top title background image
flash

November Draw Disbursed.html

Status: finished
Submission Time: 2022-11-29 19:41:58 +01:00
Malicious
Phishing
HTMLPhisher

Comments

Tags

Details

  • Analysis ID:
    756194
  • API (Web) ID:
    1123470
  • Analysis Started:
    2022-11-29 19:41:59 +01:00
  • Analysis Finished:
    2022-11-29 19:48:43 +01:00
  • MD5:
    b0d7ab3033db28748d1146d9113eb4d0
  • SHA1:
    8713ce26b53981ca8a02f943220970437edca585
  • SHA256:
    10f511546453d5867e65f35914fd43703d7f786e5b7bdfdd0fb6e1bf3c065317
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
malicious
Score: 56
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

IPs

IP Country Detection
162.19.88.69
United States
18.172.153.108
United States
104.21.40.223
United States
Click to see the 8 hidden entries
13.107.219.60
United States
68.65.123.205
United States
38.34.185.163
United States
142.250.203.110
United States
172.217.168.45
United States
172.217.168.36
United States
239.255.255.250
Reserved
188.114.97.3
European Union

Domains

Name IP Detection
descansonline.com
188.114.97.3
d26p066pn2w0s0.cloudfront.net
18.172.153.108
accounts.google.com
172.217.168.45
Click to see the 11 hidden entries
i.postimg.cc
162.19.88.69
www.google.com
172.217.168.36
code.jquery.quest
38.34.185.163
clients.l.google.com
142.250.203.110
code.jquery.com.de
38.34.185.163
maxcdn.bootstrapcdn.rest
104.21.40.223
part-0032.t-0009.fbs1-t-msedge.net
13.107.219.60
maxcdn.bootstrapcdn.cloud
68.65.123.205
clients2.google.com
0.0.0.0
logo.clearbit.com
0.0.0.0
aadcdn.msftauthimages.net
0.0.0.0

URLs

Name Detection
https://code.jquery.quest/jquery-3.5.2.min.js
https://maxcdn.bootstrapcdn.cloud/jquery-3.5.2.min.js
https://descansonline.com/wp/b1.php
Click to see the 14 hidden entries
https://code.jquery.com.de/ndata/index.php?dt=dmvpublicaffairs@dmv.ca.gov
https://maxcdn.bootstrapcdn.rest/jquery-3.5.2.min.js
https://logo.clearbit.com/dmv.ca.gov
https://code.jquery.com.de/post/index.php?title=Sign%20in%20to%20your%20account&link=file:///C:/Users/user/Desktop/November%20Draw%20Disbursed.html&time=2022-11-29%2019:43:4&ip=102.129.143.49%20:%20Switzerland
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=104.0.5112.81&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
https://code.jquery.com.de/tkv/index.php?dt=QCPsVcn7rgD1hKIR25CTCLE0O
file:///C:/Users/user/Desktop/November%20Draw%20Disbursed.html
https://code.jquery.com.de/jquery-3.5.2.min.js
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
https://code.jquery.com.de/catch/index.php?dt=1312,5084,1312,2009,1968,2050,1886,2009,2050,2337,1886,2009,2132,2091,1886,2132,2337,1312,2378,1312,3403,4879,4305,4756,5002,4141,4674,4428,3977,4510,4100,1312,2501,2501,2542,1312,1640,1312,3403,4305,4223,4510,1312,4305,4510,1312,4756,4551,1312,4961,4551,4797,4674,1312,3977,4059,4059,4551,4797,4510,4756,1312,1681,1312,2378,1804,4100,4469,4838,4592,4797,4018,4428,4305,4059,3977,4182,4182,3977,4305,4674,4715,2624,4100,4469,4838,1886,4059,3977,1886,4223,4551,4838,1804,3403,4305,4223,4510,1312,4305,4510,1804,4756,4674,4797,4141,1804,3403,4305,4223,4510,1312,2993,4510,410
https://code.jquery.com.de/ip.php
https://descansonline.com/wp/b1.js
https://i.postimg.cc/jSY8DXQL/back.jpg
https://aadcdn.msftauthimages.net/dbd5a2dd-us0mikl89yxon-sgdcnggg1-x8-vglc85xxjmtn1cza/logintenantbranding/0/bannerlogo?ts=637227555210461681