Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://freeusps.com/collections/2018/products/love-flourishes-2018-4946?data_from=collection_detail

Overview

General Information

Sample URL:https://freeusps.com/collections/2018/products/love-flourishes-2018-4946?data_from=collection_detail
Analysis ID:1487420
Infos:

Detection

Score:80
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

AI detected phishing page
Antivirus / Scanner detection for submitted sample
Antivirus detection for URL or domain
Multi AV Scanner detection for domain / URL
Multi AV Scanner detection for submitted file
HTML body with high number of embedded SVGs detected
HTML page contains hidden javascript code
HTML page contains string obfuscation
HTML title does not match URL
Stores files to the Windows start menu directory
Suspicious form URL found
Uses insecure TLS / SSL version for HTTPS connection

Classification

  • System is w10x64
  • chrome.exe (PID: 1248 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 2148 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2484 --field-trial-handle=2452,i,18170672456423597580,1559712562036951568,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • chrome.exe (PID: 3504 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://freeusps.com/collections/2018/products/love-flourishes-2018-4946?data_from=collection_detail" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup
No configs have been found
No yara matches
No Sigma rule has matched
No Snort rule has matched
Timestamp:2024-08-04T00:59:11.411824+0200
SID:2012510
Source Port:443
Destination Port:49905
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:58:32.679444+0200
SID:2012510
Source Port:443
Destination Port:49710
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:29.208904+0200
SID:2012510
Source Port:443
Destination Port:50005
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:07.788464+0200
SID:2012510
Source Port:443
Destination Port:49868
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:19.101111+0200
SID:2012510
Source Port:443
Destination Port:49969
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:11.322779+0200
SID:2012510
Source Port:443
Destination Port:49905
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:22.994867+0200
SID:2012510
Source Port:443
Destination Port:49984
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:11.412090+0200
SID:2012510
Source Port:443
Destination Port:49905
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:58:32.372240+0200
SID:2012510
Source Port:443
Destination Port:49710
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:58:32.679486+0200
SID:2012510
Source Port:443
Destination Port:49710
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:29.189990+0200
SID:2012510
Source Port:443
Destination Port:50005
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:18.919679+0200
SID:2012510
Source Port:443
Destination Port:49969
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:22.821840+0200
SID:2012510
Source Port:443
Destination Port:49984
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:07.889146+0200
SID:2012510
Source Port:443
Destination Port:49868
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:11.323079+0200
SID:2012510
Source Port:443
Destination Port:49905
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:58:58.982807+0200
SID:2012510
Source Port:443
Destination Port:49819
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:58:32.288419+0200
SID:2012510
Source Port:443
Destination Port:49710
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:19.008795+0200
SID:2012510
Source Port:443
Destination Port:49969
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:07.787546+0200
SID:2012510
Source Port:443
Destination Port:49868
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:44.445526+0200
SID:2012510
Source Port:443
Destination Port:50062
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:48.290233+0200
SID:2012510
Source Port:443
Destination Port:50097
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:11.323325+0200
SID:2012510
Source Port:443
Destination Port:49905
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:58:32.679020+0200
SID:2012510
Source Port:443
Destination Port:49710
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:11.323974+0200
SID:2012510
Source Port:443
Destination Port:49905
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:22.995765+0200
SID:2012510
Source Port:443
Destination Port:49984
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:58:32.284860+0200
SID:2012510
Source Port:443
Destination Port:49710
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:46.509462+0200
SID:2012510
Source Port:443
Destination Port:50082
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:29.153248+0200
SID:2012510
Source Port:443
Destination Port:50005
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:58:32.678977+0200
SID:2012510
Source Port:443
Destination Port:49710
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:58:32.288260+0200
SID:2012510
Source Port:443
Destination Port:49710
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:58:59.167757+0200
SID:2012510
Source Port:443
Destination Port:49819
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:29.278518+0200
SID:2012510
Source Port:443
Destination Port:50005
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:07.890135+0200
SID:2012510
Source Port:443
Destination Port:49868
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:58:32.284778+0200
SID:2012510
Source Port:443
Destination Port:49710
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:58:32.679066+0200
SID:2012510
Source Port:443
Destination Port:49710
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:07.789346+0200
SID:2012510
Source Port:443
Destination Port:49868
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:29.152827+0200
SID:2012510
Source Port:443
Destination Port:50005
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:58:32.370390+0200
SID:2012510
Source Port:443
Destination Port:49710
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:58:32.371789+0200
SID:2012510
Source Port:443
Destination Port:49710
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:29.208799+0200
SID:2012510
Source Port:443
Destination Port:50005
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:18.918203+0200
SID:2012510
Source Port:443
Destination Port:49969
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:11.235570+0200
SID:2012510
Source Port:443
Destination Port:49905
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:58:59.073949+0200
SID:2012510
Source Port:443
Destination Port:49819
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:23.082995+0200
SID:2012510
Source Port:443
Destination Port:49984
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:58:59.078069+0200
SID:2012510
Source Port:443
Destination Port:49819
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:58:59.164578+0200
SID:2012510
Source Port:443
Destination Port:49819
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:29.209184+0200
SID:2012510
Source Port:443
Destination Port:50005
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:29.208234+0200
SID:2012510
Source Port:443
Destination Port:50005
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:29.189427+0200
SID:2012510
Source Port:443
Destination Port:50005
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:58:58.983172+0200
SID:2012510
Source Port:443
Destination Port:49819
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:58:59.077269+0200
SID:2012510
Source Port:443
Destination Port:49819
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:58:58.984879+0200
SID:2012510
Source Port:443
Destination Port:49819
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:58:59.167801+0200
SID:2012510
Source Port:443
Destination Port:49819
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:19.009459+0200
SID:2012510
Source Port:443
Destination Port:49969
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:19.009395+0200
SID:2012510
Source Port:443
Destination Port:49969
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:19.009331+0200
SID:2012510
Source Port:443
Destination Port:49969
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:19.099503+0200
SID:2012510
Source Port:443
Destination Port:49969
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:58:58.982863+0200
SID:2012510
Source Port:443
Destination Port:49819
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:58:58.983961+0200
SID:2012510
Source Port:443
Destination Port:49819
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:29.208084+0200
SID:2012510
Source Port:443
Destination Port:50005
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:23.081382+0200
SID:2012510
Source Port:443
Destination Port:49984
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:58:32.369752+0200
SID:2012510
Source Port:443
Destination Port:49710
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:58:59.074304+0200
SID:2012510
Source Port:443
Destination Port:49819
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:19.011159+0200
SID:2012510
Source Port:443
Destination Port:49969
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:29.189877+0200
SID:2012510
Source Port:443
Destination Port:50005
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:11.412140+0200
SID:2012510
Source Port:443
Destination Port:49905
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:58:58.985891+0200
SID:2012510
Source Port:443
Destination Port:49819
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:07.926265+0200
SID:2012510
Source Port:443
Destination Port:49868
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:22.910062+0200
SID:2012510
Source Port:443
Destination Port:49984
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:11.237350+0200
SID:2012510
Source Port:443
Destination Port:49905
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:07.888641+0200
SID:2012510
Source Port:443
Destination Port:49868
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:23.082784+0200
SID:2012510
Source Port:443
Destination Port:49984
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:19.013164+0200
SID:2012510
Source Port:443
Destination Port:49969
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:58:32.369666+0200
SID:2012510
Source Port:443
Destination Port:49710
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:18.919782+0200
SID:2012510
Source Port:443
Destination Port:49969
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:07.888566+0200
SID:2012510
Source Port:443
Destination Port:49868
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:18.920668+0200
SID:2012510
Source Port:443
Destination Port:49969
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:19.011341+0200
SID:2012510
Source Port:443
Destination Port:49969
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:07.888363+0200
SID:2012510
Source Port:443
Destination Port:49868
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:11.322485+0200
SID:2012510
Source Port:443
Destination Port:49905
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:11.323507+0200
SID:2012510
Source Port:443
Destination Port:49905
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:18.922442+0200
SID:2012510
Source Port:443
Destination Port:49969
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:22.908144+0200
SID:2012510
Source Port:443
Destination Port:49984
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:58:32.369495+0200
SID:2012510
Source Port:443
Destination Port:49710
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:18.920721+0200
SID:2012510
Source Port:443
Destination Port:49969
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:58:32.370893+0200
SID:2012510
Source Port:443
Destination Port:49710
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:58:58.984932+0200
SID:2012510
Source Port:443
Destination Port:49819
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:11.322250+0200
SID:2012510
Source Port:443
Destination Port:49905
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:58:59.165174+0200
SID:2012510
Source Port:443
Destination Port:49819
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:29.152541+0200
SID:2012510
Source Port:443
Destination Port:50005
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:58:58.984014+0200
SID:2012510
Source Port:443
Destination Port:49819
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:29.208344+0200
SID:2012510
Source Port:443
Destination Port:50005
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:58:59.075574+0200
SID:2012510
Source Port:443
Destination Port:49819
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:19.011379+0200
SID:2012510
Source Port:443
Destination Port:49969
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:29.209090+0200
SID:2012510
Source Port:443
Destination Port:50005
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:19.009556+0200
SID:2012510
Source Port:443
Destination Port:49969
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:11.413713+0200
SID:2012510
Source Port:443
Destination Port:49905
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:58:58.892088+0200
SID:2012510
Source Port:443
Destination Port:49819
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:58:59.167675+0200
SID:2012510
Source Port:443
Destination Port:49819
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:22.994692+0200
SID:2012510
Source Port:443
Destination Port:49984
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:22.995235+0200
SID:2012510
Source Port:443
Destination Port:49984
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:22.908285+0200
SID:2012510
Source Port:443
Destination Port:49984
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:29.152643+0200
SID:2012510
Source Port:443
Destination Port:50005
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:58:32.369598+0200
SID:2012510
Source Port:443
Destination Port:49710
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:22.995139+0200
SID:2012510
Source Port:443
Destination Port:49984
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:58:32.678792+0200
SID:2012510
Source Port:443
Destination Port:49710
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:22.908498+0200
SID:2012510
Source Port:443
Destination Port:49984
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:29.278324+0200
SID:2012510
Source Port:443
Destination Port:50005
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:07.788138+0200
SID:2012510
Source Port:443
Destination Port:49868
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:07.887785+0200
SID:2012510
Source Port:443
Destination Port:49868
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:58:32.372416+0200
SID:2012510
Source Port:443
Destination Port:49710
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:29.151696+0200
SID:2012510
Source Port:443
Destination Port:50005
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:58:58.892492+0200
SID:2012510
Source Port:443
Destination Port:49819
Protocol:TCP
Classtype:Potentially Bad Traffic
Timestamp:2024-08-04T00:59:29.190157+0200
SID:2012510
Source Port:443
Destination Port:50005
Protocol:TCP
Classtype:Potentially Bad Traffic