BILL_OF_LANDING_DOC00097.html

Status: finished

Submission Time: 2020-07-03 21:03:03 +02:00

Malicious

Phishing

Comments

Details

Analysis ID:
243311
API (Web) ID:
382324
Analysis Started:

2020-07-03 21:03:04 +02:00
Analysis Finished:

2020-07-03 21:08:28 +02:00
MD5:
a852885af3301fdace38400d090ddb4b
SHA1:
6ead8c087932111980580b3074cc1575d5204272
SHA256:
5e76560b1a140470af6996f16b6343cbf276e936907918c2f7c30710f2729a2b
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
	Full Report Management Report IOC Report	malicious Score: 72	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

IPs

IP	Country	Detection
198.54.120.214	United States

Domains

Name	IP	Detection
bernardconfrols.com	198.54.120.214
assets.onestore.ms	0.0.0.0
ajax.aspnetcdn.com	0.0.0.0

URLs

Name	Detection
https://bernardconfrols.com/file/files/microsoft_logo.svg?x=ee5c8d9fb6248c938fd0dc19370e90bd
http://www.wikipedia.com/
https://ec.europa.eu/consumers/odr
Click to see the 37 hidden entries
https://www.skype.com/go/legal.broadcast
https://bernardconfrols.com/file/files/converged.login.min.css
http://fontello.comiconsRegulariconsiconsVersion
https://privacy.micros
http://www.youtube.com/
https://www.skype.com/go/legal
https://www.microsoft.
https://privacy.m
https://bernardconfrols.com/file/files/convergedloginpaginatedstrings-en-gb.min.js
http://www.live.com/
https://github.com/h5bp/html5-boilerplate/blob/master/src/css/main.css
https://www.linkedin.com/legal/privacy-policy
https://bernardconfrols.com/file/files/picker_account_aad.svg?x=9de70d1c5191d1852a0d5aac28b44a6c
http://github.com/requirejs/almond/LICENSE
http://www.reddit.com/
https://mixer.com/contact
https://www.here.com/)
http://www.amazon.com/
https://login.skype.com/login
http://www.nytimes.com/
https://bernardconfrols.com/file/files/favicon_a.ico
https://bernardconfrols.com/file/files/convergedlogin_pcore.min.js
http://fontello.com
https://bernardconfrols.com/file/files/0-small.jpg?x=12f4b8b543125cc986c79cd85320812f");
https://www.microsoft.n/Desktop/BILL_OF_LANDING_DOC00097.html
https://www.skype.com/go/emergency
https://yellowpantheglobal.com/a.php
https://www.skype.com/go/store.reactivate.credit
https://www.xbox.com
http://www.asp.net/ajaxlibrary/CDN.ashx.
https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protectio
https://www.skype.com/go/emergency/
http://www.twitter.com/
https://bernardconfrols.com/file/files/0.jpg?x=f5a9a9531b8f4bcc86eabb19472d15d5");
https://bernardconfrols.com/file/files/microsoft_logo.png?x=ed9c9eb0dce17d752bedea6b5acda6d9
https://www.skype.com/go/allrates
https://www.privacyshield.gov/welcome

Dropped files

Name	File Type	Hashes
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T7L7U67X\script[1].js	UTF-8 Unicode text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KGYEP10B\latest[3].eot	Embedded OpenType (EOT), Segoe UI family	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KGYEP10B\microsoft_logo[1].svg	SVG Scalable Vector Graphics image	#
Click to see the 49 hidden entries
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KGYEP10B\mwfmdl2-v3.54[1].woff	Web Open Font Format, TrueType, length 26288, version 0.0	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KGYEP10B\script[1].js	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KGYEP10B\servicesagreement[1].htm	HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T7L7U67X\converged.login.min[1].css	ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T7L7U67X\favicon[1].ico	MS Windows icon resource - 6 icons, 128x128, 16 colors, 72x72, 16 colors	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T7L7U67X\latest[1].eot	Embedded OpenType (EOT), Segoe UI Semibold family	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T7L7U67X\mscc-0.4.2.min[1].css	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T7L7U67X\mscc-0.4.2.min[1].js	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T7L7U67X\picker_account_aad[1].svg	SVG Scalable Vector Graphics image	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T7L7U67X\print-icon[1].png	PNG image data, 16 x 16, 8-bit/color RGB, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KGYEP10B\latest[2].eot	Embedded OpenType (EOT), Segoe UI Light family	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T7L7U67X\style[1].css	UTF-8 Unicode text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W2BICE6W\0[1].jpg	[TIFF image data, big-endian, direntries=5], baseline, precision 8, 1424x920, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W2BICE6W\RE1Mu3b[1].png	PNG image data, 216 x 46, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W2BICE6W\icons[1].eot	Embedded OpenType (EOT), icons family	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W2BICE6W\jquery-1.7.2.min[1].js	HTML document, UTF-8 Unicode text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W2BICE6W\latest[1].eot	Embedded OpenType (EOT), Segoe UI Light family	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W2BICE6W\latest[1].woff	Web Open Font Format, TrueType, length 41280, version 0.0	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W2BICE6W\override[1].css	ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W2BICE6W\style[1].css	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Temp\~DF43BC70EF665C4F7F.TMP	data	#
C:\Users\user\AppData\Local\Temp\~DF9EF498E8BC2E4688.TMP	data	#
C:\Users\user\AppData\Local\Temp\~DFC5A4F9DB1C807467.TMP	data	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\r1ckxmj\imagestore.dat	data	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{54BA36E5-BDAB-11EA-AAE6-44C1B3FB757B}.dat	Microsoft Word Document	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{54BA36E6-BDAB-11EA-AAE6-44C1B3FB757B}.dat	Microsoft Word Document	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-17529550060\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-18270793970\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-21706820\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-314712940\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-4759708130\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-6757900\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-8760897390\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20259167780\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20332743330\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin8215062560\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{54BA36E3-BDAB-11EA-AAE6-44C1B3FB757B}.dat	Microsoft Word Document	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\0-small[1].jpg	[TIFF image data, big-endian, direntries=7, xresolution=98, yresolution=106, resolutionunit=2, software=paint.net 4.0.13], baseline, precision 8, 50x28, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\4d-6e4c52[1].js	ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\Print[1].png	PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\app[1].css	ASCII text, with very long lines, with CRLF, LF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\arrow_px_up[1].gif	GIF image data, version 89a, 7 x 9	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\jquery-1.11.2.min[1].js	ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\privacystatement[1].htm	HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\script[1].js	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\HNHL2TDR\shell.min[1].css	UTF-8 Unicode text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KGYEP10B\97-f45c3f[1].css	UTF-8 Unicode text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KGYEP10B\favicon[1].ico	MS Windows icon resource - 6 icons, 128x128, 16 colors, 72x72, 16 colors	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KGYEP10B\latest[1].eot	Embedded OpenType (EOT), Segoe UI family	#

BILL_OF_LANDING_DOC00097.html

Comments

Tags

Available tags:

Details

Joe Sandbox

IPs

Domains

URLs

Dropped files

BILL_OF_LANDING_DOC00097.html Options

Comments

Tags

Available tags:

Details

Joe Sandbox

IPs

Domains

URLs

Dropped files

Search started

BILL_OF_LANDING_DOC00097.html