QYXjzkCEAsMayxGaRewR3PGR9SvwMg%3D 2026-04-14
URL http://oneocsp.microsoft.com/ocsp/MFQwUjBQME4wTDAJBgUrDgMCGgUABBR0TBEVYklX7A9yLoLD9hqmCWDxFgQU3pGGSLehMVkx8UtfB6nciHnaqHYCEzMAAAAPMyBlN%2B5Crk8AAAAAAA8%3D 2026-04-14
URL http://tms.ace.aaa.com/ace/prod/utag.js 2026-04-14
URL http://tms.ace.aaa.com/ace/prod/utag.sync.js 2026-04-14
URL http://llvm.org/ 2026-04-14
URL http://disallowedcertstl.cab?94889acd043368ef 2026-04-14
URL http://disallowedcertstl.cab?f9fc173cb32427e3 2026-04-14
URL http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab?94889acd043368ef 2026-04-14
URL http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab?f9fc173cb32427e3 2026-04-14
URL http://162.159.36.2:53 2026-04-14
URL http://74.125.139.132:443 2026-04-14
URL https://www.microsoft.com/en-us/windows 2026-04-14
URL http://demo-lab.online/ 2026-04-14
URL http://dual.part-0013.t-0009.fb-t-msedge.net 2026-04-14
URL https://dual.part-0013.t-0009.fb-t-msedge.net 2026-04-14
URL https://emea.dcv.ms/FDGv8Xg5R2 2026-04-14
URL https://emea.dcv.ms/JDNkav7Vct&lang=ar 2026-04-14
URL https://emea.dcv.ms/NH7R1ulFp9 2026-04-14
URL https://emea.dcv.ms/QMezOiTkT0 2026-04-14
URL https://emea.dcv.ms/iEHh8R0tae 2026-04-14
URL https://nam.dcv.ms/XVwJZOxyYR 2026-04-14
URL https://nam.dcv.ms/zKKppS6foZ 2026-04-14
URL https://uncipc.com/people/michael-ewens/ 2026-04-14
URL https://weissratingsplus.com/reports/RPL/ai-99-49-ext-2504/vid-1s/ 2026-04-14
URL https://www.uncaic.com 2026-04-14
URL http://levinechildrens.net/ 2026-04-14
URL http://part-0013.t-0009.fb-t-msedge.net/ 2026-04-14
URL https://emea.dcv.ms/YCf9U5Okno&amp 2026-04-14
URL https://emea.dcv.ms/ugs1mSQMky 2026-04-14
URL https://nam.dcv.ms/O9a9kpbkq7 2026-04-14
URL https://nurturetravel.com/cgi-bin/Message%20Centre 2026-04-14
URL https://uncaic.com/index.php/agenda/ 2026-04-14
URL https://r.mail.checkmyfile.com/tr/cl/9aZ_MmMonirv861pKUKFl6FuWtkOXsvmYy6yXLtEn70T2-WDX4A-vCm1-_QydoX_rk0I5IuJoqx_eqHjsJa0jcUkPVPcbPnbeYUqrU2RaueBfMDJnyxOXPpK2zC1IK5o3rDaPLSWY2wEVZpawGWjDH4_QByz_K81RCclxb-7SamTynPPIgEgqaNtBx85pyuNctZtflqiptC28X_IE85qxbktlhFm5bkmAK7_Rb7L6lDlX-6883hufJKadDhwdQ_pY8M05JckWtpTJ1OQxeXormpXsNDyyqjRBNV8Jg8CnaUAyr0 2026-04-14
URL https://www.metricsthatmatter.com/MTMStudent/(S(bwqkroeie5t2ckxfidypa35b 2026-04-14
URL https://www.villagecinemas.gr/tickets/success 2026-04-14
URL https://onlinebooking.soeidental.com/r/GB3pdUKDCO01c92e18534pv 2026-04-14
URL https://r.sendmail.auftrag.at/tr/cl/-G2IRc0aaOpqnLDr06sVEfwt9TuEjYjL2C8MX4Inog13Hbi-KOrIdnBkihTLU0jOK4Ox06HAMP-kTVHsq80EviTsj5jGL6EvA0vEaOkmJtTWIh06ztdVxf8UCfjqFxnjqJlZMJzlNm5lxNviUdQaXcv_Pt-eF18auVEyEeeKFNH78FViGmAsHFnr_d4mHtWYGGOJXledsqUsNQvoeraZjrB4WdF8E-KwCGnBD_KpklKWeiKmuYUlYTgF4M9Yf4QIQYH4tAQXICT_Vs0ZQLNmbHWUMTgpzU0OpXj59ENCHX8q94Xf1821pKkZ 2026-04-14
URL https://www.afaforsakring.se/dokument/66pvx6mfarpjcs72sefc/villkor-for-arbetsgivare-2026.pdf 2026-04-14
URL http://ax-0002.ax-dc-msedge.net/ 2026-04-14
URL http://ax-0003.ax-msedge.net/ 2026-04-14
URL http://int1-msn-com.ax-0003.ax-msedge.net/ 2026-04-14
URL http://ntlkv3dn5nsmn2jec3mlzyqrbe.1.0.e2h5h5ph4dkkyjkfbsoqnk6h2q.mx2dm1m.dns0.org 2026-04-14
URL http://ppe-api-msn-com.ax-0003.ax-msedge.net 2026-04-14
URL http://ppe-api-msn-com.ax-0003.ax-msedge.net/ 2026-04-14
URL http://ud2u2g33ava2mqx4krkyf5yxbq.1.0.lvj2phznfzh6wtvhy3zgf46k6u.6p891il.dns0.org/ 2026-04-14
URL https://5k44mk3h523n6mzqjclxsvkdwm.1.0.bydpt67gs3mhusrw2zp4jwxaq4.tgrqyon.dns0.org 2026-04-14
URL https://int1-msn-com.ax-0003.ax-msedge.net 2026-04-14
URL https://ud2u2g33ava2mqx4krkyf5yxbq.1.0.lvj2phznfzh6wtvhy3zgf46k6u.6p891il.dns0.org 2026-04-14
URL https://ud2u2g33ava2mqx4krkyf5yxbq.1.0.lvj2phznfzh6wtvhy3zgf46k6u.6p891il.dns0.org/ 2026-04-14
URL https://forms.cloud.microsoft/cdn/scripts/dists/light-shareform-page.min.424675b.js 2026-04-14
URL https://forms.cloud.microsoft/e/2fxGuG5chf 2026-04-14
URL https://forms.cloud.microsoft/e/N8RVRXkDGh 2026-04-14
URL https://forms.cloud.microsoft/e/zcWTPNpJL1 2026-04-14
URL https://forms.cloud.microsoft/formapi/api/nfig6 2026-04-14
URL https://forms.cloud.microsoft/pages/responsepage.aspx... 2026-04-14
URL https://forms.cloud.microsoft/r/08iGdzYm57 2026-04-14
URL https://forms.cloud.microsoft/r/0bjhwUC2TU 2026-04-14
URL https://forms.cloud.microsoft/r/21XH7ub9vd 2026-04-14
URL https://forms.cloud.microsoft/r/3cABkr1CDn 2026-04-14
URL https://forms.cloud.microsoft/r/BUJfHPJDy4 2026-04-14
URL https://forms.cloud.microsoft/r/JBF0HMdLf9 2026-04-14
URL https://forms.cloud.microsoft/r/Lu0VXt72v0 2026-04-14
URL https://forms.cloud.microsoft/r/cG0CnE9WKn 2026-04-14
URL https://forms.cloud.microsoft/r/mHT3WapGJD 2026-04-14
URL https://forms.cloud.microsoft/r/wZvFQMeWZD 2026-04-14
URL https://forms.cloud.microsoft/r/xaz25dZm1i 2026-04-14
URL https://forms.cloud.microsoft/r/xaz25dZm1i.En 2026-04-14
URL https://mt-link.entreagiles.com/c/cl/bZLMu6y5oR8jI4h6RO.EOVvHH9nzuM5KlqxCk79TqyTAPaSZJPluLdDM0FqH6DJ9C63dKrWO97G7htBw8yRyD3j4x8EjBTeWfoJ4lYUY3Lfp6ENjOzPczSywNer8HjX75YmgRaavy2licNx6r4Ea_qinj3RTXQir57.9HOvV8zBRZU9_oi6smJ61Wp1wCF9sO2rDktoags0E.KYLUqlRHluDgX_36nN0JTXErGEpUhwwq2frkVAAG5b1WsvYdublM.PUutBVcTTpFbSUYgXPcKi6UFLWxvbndsB.lBspQNKwfbDrt_KDZpKv7C0Fb4B8qM9iIJylxhZBJs1FLPTgBuTHwS3eALzlwoFyos_YUgcu1rk1EuXk5D2I1ooKD7D9s1BnzFWbjfwsXP8~--zT7HIiodXLVIlzIf--6ph5yL7WNBZPEE0zxnq5BQ~~ 2026-04-14
URL http://5k44mk3h523n6mzqjclxsvkdwm.1.0.bydpt67gs3mhusrw2zp4jwxaq4.tgrqyon.dns0.org/ 2026-04-14
URL http://int1-msn-com.ax-0003.ax-msedge.net 2026-04-14
URL http://ntlkv3dn5nsmn2jec3mlzyqrbe.1.0.e2h5h5ph4dkkyjkfbsoqnk6h2q.mx2dm1m.dns0.org/ 2026-04-14
URL https://ax-0003.ax-msedge.net/ 2026-04-14
URL https://int1-msn-com.ax-0003.ax-msedge.net/ 2026-04-14
URL https://ntlkv3dn5nsmn2jec3mlzyqrbe.1.0.e2h5h5ph4dkkyjkfbsoqnk6h2q.mx2dm1m.dns0.org/ 2026-04-14
URL https://ppe-api-msn-com.ax-0003.ax-msedge.net 2026-04-14
URL https://ppe-api-msn-com.ax-0003.ax-msedge.net/ 2026-04-14
URL http://window.location.search/?window.location.search.replace/ 2026-04-14
URL http://window.location.search?window.location.search.replace 2026-04-14
URL https://entreprise-electronique-rouen.fr/page/vmgkuo 2026-04-15
URL http://185.159.82.12/payload.exe 2026-04-15
URL http://185.159.82.12/payload.exe 2026-04-15
URL https://47.113.114.47 2026-04-15
URL https://www.niche.com/k12/search/best-private-k12-schools/s/connecticut 2026-04-15
References (4)
↗ https://vtbehaviour.commondatastorage.googleapis.com/d11869fdfbf4bd87085e351b24d2c0e2ba5813fa267b05d969d9d2e46685d113_Zenbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1776183621&Signature=uQSwwOzpii%2FcKjaUt3UZ%2FKZ3C4DkSr3t5dURsz2pP4Es9CFMIWEz6oIAcURcfVri02K%2BedntrmLkvOs6c3g0yFcdgd9a82ARJF9jS5mDQGPXq9y54iiFvjgN98zNT%2BgoGoBF3IxeSAWO47BNwqYPY%2FzaVM0Pv14iXCBltAIH2Ss8R0OYrQytKcQLW48ggBvdA6fDl9x78WtpptMgs9Eu85KAN0wwHvtcrRpd1notnOQZYiYBk1qaAWD4HSrr ↗ https://vtbehaviour.commondatastorage.googleapis.com/d11869fdfbf4bd87085e351b24d2c0e2ba5813fa267b05d969d9d2e46685d113_CAPE%20Sandbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1776183658&Signature=tGjgj1F2qTBNB3zHOFjuVYbUuozwv%2FUH29aF5d5gmEhofNVf4N5DfD%2BmI9DjozB0MrJ96DeCjGEoPRo7i9Whr%2BThEkSnRgHkjV%2FPWe7tUL3zkNeuKXjs4bWH8BIxmdFyqGSy4cKx99ymtQAp%2F8AWxhqd15coMoLM31YqCpn8PnzvKtYQnIORJQjfhTUdyhha%2FmWvy7gaHGpZvJpaXiyF4IlYWdn9uYy%2FOSAR5Sh3f4F8fX3v ↗ https://vtbehaviour.commondatastorage.googleapis.com/000020331380e6110b5beba407728730579ebf170517913cc364e7dcb114187b_Zenbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1776183676&Signature=IqbnhkkWYeM6kbjfuoTYF2bD3VY52MzFCe5v2P6L5%2FvT66S4ZUFYI3vDp1VG9lGc%2BD%2FJ2J3U67VgV%2BLYeRFGqnQdkctuODu7CXIAc%2FhcLsIB1HWqR9qge57%2FDpdeQUbM%2BjuZ5TWqdfA%2Bqhc1jioTcgrPNBR3JE6M97q%2BxKrz4CUb3WIOfl1mIP91XjXy2cReTAKc%2FsLCnmEvrIFVXx%2BaFUCpCCMCRxF8QOMb67WRJ8hD0iaM ↗ https://vtbehaviour.commondatastorage.googleapis.com/000020331380e6110b5beba407728730579ebf170517913cc364e7dcb114187b_CAPE%20Sandbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1776183694&Signature=ZUnl%2FqTfn6nD5eHS7RvwcH%2Fv5Vtm4wB5Yc0hpeinjJ4Mk3V9%2FRkc6%2BJNireFTPFGSOwaLYwemKQwQA0okh9hYBN5ncSDlB6OSnED3OnM3iZUQDEdLBwgYUEP3M%2Bsg0s2XOV36s1V20ivPLzQVUrRM7CkuEyCsyWm7CCJQGdJBRcsNfR1BsgAOtLpiC6WPKr4xFa5QUh6PSgoGNXSDtj1Mk6Gs9iyav6G%2FtZYVoM%2FBUfcGg8W