Register Login

sloganpng

top title background image

Shared Note.shtml

Status: finished

Submission Time: 2023-03-20 23:10:41 +01:00

Malicious

Phishing

HTMLPhisher

Comments

Tags

Details

Analysis ID:
830998
API (Web) ID:
1198097
Analysis Started:

2023-03-20 23:10:41 +01:00
Analysis Finished:

2023-03-20 23:16:18 +01:00
MD5:
0d2b643a8a9740f4d532769fa2eb27cd
SHA1:
ada841fd06e0b972c0dbef1cac93416504febd6d
SHA256:
dd19d3a8449db2ccccaf96928a7cf9da2d6688639c13434e195ff6ac018491a7
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
	Full Report Management Report IOC Report	malicious Score: 56	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

IPs

IP	Country	Detection
162.214.94.29	United States
142.250.186.45	United States
104.17.24.14	United States
Click to see the 8 hidden entries
52.109.77.2	United States
152.199.23.72	United States
142.250.181.238	United States
52.109.32.24	United States
239.255.255.250	Reserved
13.107.237.45	United States
192.229.221.95	United States
142.250.184.228	United States

Domains

Name	IP	Detection
huntsvillevacationhomes.com	162.214.94.29
accounts.google.com	142.250.186.45
cdnjs.cloudflare.com	104.17.24.14
Click to see the 7 hidden entries
www.google.com	142.250.184.228
part-0017.t-0009.fdv2-t-msedge.net	13.107.237.45
clients.l.google.com	142.250.181.238
cs1025.wpc.upsiloncdn.net	152.199.23.72
aadcdn.msauthimages.net	0.0.0.0
clients2.google.com	0.0.0.0
code.jquery.com	0.0.0.0

URLs

Name	Detection
file:///C:/Users/user/Desktop/Shared%20Note.shtml
https://aadcdn.msauthimages.net/dbd5a2dd-cqs0y4h-wodzlzqfzyuh-rppbvccjqbum5mzw2-hr3e/logintenantbranding/0/illustration?ts=637927455229497181
http://fontawesome.io
Click to see the 5 hidden entries
https://huntsvillevacationhomes.com/vfd/host15/8f6905e.php
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=104.0.5112.102&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
http://fontawesome.io/license

Dropped files

Name	File Type	Hashes	Detection
C:\Users\user\AppData\Local\Temp\Outlook Logging\OUTLOOK_16_0_13929_20386-20230320T2311030492-1908.etl	data	#
C:\Users\user\Documents\Outlook Files\Outlook Data File - NoEmail.pst	data	#
Chrome Cache Entry: 122	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 2905	#
Click to see the 9 hidden entries
Chrome Cache Entry: 123	troff or preprocessor input, ASCII text, with very long lines (372)	#
Chrome Cache Entry: 124	PNG image data, 1920 x 1080, 8-bit/color RGBA, non-interlaced	#
Chrome Cache Entry: 125	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 7390	#
Chrome Cache Entry: 126	PNG image data, 1920 x 1080, 8-bit/color RGBA, non-interlaced	#
Chrome Cache Entry: 127	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 250	#
Chrome Cache Entry: 128	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 2905	#
Chrome Cache Entry: 129	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 7390	#
Chrome Cache Entry: 130	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 250	#
Chrome Cache Entry: 131	ASCII text, with very long lines (32030)	#