Joe Sandbox Cloud Basic

Want to search on specific fields?


Try our:

Advanced Search

Want to search in depth on all Cloud Basic reports?

Try: Joe Sandbox View

Register Login
sloganpng
top title background image
flash

http://covid-sharep.lapetitboutique.com/screen.php?New_tWfgGGT____soppdYTW_____opUtyDheGWWeQiWJDD___fhfhKLHJSfCxsD=christopher.watson@provident.co.uk&fCCjdhRWyryCCSXW____fjfhDFHHFhsh=SFI7SW1wLiAjOTQ5NTMgUHJvZC5wZGY=&data=02|01|Christopher.Watson@providentfinancial.com|3b39e48d625944d3d98208d81db5a7a8|1f3665faf16448a29631751be35d4b41|0|1|637292013323078349&sdata=+L6uJ8Zo17dtpJLpadiFH+6eEr2nq1S/qNfrvxeCMkI=&reserved=0

Status: finished
Submission Time: 2020-07-01 18:51:17 +02:00
Malicious
Phishing

Comments

Tags

Details

  • Analysis ID:
    242674
  • API (Web) ID:
    381057
  • Analysis Started:
    2020-07-01 18:51:17 +02:00
  • Analysis Finished:
    2020-07-01 18:56:21 +02:00
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
Full Report Management Report IOC Report
malicious
Score: 60
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

IPs

IP Country Detection
5.133.109.127
 Russian Federation
199.192.26.229
 United States

Domains

Name IP Detection
ms-sharebox.envitiea.com
 5.133.109.127
covid-sharep.lapetitboutique.com
 199.192.26.229
r3.res.outlook.com
 0.0.0.0
Click to see the 1 hidden entries
spoprod-a.akamaihd.net
 0.0.0.0

URLs

Name Detection
http://covid-sharep.lapetitboutique.com/screen.php?New_tWfgGGT____soppdYTW_____opUtyDheGWWeQiWJDD___fhfhKLHJSfCxsD=christopher.watson@provident.co.uk&fCCjdhRWyryCCSXW____fjfhDFHHFhsh=SFI7SW1wLiAjOTQ5NTMgUHJvZC5wZGY=&data=02|01|Christopher.Watson@providentfinancial.com|3b39e48d625944d3d98208d81db5a7a8|1f3665faf16448a29631751be35d4b41|0|1|637292013323078349&sdata=+L6uJ8Zo17dtpJLpadiFH+6eEr2nq1S/qNfrvxeCMkI=&reserved=0
http://www.nytimes.com/
https://ms-sharebox.envitiea.com/xero/img/favicon.ico~
Click to see the 13 hidden entries
https://ms-sharebox.envitiea.com/xero/0_index.php?recv=christopher.watson
http://www.youtube.com/
http://www.wikipedia.com/
http://www.amazon.com/
https://ms-sharebox.enapetitboutique.com/screen.php?New_tWfgGGT____soppdYTW_____opUtyDheGWWeQiWJDD__
https://covid-sharep.lapetitboutique.com/screen.php?New_tWfgGGT____soppdYTW_____opUtyDheGWWeQiWJDD__
https://files.covid19.ca.gov/pdf/guidance-office-workspaces.pdf
http://www.live.com/
http://www.reddit.com/
http://www.twitter.com/
https://ms-sharebox.envitiea.com/xero/img/favicon.ico
https://r3.res.outlook.com/o365/versionless/shellg2coremincss_592985a3.css
https://spoprod-a.akamaihd.net/files/odsp-next-prod_2018-04-13_20180427.001/odsp-media/images/newfea

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\0_index[2].htm
 HTML document, UTF-8 Unicode text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\0_index[1].htm
 HTML document, UTF-8 Unicode text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PKAQFTEH\curatedfolders[1].gif
 GIF image data, version 89a, 245 x 147
 #
Click to see the 40 hidden entries
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\odrive_logo[1].png
 PNG image data, 57 x 67, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\screen[1].htm
 HTML document, ASCII text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\succ[1].png
 PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\KFOlCnqEu92Fr1MmSU5fBBc-[1].woff
 Web Open Font Format, TrueType, length 20348, version 1.1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\css[1].css
 ASCII text
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\folder[1].svg
 SVG Scalable Vector Graphics image
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\jquery-1.11.3.min[1].js
 ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\officelens[1].gif
 GIF image data, version 89a, 245 x 147
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PKAQFTEH\25[1].gif
 GIF image data, version 89a, 99 x 99
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\close[1].png
 PNG image data, 332 x 333, 8-bit colormap, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PKAQFTEH\logo[1].png
 PNG image data, 800 x 800, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PKAQFTEH\main[1].js
 ASCII text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PKAQFTEH\out[1].png
 PNG image data, 2000 x 2019, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PKAQFTEH\photosview[1].gif
 GIF image data, version 89a, 245 x 147
 #
C:\Users\user\AppData\Local\Temp\datDE93.tmp
 Web Open Font Format (Version 2), TrueType, length 35784, version 0.0
 #
C:\Users\user\AppData\Local\Temp\datE2EA.tmp
 Web Open Font Format (Version 2), TrueType, length 27284, version 0.0
 #
C:\Users\user\AppData\Local\Temp\datE339.tmp
 Web Open Font Format (Version 2), TrueType, length 26428, version 0.0
 #
C:\Users\user\AppData\Local\Temp\~DF3C9D1B628432F4A3.TMP
 data
 #
C:\Users\user\AppData\Local\Temp\~DF56C7E37BE0286028.TMP
 data
 #
C:\Users\user\AppData\Local\Temp\~DFAF51CB0096A4427F.TMP
 data
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20332743330\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{2552BE71-BBBB-11EA-AAE7-9CC1A2A860C6}.dat
 Microsoft Word Document
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{2D28833C-BBBB-11EA-AAE7-9CC1A2A860C6}.dat
 Microsoft Word Document
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-17529550060\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-18270793970\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-21706820\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-4759708130\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-6757900\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-8760897390\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20259167780\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\info[1].png
 PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin8215062560\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\v8bxa9r\imagestore.dat
 data
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\favicon[2].ico
 MS Windows icon resource - 3 icons, 32x32, 32 bits/pixel, 24x24, 32 bits/pixel
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\screen[1].htm
 HTML document, ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\style2[1].css
 ASCII text
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\style[1].css
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\tm[1].png
 PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\word[1].png
 PNG image data, 552 x 524, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{2552BE6F-BBBB-11EA-AAE7-9CC1A2A860C6}.dat
 Microsoft Word Document
 #