Sample details: 379d5568ff3caab8534abb8b9e399df1 --

Hashes
MD5: 379d5568ff3caab8534abb8b9e399df1
SHA1: f0f2bf94cf492ecdb8987d097b1f7d33c3c20ce7
SHA256: 492db37af842b66af255509724c300a16cb4cb54b041aa4a2d85cbfaddc6e6e5
SSDEEP: 192:QeHmn/3Yf6jIB9h+QdNHMBtLZ0h2zpqMwK2PjpqM/wjB0jGivymo:7f6jIB/tHHMWrvBPQJL
Details
File Type: HTML
Yara Hits
YRP/domain | YRP/url | YRP/contentis_base64 | YRP/Big_Numbers1 | YRP/memory_shylock |
Source
http://learn.cloudience.com/ojekwaeng/yugo/shit.exe
Strings
		<!DOCTYPE html>
	<!--[if IE 8]>
		<html xmlns="http://www.w3.org/1999/xhtml" class="ie8" lang="en-US">
	<![endif]-->
	<!--[if !(IE 8) ]><!-->
		<html xmlns="http://www.w3.org/1999/xhtml" lang="en-US">
	<!--<![endif]-->
	<head>
	<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
	<title>Log In &lsaquo; Cloudience Learning Portal &#8212; WordPress</title>
	<link rel='dns-prefetch' href='//s.w.org' />
<link rel='stylesheet' id='dashicons-css'  href='https://learn.cloudience.com/wp-includes/css/dashicons.min.css?ver=5.1.1' type='text/css' media='all' />
<link rel='stylesheet' id='buttons-css'  href='https://learn.cloudience.com/wp-includes/css/buttons.min.css?ver=5.1.1' type='text/css' media='all' />
<link rel='stylesheet' id='forms-css'  href='https://learn.cloudience.com/wp-admin/css/forms.min.css?ver=5.1.1' type='text/css' media='all' />
<link rel='stylesheet' id='l10n-css'  href='https://learn.cloudience.com/wp-admin/css/l10n.min.css?ver=5.1.1' type='text/css' media='all' />
<link rel='stylesheet' id='login-css'  href='https://learn.cloudience.com/wp-admin/css/login.min.css?ver=5.1.1' type='text/css' media='all' />
<script type="text/javascript">
(function(url){
	if(/(?:Chrome\/26\.0\.1410\.63 Safari\/537\.31|WordfenceTestMonBot)/.test(navigator.userAgent)){ return; }
	var addEvent = function(evt, handler) {
		if (window.addEventListener) {
			document.addEventListener(evt, handler, false);
		} else if (window.attachEvent) {
			document.attachEvent('on' + evt, handler);
	var removeEvent = function(evt, handler) {
		if (window.removeEventListener) {
			document.removeEventListener(evt, handler, false);
		} else if (window.detachEvent) {
			document.detachEvent('on' + evt, handler);
	var evts = 'contextmenu dblclick drag dragend dragenter dragleave dragover dragstart drop keydown keypress keyup mousedown mousemove mouseout mouseover mouseup mousewheel scroll'.split(' ');
	var logHuman = function() {
		if (window.wfLogHumanRan) { return; }
		window.wfLogHumanRan = true;
		var wfscr = document.createElement('script');
		wfscr.type = 'text/javascript';
		wfscr.async = true;
		wfscr.src = url + '&r=' + Math.random();
		(document.getElementsByTagName('head')[0]||document.getElementsByTagName('body')[0]).appendChild(wfscr);
		for (var i = 0; i < evts.length; i++) {
			removeEvent(evts[i], logHuman);
	for (var i = 0; i < evts.length; i++) {
		addEvent(evts[i], logHuman);
})('//learn.cloudience.com/?wordfence_lh=1&hid=CEBE0907D674200759D926D00EC641B3');
</script><style>
#custom-logo {
	width:100%;
	text-align: center;
	padding:0 0 10px 0;
	margin-top: 5em;
	opacity: 1;
#login {
	margin-top: 10px !important;
	padding-top:0;
#login-wrapper {
	background:#0089CA;position:absolute;display:block; width:100%; height:100%; top:0; left:0; overflow:auto;
.login-wrapped {
	padding:0 0 0 0 !important;
	margin:0 0 0 0 !important;
#login,
#custom-logo {
position:relative;
top:0px;
left:0px;
.login label, label {
	color:#d6d6d6;
	font-size:14px;
.login form,
form {
	-moz-border-radius: 15px 5px 15px 5px;
	-khtml-border-radius: 15px 5px 15px 5px;
	-webkit-border-radius: 15px 5px 15px 5px;
	border-radius: 15px 5px 15px 5px;
	background: url(https://learn.cloudience.com/wp-content/uploads/2018/10/cyber security course99.jpg) inherit inherit left top inherit;
	border: 2px solid #005A90;
	-moz-box-shadow: rgba(54, 54, 54, 0.7) 0px 0px 5px 3px;
	-webkit-box-shadow: rgba(54, 54, 54, 0.7) 0px 0px 5px 3px;
	-khtml-box-shadow: rgba(54, 54, 54, 0.7) 0px 0px 5px 3px;
	box-shadow: rgba(54, 54, 54, 0.7) 0px 0px 5px 3px;
	opacity: 1;
body form .input  {
	background-color:ececec;
	border-color:#005A90;
	-moz-box-shadow: rgba(255, 255, 255, 0.9) 1px 1px 2px inset;
	-webkit-box-shadow: rgba(255, 255, 255, 0.9) 1px 1px 2px inset;
	-khtml-box-shadow: rgba(255, 255, 255, 0.9) 1px 1px 2px inset;
	box-shadow: rgba(255, 255, 255, 0.9) 1px 1px 2px inset;
.wp-core-ui .button-primary,
input.button-primary:active, button.button-primary:active, a.button-primary:active,
input.button-primary, button.button-primary, a.button-primary {
	color: #ffffff;
	background-color: #6c9833;
	background:-moz-linear-gradient(top,#6c9833, #44700b);
	background:-webkit-gradient(linear, left top, left bottom, from(#6c9833), to(#44700b));
	filter:  progid:DXImageTransform.Microsoft.gradient(startColorStr='#6c9833', EndColorStr='#44700b');
	border-color:#5a8621;
.wp-core-ui .button-primary:active,
.wp-core-ui .button-primary.hover, .wp-core-ui .button-primary:hover, .wp-core-ui .button-primary.focus, .wp-core-ui .button-primary:focus,
input.button-primary:hover, button.button-primary:hover, a.button-primary:hover {
	color: #ffffff;
	background-color: #7da944;
	background:-moz-linear-gradient(top,#7da944, #55811c);
	background:-webkit-gradient(linear, left top, left bottom, from(#7da944), to(#55811c));
	filter:  progid:DXImageTransform.Microsoft.gradient(startColorStr='#7da944', EndColorStr='#55811c');
	border-color:#6b9732;
</style>
<script type="text/javascript" src="https://learn.cloudience.com/wp-content/plugins/white-label-branding/js/jquery.js"></script>
<script>
jQuery(document).ready(function($){
	if($('body.login > #login').length>0){
	$('#login h1').remove();
	$('body').prepend('<div id="custom-logo"><a href="https://learn.cloudience.com"><img border="0" src="https://learn.cloudience.com/wp-content/uploads/2018/10/Cloudience-300-White.png" /></a></div>');	
	 apply_login_background();
	$(window).resize(function(e){
		if( $(this).width()<480 ){
			if( ! $('body').hasClass('wlb-small-login') ){
				$('body').addClass('wlb-small-login');
				apply_custom_login_template();
		}else{
			if( $('body').hasClass('wlb-small-login') ){
				$('body').removeClass('wlb-small-login');
				apply_custom_login_template();
	}).resize();
	apply_custom_login_template();
function apply_login_background(){
	jQuery(document).ready(function($){
	var con = $('body').children();
	$('body').append('<div id="login-wrapper"></div>');
	$('#login-wrapper').append( con );
	//not working well on latest wp: $('<div id="login-wrapper"></div>').append( $('body').children() ).appendTo('body');
	$('body').addClass('login-wrapped');
function apply_custom_login_template(){
	jQuery(document).ready(function($){
		var _template = '';
		if($('body').hasClass('wlb-small-login')){
					}else{
					}
		if(''!=_template){
			var con = $('body').children();
			$('body').prepend('<div id="custom-logo"><a href="https://learn.cloudience.com"><img border="0" src="https://learn.cloudience.com/wp-content/uploads/2018/10/Cloudience-300-White.png" /></a></div>');//custom logo.
			$('body').append('<div id="hide-wrapper" style="display:none;"></div>');
			$('#hide-wrapper').append( con );
			//$('<div id="hide-wrapper" style="display:none;"></div>').append( $('body').children() ).appendTo('body');	
			$('#hide-wrapper').hide();
			$('body').append( _template )
				.find('#login-form-holder').append($('#login')).end()
				.find('#login-back-link').append($('#backtoblog a')).end()
				.find('#login-custom-logo').append($('#custom-logo')).end()
			$('#hide-wrapper').remove();
			apply_login_background();
			$('#login').show();
</script>
.login #backtoblog a, .login #nav a {color: #fff;}	<meta name='robots' content='noindex,noarchive' />
	<meta name='referrer' content='strict-origin-when-cross-origin' />
		<meta name="viewport" content="width=device-width" />
		</head>
	<body class="login login-action-login wp-core-ui  locale-en-us">
		<div id="login">
		<h1><a href="https://wordpress.org/" title="Powered by WordPress">Powered by WordPress</a></h1>
	<form name="loginform" id="loginform" action="https://learn.cloudience.com/wp-login.php" method="post">
		<label for="user_login">Username or Email Address<br />
		<input type="text" name="log" id="user_login" class="input" value="" size="20" autocapitalize="off" /></label>
		<label for="user_pass">Password<br />
		<input type="password" name="pwd" id="user_pass" class="input" value="" size="20" /></label>
			<p class="forgetmenot"><label for="rememberme"><input name="rememberme" type="checkbox" id="rememberme" value="forever"  /> Remember Me</label></p>
	<p class="submit">
		<input type="submit" name="wp-submit" id="wp-submit" class="button button-primary button-large" value="Log In" />
				<input type="hidden" name="redirect_to" value="/ojekwaeng/yugo/shit.exe" />
					<input type="hidden" name="testcookie" value="1" />
	</form>
			<p id="nav">
					<a href="https://learn.cloudience.com/wp-login.php?action=lostpassword">Lost your password?</a>
				</p>
	<script type="text/javascript">
	function wp_attempt_focus(){
	setTimeout( function(){ try{
			d = document.getElementById('user_login');
				d.focus();
	d.select();
	} catch(e){}
	}, 200);
			wp_attempt_focus();
			if(typeof wpOnload=='function')wpOnload();
			</script>
			<p id="backtoblog"><a href="https://learn.cloudience.com/">
		&larr; Back to Cloudience Learning Portal	</a></p>
	</div>
		<div class="clear"></div>
	</body>
	</html>