Joe Sandbox Cloud Basic

Want to search on specific fields?


Try our:

Advanced Search

Want to search in depth on all Cloud Basic reports?

Try: Joe Sandbox View

Register Login
sloganpng
top title background image
flash

https://covid-sharep.healtharticlesbox.com/screen.php?New_tWfgGGT____soppdYTW_____opUtyDheGWWeQiWJDD___fhfhKLHJSfCxsD=louise.espalieu@sgs.com&fCCjdhRWyryCCSXW____fjfhDFHHFhsh=SFI7SW1wLiAjOTQ5NTMgUHJvZC5wZGY=

Status: finished
Submission Time: 2020-07-01 01:17:27 +02:00
Suspicious
Phishing

Comments

Tags

Details

  • Analysis ID:
    242453
  • API (Web) ID:
    380625
  • Analysis Started:
    2020-07-01 01:17:28 +02:00
  • Analysis Finished:
    2020-07-01 01:21:48 +02:00
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
Full Report Management Report IOC Report
suspicious
Score: 22
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

IPs

IP Country Detection
5.133.109.127
 Russian Federation
199.192.26.229
 United States

Domains

Name IP Detection
covid-sharep.healtharticlesbox.com
 199.192.26.229
ms-sharebox.envitiea.com
 5.133.109.127
r3.res.outlook.com
 0.0.0.0
Click to see the 1 hidden entries
spoprod-a.akamaihd.net
 0.0.0.0

URLs

Name Detection
http://www.nytimes.com/
https://ms-sharebox.envitiea.com/xero/img/favicon.ico~
http://www.youtube.com/
Click to see the 12 hidden entries
http://www.wikipedia.com/
http://www.amazon.com/
https://files.covid19.ca.gov/pdf/guidance-office-workspaces.pdf
https://ms-sharebox.enealtharticlesbox.com/screen.php?New_tWfgGGT____soppdYTW_____opUtyDheGWWeQiWJDD
http://www.live.com/
https://covid-sharep.healtharticlesbox.com/screen.php?New_tWfgGGT____soppdYTW_____opUtyDheGWWeQiWJDD
http://www.reddit.com/
http://www.twitter.com/
https://ms-sharebox.envitiea.com/xero/img/favicon.ico
https://r3.res.outlook.com/o365/versionless/shellg2coremincss_592985a3.css
https://ms-sharebox.envitiea.com/xero/0_index.php?recv=louise.espalieu
https://spoprod-a.akamaihd.net/files/odsp-next-prod_2018-04-13_20180427.001/odsp-media/images/newfea

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\jquery-1.11.3.min[1].js
 ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\odrive_logo[1].png
 PNG image data, 57 x 67, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\out[1].png
 PNG image data, 2000 x 2019, 8-bit/color RGBA, non-interlaced
 #
Click to see the 39 hidden entries
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\tm[1].png
 PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\0_index[1].htm
 HTML document, UTF-8 Unicode text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\curatedfolders[1].gif
 GIF image data, version 89a, 245 x 147
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\logo[1].png
 PNG image data, 800 x 800, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\photosview[1].gif
 GIF image data, version 89a, 245 x 147
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\style2[1].css
 ASCII text
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\style[1].css
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\folder[1].svg
 SVG Scalable Vector Graphics image
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\css[1].css
 ASCII text
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\main[1].js
 ASCII text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\succ[1].png
 PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\word[1].png
 PNG image data, 552 x 524, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Temp\dat693A.tmp
 Web Open Font Format (Version 2), TrueType, length 35784, version 0.0
 #
C:\Users\user\AppData\Local\Temp\dat6A74.tmp
 Web Open Font Format (Version 2), TrueType, length 27284, version 0.0
 #
C:\Users\user\AppData\Local\Temp\dat6A94.tmp
 Web Open Font Format (Version 2), TrueType, length 26428, version 0.0
 #
C:\Users\user\AppData\Local\Temp\~DF4ED9674443DEF3BC.TMP
 data
 #
C:\Users\user\AppData\Local\Temp\~DF8823CC890CD03A39.TMP
 data
 #
C:\Users\user\AppData\Local\Temp\~DFB53FDB74B894912B.TMP
 data
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin8215062560\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5B90CD51-BB73-11EA-AADE-C25F135D3C65}.dat
 Microsoft Word Document
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{62272A4D-BB73-11EA-AADE-C25F135D3C65}.dat
 Microsoft Word Document
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-17529550060\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-18270793970\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-21706820\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-4759708130\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-6757900\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-8760897390\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20259167780\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20332743330\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5B90CD4F-BB73-11EA-AADE-C25F135D3C65}.dat
 Microsoft Word Document
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\6aw4uvh\imagestore.dat
 data
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\0_index[1].htm
 HTML document, UTF-8 Unicode text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\25[1].gif
 GIF image data, version 89a, 99 x 99
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\KFOlCnqEu92Fr1MmSU5fBBc-[1].woff
 Web Open Font Format, TrueType, length 20348, version 1.1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\favicon[1].ico
 MS Windows icon resource - 3 icons, 32x32, 32 bits/pixel, 24x24, 32 bits/pixel
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\info[1].png
 PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\officelens[1].gif
 GIF image data, version 89a, 245 x 147
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\screen[1].htm
 HTML document, ASCII text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\close[1].png
 PNG image data, 332 x 333, 8-bit colormap, non-interlaced
 #