top title background image
flash

https://www.tevf.nl

Status: finished
Submission Time: 2019-09-11 20:48:42 +02:00
Malicious
Phishing

Comments

Tags

Details

  • Analysis ID:
    173098
  • API (Web) ID:
    240665
  • Analysis Started:
    2019-09-11 20:49:13 +02:00
  • Analysis Finished:
    2019-09-11 20:59:04 +02:00
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
malicious
Score: 52
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

malicious

IPs

IP Country Detection
40.122.32.51
United States
104.41.229.199
United States
152.199.23.37
United States

Domains

Name IP Detection
www.tevf.nl
0.0.0.0
cs1100.wpc.omegacdn.net
152.199.23.37
waws-prod-msftdb3-901.sip.azurewebsites.windows.net
104.41.229.199
Click to see the 6 hidden entries
ssl.wohls.azurewebsites.net
40.122.32.51
secure.aadcdn.microsoftonline-p.com
0.0.0.0
support-db3.scm.azurewebsites.net
0.0.0.0
aadcdn.msftauth.net
0.0.0.0
login.microsoftonline.com
0.0.0.0
ajax.aspnetcdn.com
0.0.0.0

URLs

Name Detection
https://www.tevf.nl/J
https://www.tevf.nl/Root
https://www.tevf.nl/
Click to see the 27 hidden entries
https://www.tevf.nl/JMicrosoft
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_78gr_8do2p
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_mbqre5pw01euigudkiyms
http://www.reddit.com/
http://www.live.com/
https://aadcdn.msftauth.net
http://www.wikipedia.com/
https://github.com/twbs/bootstrap/blob/master/LICENSE)
https://login.microsoftonline.com/jsdisabled
http://www.youtube.com/
https://login.microsof
http://www.opensource.org/licenses/mit-license.php)
https://github.com/twbs/bootstrap/graphs/contributors)
https://login.microsoftonline.com/
https://ajax.aspnetcdn.com/ajax/bootstrap/4.1.1/css/bootstrap.min.css
http://www.twitter.com/
https://aadcdn.msftauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico~(
https://getbootstrap.com/)
https://github.com/douglascrockford/JSON-js
https://aadcdn.msftauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico~
http://knockoutjs.com/
http://www.amazon.com/
https://login.microsoftonline.com/common/oauth2/authorize?response_type=code&redirect_uri=https%3A%2
https://aadcdn.msftauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.pcore.min_q6j9gbg8znquecf
http://www.nytimes.com/
https://login.microsofJ

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3PRWWXOM\bootstrap.min[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Temp\~DF75676DA93CF54E0B.TMP
data
#
C:\Users\user\AppData\Local\Temp\~DF60A22F320E0C447D.TMP
data
#
Click to see the 29 hidden entries
C:\Users\user\AppData\Local\Temp\~DF5DF07C874214427B.TMP
data
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\LTYLVBDO\favicon_a_eupayfgghqiai7k9sol6lg2[1].ico
MS Windows icon resource - 6 icons, 128x128, 16 colors, 72x72, 16 colors
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\LTYLVBDO\favicon[1].ico
MS Windows icon resource - 6 icons, 128x128, 16 colors, 72x72, 16 colors
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\LTYLVBDO\DXCKV5V0.htm
HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ATZL2J9G\ux.converged.login.pcore.min_q6j9gbg8znquecfrupl4ra2[1].js
UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ATZL2J9G\converged.v2.login.min_mbqre5pw01euigudkiymsa2[1].css
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ATZL2J9G\authorize[1].htm
HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8WQYDQEU\picker_account_aad_9de70d1c5191d1852a0d5aac28b44a6c[1].svg
SVG Scalable Vector Graphics image
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8WQYDQEU\main[1].css
ASCII text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8WQYDQEU\loc.min[1].js
UTF-8 Unicode (with BOM) text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8WQYDQEU\generic[1].svg
SVG Scalable Vector Graphics image
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3PRWWXOM\jquery-3.2.1.min[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3PRWWXOM\info_4883eb1a3cbdddf5a79e28d320cfe5a9[1].svg
SVG Scalable Vector Graphics image
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71E80E0E-D510-11E9-AADE-44C1B3FB757B}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3PRWWXOM\bootstrap.min[1].css
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3PRWWXOM\bannerlogo[1]
PNG image data, 187 x 35, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\6o07ku1\imagestore.dat
data
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin8215062560\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20332743330\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20259167780\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-8760897390\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-6757900\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-4759708130\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-314712940\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-21706820\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-18270793970\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-17529550060\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{7882137A-D510-11E9-AADE-44C1B3FB757B}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{71E80E10-D510-11E9-AADE-44C1B3FB757B}.dat
Microsoft Word Document
#