We are hiring! Windows Kernel Developer (Remote), apply here!
flash

https://www.evernote.com/shard/s601/sh/37d985c2-2862-575c-145e-8cd169549bc8/518d16a0d112c168ac6c447977a15cc1

Status: finished
Submission Time: 2022-08-31 23:52:41 +02:00
Malicious
Phishing
HTMLPhisher

Comments

Tags

Details

  • Analysis ID:
    694563
  • API (Web) ID:
    1062042
  • Analysis Started:
    2022-08-31 23:52:42 +02:00
  • Analysis Finished:
    2022-08-31 23:57:48 +02:00
  • Technologies:
Full Report Management Report IOC Report Engine Info Verdict Score Reports

System: Windows 10 64 bit version 1909 (MS Office 2019, IE 11, Chrome 91, Firefox 88, Adobe Reader DC 21, Java 8 u291, 7-Zip)

malicious
80/100

malicious

IPs

IP Country Detection
142.250.186.78
United States
142.250.185.68
United States
172.217.16.205
United States
Click to see the 6 hidden entries
68.65.122.75
United States
35.168.242.161
United States
74.125.140.154
United States
18.66.248.14
United States
239.255.255.250
Reserved
35.190.3.250
United States

Domains

Name IP Detection
wtrt62.glitch.me
35.168.242.161
wnntrucking.net
68.65.122.75
accounts.google.com
172.217.16.205
Click to see the 11 hidden entries
stats.l.doubleclick.net
74.125.140.154
dashboard.svc.www.evernote.com
35.190.3.250
www.google.com
172.217.16.132
auth-cloudfront.prod.ims.adobejanus.com
18.66.248.14
clients.l.google.com
142.250.186.78
use.typekit.net
0.0.0.0
clients2.google.com
0.0.0.0
content.evernote.com
0.0.0.0
www.evernote.com
0.0.0.0
stats.g.doubleclick.net
0.0.0.0
cdn.glitch.global
0.0.0.0

URLs

Name Detection
file:///C:/Users/user/Downloads/message.html
https://www.evernote.com/shard/s601/client/snv?noteGuid=37d985c2-2862-575c-145e-8cd169549bc8&noteKey=518d16a0d112c168ac6c447977a15cc1&sn=https%3A%2F%2Fwww.evernote.com%2Fshard%2Fs601%2Fsh%2F37d985c2-2862-575c-145e-8cd169549bc8%2F518d16a0d112c168ac6c447977a15cc1&title=County%2Bof%2BMarin
https://wnntrucking.net/wp-includes/js/css/89hhdis.php
Click to see the 22 hidden entries
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=104.0.5112.102&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
https://dashboard.svc.www.evernote.com/app/nv/ce/note_viewer_ce.3f5a792446497fedcefe.js
https://dashboard.svc.www.evernote.com/app/nv/ce/images/todo-before-unchecked.ed4d0e5dfd5dea7b3ca2d0009433c527.png
https://dashboard.svc.www.evernote.com/app/nv/en.9677374f5226e3503d72.js
https://wtrt62.glitch.me/styles.23802016.css
https://www.evernote.com/shard/s601/client/snv/ce
https://dashboard.svc.www.evernote.com/app/nv/ce/images/todo-before-checked@2x.87213c0ded0782f6022161f7d871234a.png
https://dashboard.svc.www.evernote.com/app/nv/ce/images/todo-before-checked.8aea89f504987c4f067bc6a76ef46aee.png
https://dashboard.svc.www.evernote.com/app/nv/ce/images/todo-unchecked.176215f068a388a063888b3512d0a1a4.png
https://dashboard.svc.www.evernote.com/app/nv/ce/images/todo-unchecked@2x.c3c4ff13b71dfbc14ef9a45a561a92a2.png
https://dashboard.svc.www.evernote.com/app/nv/icons-1ec2b385e995168bc5bb4934b116d4a6/favicon.ico
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
https://dashboard.svc.www.evernote.com/app/nv/vendors~main.09d176dfea5b9d297bca.js
https://www.google.com/chrome/
https://dashboard.svc.www.evernote.com/app/nv/ce/images/todo-checked@2x.11f80f43dc76ab8d3830eb04f348a2d7.png
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-285778-5&cid=945071781.1661982799&jid=1442971979&gjid=383102579&_gid=83092774.1661982799&_u=YGBAgEABAAAAAE~&z=84565900
https://dashboard.svc.www.evernote.com/app/nv/ce/images/todo-before-unchecked@2x.16dd62aafb400734f63f9359d38353b5.png
https://dashboard.svc.www.evernote.com/app/nv/ce/ce-001e22adb7.js
https://dashboard.svc.www.evernote.com/app/nv/main.7df2ea8aefc64dfe7f5f.js
https://dashboard.svc.www.evernote.com/app/nv/ce/note_viewer_ce.8df7565ed507240152c9.css
https://dashboard.svc.www.evernote.com/app/nv/ce/ce-450b2463e5.css
https://dashboard.svc.www.evernote.com/app/nv/ce/images/todo-checked.7590e8cd2c641835fc28e0b773603bba.png

Dropped files

Name File Type Hashes Detection
C:\Users\user\Downloads\11cb7930-bbe1-4640-886e-fa22ba519cfc.tmp
HTML document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\Downloads\message.html (copy)
HTML document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\Downloads\message.html.crdownload
HTML document, ASCII text, with very long lines, with CRLF line terminators
#