Joe Sandbox Cloud Basic

Want to search on specific fields?


Try our:

Advanced Search

Want to search in depth on all Cloud Basic reports?

Try: Joe Sandbox View

Register Login
sloganpng
top title background image
flash

http://amazoncoms.temp.swtest.ru/ap/amazon/

Status: finished
Submission Time: 2020-07-30 11:48:34 +02:00
Malicious
Phishing
HTMLPhisher

Comments

Tags

Details

  • Analysis ID:
    253957
  • API (Web) ID:
    403471
  • Analysis Started:
    2020-07-30 11:52:09 +02:00
  • Analysis Finished:
    2020-07-30 11:58:47 +02:00
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
Full Report Management Report IOC Report
malicious
Score: 52
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

IPs

IP Country Detection
216.58.207.65
 United States
77.222.61.114
 Russian Federation

Domains

Name IP Detection
asf-ris-prod-neurope.northeurope.cloudapp.azure.com
 168.63.67.155
amazoncoms.temp.swtest.ru
 77.222.61.114
blogspot.l.googleusercontent.com
 216.58.207.65
Click to see the 2 hidden entries
g.msn.com
 0.0.0.0
amazon-scama.blogspot.com
 0.0.0.0

URLs

Name Detection
http://amazoncoms.temp.swtest.ru/ap/amazon/style/style3.css
http://amazoncoms.temp.swtest.ru/ap/amazon/style/style2.css
http://amazoncoms.temp
Click to see the 34 hidden entries
http://amazoncoms.temp.swtest.ru/ap/amazon/
http://amazoncoms.temp.swtest.ru/help
http://www.youtube.com/
http://www.wikipedia.com/
https://amazon-scama.blogspot.com/favicon.ico
https://m.media-amazon.com/images/G/01/amazonui/loading/loading-4x-gray._V1_.gif)
http://www.live.com/
https://m.media-amazon.com/images/G/01/amazonui/loading/spinner_4x._V1_.gif)
http://amazoncoms.temp.swtest.ru/ap/amazon/js/jquery.min.js
http://www.reddit.com/
https://amazon-scama.blogspot.com/feeds/posts/default
https://m.media-amazon.com/images/G/01/amazonui/loading/spinner_1x._V1_.gif)
https://www.blogblog.com/indie/mspin_black_large.svg)
http://amazoncoms.temp.swtest.ru/ap/amazon/js/jquery.validate.min.js
http://amazon-scama.blogspot.com/
http://amazoncoms.temp.swtest.ru/helpazon/
http://www.amazon.com/
http://amazoncoms.temp.swtest.ru/ap/amazon/styel/style1.css
https://amazon-scama.blogspot.com/feeds/posts/default?alt=rss
http://www.nytimes.com/
http://amazoncoms.temp.swtest.ru/ap/amazon/Root
https://www.blogger.com/feeds/3688778480902325360/posts/default
http://amazoncoms.temp.swtest.ru/ap/amazon/style/img/icon.png
https://m.media-amazon.com/images/G/01/amazonui/loading/loading-2x-gray._V1_.gif)
https://m.media-amazon.com/images/G/01/amazonui/loading/spinner_2x._V1_.gif)
https://amazon-scama.blogspot.com)
http://amazoncoms.temp.swtest.ru/ap/amazon/js/sire.form.js
https://www.blogger.com/profile/10656310694057125592
https://m.media-amazon.com/images/G/01/AUIClients/AmazonUICarousel-arrows-c495a9b59afd9b35a08c12513d
http://www.twitter.com/
https://www.blogblog.com/indie/mspin_white_large.svg)
http://amazoncoms.temp.swtest.ru/ap/amazon/style/img/AmazonUIBaseCSS-sprite_1x-28bd59af93d9b1c745bb0aca4de58763b54df7cf._V2_.png
http://amazoncoms.temp.swtest.ru/ap/amazonRoot
http://amazoncoms.temp.swtest.ru/ap/amazon/x

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3Y2ADQKS\amazon[1].htm
 HTML document, UTF-8 Unicode (with BOM) text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\wlm7n14\imagestore.dat
 data
 #
C:\Users\user\AppData\Local\Temp\~DFED2A728E2CBF1AB2.TMP
 data
 #
Click to see the 23 hidden entries
C:\Users\user\AppData\Local\Temp\~DF32848DB003CFBD6D.TMP
 data
 #
C:\Users\user\AppData\Local\Temp\~DF189B30DC33437E59.TMP
 data
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\jquery.validate.min[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\jquery.min[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\G62TDH9B\sire.form[1].js
 ASCII text
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\G62TDH9B\icon[1].png
 PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\G62TDH9B\MH00DGUK.htm
 HTML document, ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9QTQHWWN\AmazonUIBaseCSS-sprite_1x-28bd59af93d9b1c745bb0aca4de58763b54df7cf._V2_[1].png
 PNG image data, 400 x 670, 8-bit colormap, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3Y2ADQKS\style3[1].css
 ASCII text
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3Y2ADQKS\style2[1].css
 ASCII text
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{E3258B60-D295-11EA-90E0-ECF4BB2D2496}.dat
 Microsoft Word Document
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin8215062560\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20332743330\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20259167780\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-8760897390\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-6757900\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-4759708130\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-314712940\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-21706820\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-18270793970\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-17529550060\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{EAE52EA2-D295-11EA-90E0-ECF4BB2D2496}.dat
 Microsoft Word Document
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{E3258B62-D295-11EA-90E0-ECF4BB2D2496}.dat
 Microsoft Word Document
 #