w46LaprMSv.js

Status: finished

Submission Time: 2020-01-15 01:21:21 +01:00

Malicious

Comments

Details

Analysis ID:
201049
API (Web) ID:
299888
Analysis Started:

2020-01-15 01:21:21 +01:00
Analysis Finished:

2020-01-15 01:37:25 +01:00
MD5:
144ec9302cade06df84ce371552d7fc6
SHA1:
289b4ebf053deab8b651f1a779d45bfe555a13c2
SHA256:
0a5c823a7f59ab4ebd36583b1387e2b38c500806d33db4ec92161978307e7197
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
	Full Report Management Report IOC Report	malicious Score: 48	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

Open Full Report

malicious

Score: 12/59

IPs

IP	Country	Detection
104.18.44.233	United States
136.243.75.30	Germany
18.233.3.105	United States
Click to see the 7 hidden entries
185.60.216.35	Ireland
216.58.201.66	United States
74.125.140.156	United States
216.58.201.67	United States
54.215.215.166	United States
185.60.216.19	Ireland
172.217.23.194	United States

Domains

Name	IP	Detection
star-mini.c10r.facebook.com	185.60.216.35
pagead46.l.doubleclick.net	172.217.23.194
px-eu.adhigh.net	136.243.75.30
Click to see the 13 hidden entries
scontent.xx.fbcdn.net	185.60.216.19
www.cigarhumidors-online.com	104.18.44.233
www.onlinechatcenters.com	54.215.215.166
stats.l.doubleclick.net	74.125.140.156
pagead.l.doubleclick.net	216.58.201.66
www.google.co.uk	216.58.201.67
nht-2.extreme-dm.com	18.233.3.105
px.adhigh.net	0.0.0.0
www.facebook.com	0.0.0.0
googleads.g.doubleclick.net	0.0.0.0
s7.addthis.com	0.0.0.0
connect.facebook.net	0.0.0.0
stats.g.doubleclick.net	0.0.0.0

URLs

Name	Detection
http://nht-2.extreme-dm.com/n2.g?login=1stcigar&url=file%3A//C%3A%5CUsers%5CCraig%20Holland%5CDesktop%5Cw46LaprMSv.js&jv=true&d=1280x1024&c=32&l=
http://www.amazon.com/
http://www.onlinechatcenters.com/visitor/?SESSID=&action=state&state_id_manager=30530&state_departments=71506&state_operators=&8496040&init=1&mouse_x=-4&mouse_y=0&cookie=_ga%3DGA1.1.1502396259.1579080160%3B%20_gid%3DGA1.1.874660275.1579080160&data=0%3Cv%3E%3Ci%3Einput%3Cv%3ESearch...%3Ci%3Einput%3Cv%3E%3Ci%3Einput%3Cv%3E%3Ci%3Einput%3Cv%3E73319%3Ci%3Einput%3Cv%3E%3Ci%3Eradio%3Cv%3Efalse%3Ci%3Eradio%3Cv%3Efalse%3Ci%3Eradio%3Cv%3Efalse%3Ci%3Eradio%3Cv%3Efalse%3Ci%3Eradio%3Cv%3Efalse%3Ci%3Eradio%3Cv%3Efalse%3Ci%3Eradio%3Cv%3Efalse%3Ci%3Eradio%3Cv%3Efalse%3Ci%3Eradio%3Cv%3Efalse%3Ci%3Eradio%3Cv%3Efalse%3Ci%3Eradio%3Cv%3Efalse%3Ci%3Eradio%3Cv%3Efalse%3Ci%3Eradio%3Cv%3Efalse%3Ci%3Eradio%3Cv%3Efalse%3Ci%3Eradio%3Cv%3Efalse%3Ci%3Eradio%3Cv%3Efalse%3Ci%3Eradio%3Cv%3Efalse%3Ci%3Eradio%3Cv%3Efalse%3Ci%3Eradio%3Cv%3Efalse%3Ci%3Eradio%3Cv%3Efalse%3Ci%3Einput%3Cv%3E%3Ci%3Einput%3Cv%3E%3Ci%3Einput%3Cv%3E%3Ci%3Etextarea%3Cv%3E%3Ci%3Einput%3Cv%3E117.50.19.93%3Ci%3Einput%3Cv%3E%3Ci%3Einput%3Cv%3E%3Ci%3Einput%3Cv%3E%3Ci%3Etextarea%3Cv%3E%3Ci%3Einput%3Cv%3Ehttps%253A%252F%252Fwww.cigarhumidors-online.com%253A443%252Fdiscount-cigars%252Fodyssey-connecticut-corona.html%3Ci%3Einput%3Cv%3EConnecticut%2520Corona%3Ci%3Einput%3Cv%3EODCCO%3Ci%3Einput%3Cv%3E0%3Ci%3Einput%3Cv%3E%3Ci%3Einput%3Cv%3E%255B%2520Enter%2520Email%2520%255D%3Ci%3E
Click to see the 97 hidden entries
https://www.cigarhumidors-online.com/skin/frontend/default/humidors/images/more-info.png
https://platform.twitter.com/widgets.js
https://www.cigarhumidors-online.com/ostrich-black-humidor-case.html
https://www.google.%/ads/ga-audiences?
https://www.cigarhumidors-online.com/foldingleathercigarcase.html
https://www.cigarhumidors-online.com/cigar-humidors/commercial-humidors.html
http://opensource.org/licenses/osl-3.0.php
https://www.cigarhumidors-online.com/cigar-accessories/cigarette-rolling-machine.html
https://www.cigarhumidors-online.com/discount-cigars/cigar-brand.html?brand=5973_Odyssey
http://www.twitter.com/
https://www.cigarhumidors-online.com/media/wysiwyg/free-shipping.jpg
https://www.cigarhumidors-online.com/js/multipledeals/swfobject.js
http://www..cigarhumidors-online.com/header_cart.php
https://www.cigarhumidors-online.com/cigar-accessories/cigar-cutters.html
http://www.businessdecision.com)
https://www.cigarhumidors-online.com/cigar-humidors/discount-humidors/the-salvatore-great-humidor.ht
https://www.cigarhumidors-online.com/cigar-accessories/humidifier-solution.html
https://www.cigarhumidors-online.com/media/catalog/product/cache/1/image/9df78eab33525d08d6e5fb8d271
https://www.cigarhumidors-online.com/gift-cards.html/
https://www.cigarhumidors-online.com/js/calendar/calendar-win2k-1.css
https://www.cigarhumidors-online.com/cheap-cigars-humidors-support/calibrating-a-hygrometer.html
https://www.cigarhumidors-online.com/skin/frontend/default/humidors/theme/footer_title_bg.png
https://www.cigarhumidors-online.com/skin/frontend/default/humidors/images/j2t/ajax-loader.gif
https://www.cigarhumidors-online.com:443/discount-cigars/odyssey-connecticut-corona.html%
https://www.cigarhumidors-online.com/customer/account/login
https://www.cigarhumidors-online.com/js/varien/configurable.js
http://www.live.com/
http://www.wikipedia.com/
https://www.cigarhumidors-online.com/cigar-accessories/acrylic-jar-cigar-minder.html
https://www.cigarhumidors-online.com/cigar-humidors/small-humidors.html
https://www.cigarhumidors-online.com/media/wysiwyg/banner2.jpg
https://www.cigarhumidors-online.com/catalogsearch/result/
https://www.cigarhumidors-online.com/skin/frontend/default/humidors/favicon.ico
https://www.cigarhumidors-online.com/skin/frontend/default/humidors/css/styles-ie.css
https://www.cigarhumidors-online.com/skin/frontend/default/humidors/theme/slider_img.png
https://www.cigarhumidors-online.com/cheap-cigars-humidors-support/tobacco-beetles-treatment.html
https://www.cigarhumidors-online.com/media/wysiwyg/banner_1.jpg
https://www.cigarhumidors-online.com/media/wysiwyg/1stclasshumidors-why-buy10.gif
https://www.cigarhumidors-online.com/skin/frontend/default/humidors/advancedmedia/js/cloud-zoom.1.0.
https://www.cigarhumidors-online.com/media/catalog/product/cache/1/image/250x250/9df78eab33525d08d6e
https://www.cigarhumidors-online.com/cigar-humidors/military-humidors.html
http://www.nytimes.com/
https://www.cigarhumidors-online.com/skin/frontend/default/default/css/j2t/ajax_cart.css
https://www.cigarhumidors-online.com/kensington-gift-set-cigar-humidor.html
http://opensource.org/licenses/afl-3.0.php
https://www.cigarhumidors-online.com/review/product/post/id/73319/
https://www.cigarhumidors-online.com/the-salvatore-great-humidor.html
https://www.cigarhumidors-online.com/skin/frontend/default/humidors/theme/youtube-icon.gif
http://192.168.1.100/Keithold/skin/frontend/default/humidors/theme/cart.png
https://www.cigarhumidors-online.com/cheap-cigars-humidors-support/support_setup.html
https://www.cigarhumidors-online.com/wmobiletracking/tracking/view/l
https://www.cigarhumidors-online.com/wood-crystal-ashtray.html
http://theezpzway.com;
https://www.cigarhumidors-online.com/cigar-accessories/smoking-accessories.html
https://www.cigarhumidors-online.com:443/discount-cigars/odyssey-connecticut-corona.html
http://www.reddit.com/
http://www.onlinechatcenters.com/code-30530-71506.js
https://stats.g.doubleclick.net/j/collect
https://www.cigarhumidors-online.com/customer/account/loginPost/
https://www.cigarhumidors-online.com/cheap-cigars-humidors-support/support_returns.html
http://216.227.208.192/header_cart.php
https://www.cigarhumidors-online.com/skin/frontend/default/default/js/j2t/ajax_cart.js
http://www.professorcloud.com
https://www.cigarhumidors-online.com/min/?f=skin/frontend/default/humidors/css/styles.css
https://www.cigarhumidors-online.com/skin/frontend/default/humidors/theme/search_button.png
https://www.cigarors-online.com/awmobiletracking/tracking/view/Root
https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&
https://www.cigarhumidors-online.com/discount-cigars/cigars-online.html
https://www.cigarhumidors-online.com/cheap-cigars-humidors-support/domestic-shipping.html
https://www.cigarhumidors-online.com/js/varien/product.js
http://w.sharethis.com/button/buttons.js
https://www.cigarhumidors-online.com/webtexgiftregistry/index/editRegistry/
https://stats.g.doubleclick.net/j/collect?
https://www.cigarhumidors-online.com/skin/frontend/default/humidors/css/responsive.css
http://www.discount-cigars-humidors.com/header_cart.php
https://www.cigarhumidors-online.com/js/calendar/calendar.js
https://www.cigarhumidors-online.com/skin/frontend/base/default/js/ie6.js
https://www.cigarhumidors-online.com/hampton-blue-humidor.html
https://www.googletraveladservices.com/travel/flights/clk
https://www.cigarhumidors-online.com/cheap-cigars-humidors-support/support.html
http://www.onlinechatcenters.com/visitor/?SESSID=&id=30530&ds=71506&os=&page=file%3A%2F%2F%2FC%3A%2FUsers%2FCraig%2520Holland%2FDesktop%2Fw46LaprMSv.js&ref=&8856234
https://www.cigarhumidors-online.com/skin/frontend/default/default/mw_freegift/js/jquery.ezpz_toolti
https://www.cigarhumidors-online.com/skin/frontend/default/humidors/images/basket-icon.png
https://www.cigarhumidors-online.com/wishlist/index/add/product/73319/
https://www.cigarhumidors-online.com/skin/frontend/default/humidors/theme/feature-icon-twitter.png
https://www.cigarhumidors-online.com/skin/adminhtml/default/default/images/ajax-loader-tr.gif
http://fancyapps.com/fancybox/
https://www.cigarhumidors-online.com/cigar-humidors/travel-humidors.html
https://www.cigarhumidors-online.com/baldwin-humidor-divider-system.html
http://www.gnu.org/licenses/lgpl.html
https://www.cigarhumidors-online.com/skin/frontend/default/humidors/theme/logo.png
https://www.cigarhumidors-online.com/cigar-humidors/medium-humidors.html
https://www.cigarhumidors-online.com/media/wysiwyg/daily-deals_3.jpg
https://www.cigarhumidors-online.com/js/lib/jquery-1.8.0.min.js
https://www.cigarhumidors-online.com/js/scriptaculous/scriptaculous.js
https://www.cigarhumidors-online.com/cigar-reviews-ratings/cigar-information-news.html
https://www.cigarhumidors-online.com/cigar-humidors/glass-top-humidors.html

Dropped files

Name	File Type	Hashes
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\QESP4GEJ\cb=gapi[1].js	ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\I9HE86MU\donatoramedium-italic-webfont[1].eot	Embedded OpenType (EOT), DonatoraMedium family	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\I9HE86MU\fbevents[1].js	ASCII text, with very long lines	#
Click to see the 59 hidden entries
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\I9HE86MU\imageoption[1].js	ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\I9HE86MU\login[1].htm	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\I9HE86MU\tooltip[1].js	data	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\I9HE86MU\top_right_bg[1].png	PNG image data, 4 x 4, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\I9HE86MU\youtube-icon[1].gif	GIF image data, version 89a, 40 x 41	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KRHE4CQY\analytics[1].js	ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KRHE4CQY\header_bg[1].jpg	[TIFF image data, little-endian, direntries=0], baseline, precision 8, 1010x138, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KRHE4CQY\imageoption[1].css	ASCII text	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KRHE4CQY\left_box-middle[1].png	PNG image data, 174 x 44, 8-bit/color RGB, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KRHE4CQY\tinybox[1].js	ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KRHE4CQY\tr[1].gif	GIF image data, version 89a, 1 x 1	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\QESP4GEJ\LO7MNFF5.htm	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\QESP4GEJ\body_bkg[1].jpg	[TIFF image data, little-endian, direntries=0], baseline, precision 8, 2000x756, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\I9HE86MU\custom[1].css	assembler source, ASCII text	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\QESP4GEJ\desktopStyles[1].css	ASCII text	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\QESP4GEJ\donatoramedium-italic-webfont[1].eot	Embedded OpenType (EOT), DonatoraMedium family	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\QESP4GEJ\effects[1].js	ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\QESP4GEJ\fbevents[1].js	UTF-8 Unicode text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\QESP4GEJ\free_shipping_banner[1].png	PNG image data, 167 x 80, 8-bit/color RGB, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\QESP4GEJ\min[1].js	UTF-8 Unicode text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\QESP4GEJ\search_box_bg[1].png	PNG image data, 171 x 24, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\QESP4GEJ\search_button[1].png	PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\QESP4GEJ\status-30530-71506[1].png	PNG image data, 167 x 80, 8-bit/color RGB, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\QESP4GEJ\tab_li_h[1].jpg	[TIFF image data, little-endian, direntries=0], baseline, precision 8, 406x34, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\QESP4GEJ\view[1].htm	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators	#
C:\Users\user\AppData\Local\Temp\~DF4150AF9B85D116CE.TMP	data	#
C:\Users\user\AppData\Local\Temp\~DFA080697BB624F209.TMP	data	#
C:\Users\user\AppData\Local\Temp\~DFFD1BEDD4626BE594.TMP	data	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\G7QTC28F\fbevents[1].js	UTF-8 Unicode text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{8CE49EF6-3778-11EA-AAE0-9CC1A2A860C6}.dat	Microsoft Word Document	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{96EB7D78-3778-11EA-AAE0-9CC1A2A860C6}.dat	Microsoft Word Document	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-17529550060\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-18270793970\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-21706820\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-4759708130\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-6757900\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-8760897390\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20259167780\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20332743330\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin8215062560\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\typalil\imagestore.dat	data	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\G7QTC28F\addthis_widget[1].js	UTF-8 Unicode text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\G7QTC28F\calendar-win2k-1[1].css	ASCII text	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\G7QTC28F\code-30530-71506[1].js	ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{8CE49EF4-3778-11EA-AAE0-9CC1A2A860C6}.dat	Microsoft Word Document	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\G7QTC28F\login[1].htm	HTML document, ASCII text, with very long lines, with CRLF, LF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\G7QTC28F\logo[1].png	PNG image data, 295 x 104, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\G7QTC28F\min[1].css	ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\G7QTC28F\min[1].js	UTF-8 Unicode text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\G7QTC28F\p[1].js	ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\G7QTC28F\platform[1].js	HTML document, ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\G7QTC28F\robot[1].png	PNG image data, 171 x 213, 8-bit colormap, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\G7QTC28F\slider_img[1].png	PNG image data, 350 x 247, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\G7QTC28F\tab_box_bg[1].jpg	[TIFF image data, little-endian, direntries=0], baseline, precision 8, 817x50, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\G7QTC28F\tr[1].gif	GIF image data, version 89a, 1 x 1	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\I9HE86MU\agaramondpro-bold-webfont[1].eot	Embedded OpenType (EOT), Adobe Garamond Pro family	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\I9HE86MU\agaramondpro-regular-webfont[1].eot	Embedded OpenType (EOT), Adobe Garamond Pro family	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\I9HE86MU\agaramondpro-regular-webfont[2].eot	Embedded OpenType (EOT), Adobe Garamond Pro family	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\I9HE86MU\code-30530-71506[1].js	ASCII text, with very long lines	#

w46LaprMSv.js

Comments

Tags

Available tags:

Details

Joe Sandbox

Third Party Analysis Engines

IPs

Domains

URLs

Dropped files

w46LaprMSv.js Options

Comments

Tags

Available tags:

Details

Joe Sandbox

Third Party Analysis Engines

IPs

Domains

URLs

Dropped files

Search started

w46LaprMSv.js