Joe Sandbox Cloud Basic

Want to search on specific fields?


Try our:

Advanced Search

Want to search in depth on all Cloud Basic reports?

Try: Joe Sandbox View

Register Login
sloganpng
top title background image
flash

https://ytirtfaszx.appspot.com/

Status: finished
Submission Time: 2019-10-17 02:35:05 +02:00
Malicious
Phishing

Comments

Tags

Details

  • Analysis ID:
    183362
  • API (Web) ID:
    265347
  • Analysis Started:
    2019-10-17 02:35:06 +02:00
  • Analysis Finished:
    2019-10-17 02:41:33 +02:00
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
Full Report Management Report IOC Report
malicious
Score: 48
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

IPs

IP Country Detection
104.103.84.102
 United States
104.19.197.151
 United States
104.18.53.85
 United States
Click to see the 6 hidden entries
104.16.125.175
 United States
192.229.221.185
 United States
172.217.23.212
 United States
152.199.23.37
 United States
23.96.111.19
 United States
104.27.186.182
 United States

Domains

Name IP Detection
cloud.typography.com
 0.0.0.0
img-prod-cms-rt-microsoft-com.akamaized.net
 0.0.0.0
secure.aadcdn.microsoftonline-p.com
 0.0.0.0
Click to see the 14 hidden entries
client.hip.live.com
 0.0.0.0
ajax.aspnetcdn.com
 0.0.0.0
acctcdn.msauth.net
 0.0.0.0
statics-marketingsites-wcus-ms-com.akamaized.net
 0.0.0.0
aadcdn.msftauth.net
 0.0.0.0
signup.live.com
 0.0.0.0
cs1100.wpc.omegacdn.net
 152.199.23.37
aa-hip-prod.eastus.cloudapp.azure.com
 23.96.111.19
unpkg.com
 104.16.125.175
cs1227.wpc.alphacdn.net
 192.229.221.185
bestvpn.org
 104.18.53.85
outdatedbrowser.com
 104.27.186.182
cdnjs.cloudflare.com
 104.19.197.151
ytirtfaszx.appspot.com
 172.217.23.212

URLs

Name Detection
http://search.sify.com/
http://www.soso.com/
https://acctcdn.msauth.net
Click to see the 97 hidden entries
http://www.google.si/
https://signup.live.com/Resources/images/favicon.ico
http://aka.ms/w6r45e
https://bestvpn.org/outdatedbrowser/fr
http://search.nifty.com/
https://bestvpn.org/outdatedbrowser/public/imgs/windows-title-288x288.png
http://www.gmarket.co.kr/
http://search.yahoo.co.jp/favicon.ico
http://openimage.interpark.com/interpark.ico
https://npms.io/search?q=ponyfill.
https://bestvpn.org/outdatedbrowser/fi
https://signin.kissmetrics.com/privacy/#controls
http://www.ozu.es/favicon.ico
http://uk.search.yahoo.com/
https://outdatedbrowser.com/
http://www.rambler.ru/favicon.ico
http://list.taobao.com/browse/search_visual.htm?n=15&q=
http://google.pchome.com.tw/
http://crl.pki.goog/gsr2/gsr2.crl0?
http://browse.guardian.co.uk/favicon.ico
http://www.pchome.com.tw/favicon.ico
http://www.a9.com/
https://bestvpn.org/outdatedbrowser/et
http://www.servicios.clarin.com/
http://www.ceneo.pl/favicon.ico
http://it.search.yahoo.com/
https://signup.live.com/Resources/images/convergedbg_v2_pdvUOT_2pyXH5ith335y8A2.jpg
http://www.tiscali.it/favicon.ico
http://www.cdiscount.com/
http://www.news.com.au/favicon.ico
https://bestvpn.org/outdatedbrowser/el
http://ariadna.elmundo.es/
http://service2.bfast.com/
http://search.centrum.cz/favicon.ico
https://bestvpn.org/outdatedbrowser/es
https://bestvpn.org/outdatedbrowser/cs
https://bestvpn.org/outdatedbrowser/en
https://www.appsflyer.com/optout
https://acctcdn.msauth.net/image
http://www.iask.com/
http://search.orange.co.uk/favicon.ico
https://bestvpn.org/outdatedbrowser/
http://www.target.com/
http://auto.search.msn.com/response.asp?MT=
http://www.twitter.com/
http://cnweb.search.live.com/results.aspx?q=
http://busca.orange.es/
https://watchbeam.zendesk.com/hc/en-us/articles/115000922623-Rules-of-User-Conduct
http://www.ya.com/favicon.ico
https://bestvpn.org/outdatedbrowser/public/scripts/outdatedBrowser.min.css
https://bestvpn.org/outdatedbrowser/public/scripts/ie8-and-down.min.css
https://bestvpn.org/outdatedbrowser/public/imgs/id/windows-title-288x288.png
http://busca.igbusca.com.br//app/static/images/favicon.ico
http://www.reddit.com/
https://ytirtfaszx.appspot.com/
http://msk.afisha.ru/
https://github.com/MoonScript/jQuery-ajaxTransport-XDomainRequest
https://www.skype.com
http://img.shopzilla.com/shopzilla/shopzilla.ico
https://bestvpn.org/outdatedbrowser/ar
https://ytirtfaszx.appspot.com//#r/envCGCcrV6L7v9TsY9y04sllioA0vmXm-
http://in.search.yahoo.com/
https://bestvpn.org/outdatedbrowser/enLOutdated
https://unpkg.com/vue/dist/vue.min.js
http://fr.search.yahoo.com/
https://www.xbox.com/en-US/Legal/CodeOfConduct
http://aka.ms/kr4ndl
http://www.asp.net/ajaxlibrary/CDN.ashx.
https://bestvpn.org
http://www.dailymail.co.uk/
http://www.merlin.com.pl/favicon.ico
http://www.mercadolivre.com.br/
https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protectio
http://sads.myspace.com/
http://fontello.comiconsRegulariconsiconsVersion
http://www.opensource.org/licenses/mit-license.php)
http://www.amazon.de/
http://search.auction.co.kr/
https://bestvpn.org/outdatedbrowser/da
http://www.google.it/
https://bestvpn.org/outdatedbrowser/public/scripts/xDomainRequest.js
http://www.ask.com/
http://www.microsofttranslator.com/BVPrev.aspx?ref=IE8Activity
https://pki.goog/repository/0
http://ocsp.pki.goog/gsr202
http://search.chol.com/favicon.ico
http://buscar.ozu.es/
https://bestvpn.org/outdatedbrowser/de
https://acctcdn.msauth.net/jquerypackage_1.10_5V7LAuc3bNAQx2QQfr1RPw2.js?v=1
http://search.msn.co.jp/results.aspx?q=
http://ocsp.pki.goog/gts1o10
http://cgi.search.biglobe.ne.jp/favicon.ico
https://cloud.typography.com/7432916/6683412/css/fonts.css
https://acctcdn.msauth.net/images/microsoft_logo_7lyNn7YkjJOP0NwZNw6QvQ2.svg
http://search.hanafos.com/favicon.ico
http://it.search.dada.net/favicon.ico
http://www.etmall.com.tw/favicon.ico

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\IC7JQLYY.htm
 HTML document, UTF-8 Unicode text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\mwfmdl2-v3.48[1].woff
 Web Open Font Format, TrueType, length 26140, version 0.0
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\mscc-0.4.1.min[1].css
 ASCII text, with very long lines, with no line terminators
 #
Click to see the 82 hidden entries
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\jquery-1.11.2.min[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\jquery-1.10.1.min[1].js
 ASCII text, with very long lines, with CRLF, LF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\favicon[1].ico
 MS Windows icon resource - 6 icons, 128x128, 16 colors, 72x72, 16 colors
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\es6-promise.auto.min[1].js
 UTF-8 Unicode text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\convergedbg_small_v2_Z9GCPpM7FVE8hxRSZUez6g2[1].jpg
 JPEG image data, baseline, precision 8, 50x28, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\browsers-bg[1].png
 PNG image data, 1000 x 400, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\app[1].css
 UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\PrivacyStatement[1].htm
 HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\0d9a1b09c06e309dd25e00c30da8616bnbr1571161006[1].css
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\75-fe3700[1].css
 UTF-8 Unicode text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\vue.min[1].js
 ASCII text, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\style[1].css
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\signup[1].htm
 HTML document, ASCII text, with very long lines, with CRLF, LF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\servicesagreement[1].htm
 HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\print-icon[1].png
 PNG image data, 16 x 16, 8-bit/color RGB, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\override[2].css
 ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\override[1].css
 ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\mscc-0.4.1.min[1].js
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\mscc-0.4.1.min[1].css
 UTF-8 Unicode text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\icon-lang-arrow[1].png
 PNG image data, 20 x 12, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Temp\~DFC9BAB04D778989B6.TMP
 data
 #
C:\Users\user\AppData\Local\Temp\~DF35609939B4F26782.TMP
 data
 #
C:\Users\user\AppData\Local\Temp\~DF1F8ED40A563C02F0.TMP
 data
 #
C:\Users\user\AppData\Local\Temp\dat2236.tmp
 Web Open Font Format, TrueType, length 27799, version 1.0
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\vue.min[1].js
 ASCII text, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\script[1].js
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\lodash.min[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\latest[2].eot
 Embedded OpenType (EOT), Segoe UI Light family
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\latest[1].eot
 Embedded OpenType (EOT), Segoe UI family
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\jquery-1.7.2.min[1].js
 HTML document, UTF-8 Unicode text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\lightweightsignuppackage_eIVb15_CxiZ8TIwtwbN27w2[1].js
 UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\favicon[1].ico
 MS Windows icon resource - 4 icons, 64x64, 32 bits/pixel, 32x32, 32 bits/pixel
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\dropdown_caret_KXSZjGsyILZaoTf0sI9X-A2[1].svg
 SVG Scalable Vector Graphics image
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\datarequestpackage_dT3VZJ_4lD5UykUFoE8W2w2[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\d6-c4d640[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\convergedbg_v2_pdvUOT_2pyXH5ith335y8A2[1].jpg
 JPEG image data, baseline, precision 8, 1920x1080, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\Print[1].png
 PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\9a0204ff157b5a99911ba689af01b386nbr1571161005[1].js
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\9BC008E6D6A30A3AB[1].css
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\37_533e293f0c8947ada653b47c00e394e2[1].png
 PNG image data, 342 x 72, 4-bit colormap, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-8760897390\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\close@2x[1].png
 PNG image data, 44 x 42, 8-bit gray+alpha, interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\a7c6d3994cd78d7c4352d66cbf8d34b7[1].js
 UTF-8 Unicode text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\RE1Mu3b[1].png
 PNG image data, 216 x 46, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\44LV7V2H.htm
 HTML document, UTF-8 Unicode text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\0_a5dbd4393ff6a725c7e62b61df7e72f0[1].jpg
 data
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\0-small_138bcee624fa04ef9b75e86211a9fe0d[1].jpg
 JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x28, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\6aw4uvh\imagestore.dat
 data
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin8215062560\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20332743330\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20259167780\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\d6-c4d640[1].js
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-6757900\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-4759708130\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-21706820\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-18270793970\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-17529550060\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{941B3A28-F0C1-11E9-AADB-C25F135D3C65}.dat
 Microsoft Word Document
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{8CD25158-F0C1-11E9-AADB-C25F135D3C65}.dat
 Microsoft Word Document
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{8CD25156-F0C1-11E9-AADB-C25F135D3C65}.dat
 Microsoft Word Document
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\D1YBPPLZ\ytirtfaszx.appspot[1].xml
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\9BC008E6D6A30A3AB[1].htm
 HTML document, ASCII text, with CRLF, LF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\jquerypackage_1.10_5V7LAuc3bNAQx2QQfr1RPw2[1].js
 UTF-8 Unicode text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\fonts[1].htm
 HTML document, ASCII text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\favicon_a[1].ico
 MS Windows icon resource - 6 icons, 128x128, 16 colors, 72x72, 16 colors
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\favicon[1].ico
 MS Windows icon resource - 6 icons, 128x128, 16 colors, 72x72, 16 colors
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\converged_ux_v2_f6Iitro4yOzjxCr26dqd_w2[1].css
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\analytics[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\a3107e4d4ae0ea783cd1177c52f1e6301571161004[1].js
 UTF-8 Unicode text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\VC8F4TBI.htm
 HTML document, ASCII text, with CRLF, LF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\EUPN2EP1.htm
 HTML document, UTF-8 Unicode text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\9a0204ff157b5a99911ba689af01b386nbr1571161005[1].css
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\9K719AIK\bestvpn[1].xml
 ASCII text, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\75-fe3700[1].css
 UTF-8 Unicode text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\style[1].css
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\outdatedBrowser.min[1].css
 ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\modernizr-2.6.2.min[1].js
 HTML document, ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\microsoft_logo_7lyNn7YkjJOP0NwZNw6QvQ2[2].svg
 SVG Scalable Vector Graphics image
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\microsoft_logo_7lyNn7YkjJOP0NwZNw6QvQ2[1].svg
 SVG Scalable Vector Graphics image
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\latest[1].eot
 Embedded OpenType (EOT), Segoe UI Semibold family
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\favicon[1].ico
 MS Windows icon resource - 6 icons, 128x128, 16 colors, 72x72, 16 colors
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\en[1].htm
 HTML document, UTF-8 Unicode text, with CRLF, LF line terminators
 #