Joe Sandbox Cloud Basic

Want to search on specific fields?


Try our:

Advanced Search

Want to search in depth on all Cloud Basic reports?

Try: Joe Sandbox View

Register Login
sloganpng
top title background image
flash

https://us17.campaign-archive.com/?u=ca192dc58b08f26519f675cd5&id=a3992a569c

Status: finished
Submission Time: 2020-07-30 15:19:34 +02:00
Malicious
Phishing
HTMLPhisher

Comments

Tags

Details

  • Analysis ID:
    254148
  • API (Web) ID:
    404057
  • Analysis Started:
    2020-07-30 15:20:35 +02:00
  • Analysis Finished:
    2020-07-30 15:27:30 +02:00
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
Full Report Management Report IOC Report
malicious
Score: 48
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

IPs

IP Country Detection
172.217.18.163
 United States
162.215.254.118
 United States
74.117.178.183
 United States
Click to see the 5 hidden entries
66.102.1.154
 United States
204.155.149.68
 United States
74.117.178.97
 United States
152.199.23.37
 United States
104.16.132.229
 United States

Domains

Name IP Detection
asf-ris-prod-neurope.northeurope.cloudapp.azure.com
 168.63.67.155
cs1100.wpc.omegacdn.net
 152.199.23.37
stats.l.doubleclick.net
 66.102.1.154
Click to see the 13 hidden entries
cdnjs.cloudflare.com
 104.16.132.229
dc599.4shared.com
 204.155.149.68
www.google.co.uk
 172.217.18.163
dc625.4shared.com
 74.117.178.183
upsdjournal.com
 162.215.254.118
dc543.4shared.com
 74.117.178.97
aadcdn.msftauth.net
 0.0.0.0
assets.onestore.ms
 0.0.0.0
ajax.aspnetcdn.com
 0.0.0.0
stats.g.doubleclick.net
 0.0.0.0
us17.campaign-archive.com
 0.0.0.0
g.msn.com
 0.0.0.0
code.jquery.com
 0.0.0.0

URLs

Name Detection
https://developer.yahoo.com/flurry/end-user-opt-out/
https://aadcdn.msftauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico~(
https://www.clicktale.net/disable.html
Click to see the 90 hidden entries
https://dc625.4shared.com/img/9_M_56V4fi/s24/16b9e153370/sidekick_s.png
https://dc599.4shared.com/img/SdTkxFcagm/s24/16b9e2730e8/RE1Mu3b?async&rand=0.8327700981417001
https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protectio
https://aadcdn.msftauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico~
https://www.xbox.com
https://us17.camp
https://upsdjournal.com/upload/Secure/$Sign
http://fontello.com
https://code.jquery.com/jquery-3.1.1.min.js
https://us17.campaign-archive.com/?u=cRoot
https://aadcdn.msftauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css
https://us17.campcom/en-US/servicesagreement/Root
http://www.nytimes.com/
https://www.adjust.com/opt-out/
https://www.aboutads.info/
https://www.skype.com/go/store.reactivate.credit
https://aadcdn.msftauth.net/ests/2.1/content/images/applogos/53_8b36337037cff88c3df203bb73d58e41.png
https://www.here.com/)
https://mixer.com/contact
https://www.youronlinechoices.com/
https://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager.html
https://aadcdn.msftauth.net/ests/2.1/content/images/ellipsis_grey_5bc252567ef56db648207d9c36a9d004.p
http://jquery.com/
https://us17.campRoot
https://www.linkedin.com/legal/privacy-policy
https://github.com/h5bp/html5-boilerplate/blob/master/src/css/main.css
http://www.live.com/
https://www.skype.com/legal/broadcast
http://www.wikipedia.com/
https://www.microsoft.
https://mixer.com/about/tos
https://www.skype.com/go/legal
https://us17.campm/upload/Secure/92dc58b08f26519f675cd5&id=a3992a569cRoot
http://www.youtube.com/
https://www.google.%/ads/ga-audiences
http://fontello.comiconsRegulariconsiconsVersion
https://us17.campoft.com/en-US/privacystatementRoot
https://us17.campaign-archive.com/?u=ca192dc58b08f26519f675cd5&id=a3992a569cRoot
https://www.skype.com/go/allrates
https://aadcdn.msftauth.net/ests/2.1/content/images/picker_account_add_56e73414003cdb676008ff7857343
http://fontawesome.io/license
https://aadcdn.msftauth.net/ests/2.1/content/images/ellipsis_grey_2b5d393db04a5e6e1f739cb266e65b4c.s
https://upsdjournal.com/upload/Secure/92dc58b08f26519f675cd5&id=a3992a569cn
https://aadcdn.msftauth.net/ests/2.1/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.s
https://us17.campaign-archive.com/?u=ca192dc58b08f26519f675cd5&id=a3992a569c
https://us17.campaign-archive.com/?u=ca192dc58b08f26519f675cd5&id=a3992a569c
http://www.asp.net/ajaxlibrary/CDN.ashx.
https://upsdjournal.co
https://aadcdn.msftauth.net/ests/2.1/content/images/picker_account_aad_9de70d1c5191d1852a0d5aac28b44
http://www.amazon.com/
https://www.adr.org
https://upsdjournal.com/upload/Secure/
https://aadcdn.msftauth.net/ests/2.1/content/images/ellipsis_635a63d500a92a0b8497cdc58d0f66b1.svg
https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&
https://www.youradchoices.ca/fr
https://aadcdn.msftauth.net/ests/2.1/content/images/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg
http://sizzlejs.com/
https://www.optimizely.com/legal/opt-out/
https://aadcdn.msftauth.net/ests/2.1/content/images/picker_more_7568a43cf440757c55d2e7f51557ae1f.svg
http://jquery.org/license
https://www.skype.com/go/ustax
https://www.acuityads.com/opt-out/
https://login.skype.com/login
https://signin.kissmetrics.com/privacy/#controls
https://aka.ms/redeemrewards
http://fontawesome.io
https://www.appsflyer.com/optout
http://www.reddit.com/
http://github.com/requirejs/almond/LICENSE
https://priv-policy.imrworldwide.com/priv/browser/us/en/optout.html
https://www.youradchoices.ca
https://aadcdn.msftauth.net/ests/2.1/content/images/ellipsis_96f69d0cefd8a8ba623a182c351ccc64.png
http://www.mpegla.com
https://stats.g.doubleclick.net/j/collect
https://twitter.com/share?url=https%3A%2F%2Fus17.campaign-archive.com%2F%3Fu%3Dca192dc58b08f26519f67
https://aadcdn.msftauth.net/ests/2.1/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.
https://us17.campaign-archive.com/
https://privacy.micros
http://www.imagemagick.org
https://www.skype.com
https://us17.campaign-archive.com/css/archivebar-desktop.css
https://skype.com/go/myaccount
https://ondemand.webtrends.com/support/optout.asp
https://www.privacyshield.gov/welcome
https://us17.camparchive.com/?u=ca192dc58b08f26519f675cd5&id=a3992a569cRoot
https://aka.ms/taxservice
https://us17.campaign-
http://www.twitter.com/
https://www.xbox.com/en-US/Legal/CodeOfConduct

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\Secure[1].htm
 HTML document, UTF-8 Unicode text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\RE1Mu3b[1].png
 PNG image data, 216 x 46, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\picker_account_aad_9de70d1c5191d1852a0d5aac28b44a6c[1].svg
 SVG Scalable Vector Graphics image
 #
Click to see the 60 hidden entries
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd[1].svg
 SVG Scalable Vector Graphics image
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\latest[2].eot
 Embedded OpenType (EOT), Segoe UI family
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\latest[1].eot
 Embedded OpenType (EOT), Segoe UI Semibold family
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\ellipsis_grey_2b5d393db04a5e6e1f739cb266e65b4c[1].svg
 SVG Scalable Vector Graphics image
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\ellipsis_635a63d500a92a0b8497cdc58d0f66b1[1].svg
 SVG Scalable Vector Graphics image
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410[1].svg
 SVG Scalable Vector Graphics image
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\picker_account_add_56e73414003cdb676008ff7857343074[1].svg
 SVG Scalable Vector Graphics image
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\AH7Q0563.htm
 HTML document, UTF-8 Unicode text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\53_8b36337037cff88c3df203bb73d58e41[1].png
 PNG image data, 342 x 72, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\shell.min[1].css
 UTF-8 Unicode text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\script[1].js
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\latest[1].woff
 Web Open Font Format, TrueType, length 35900, version 0.0
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\favicon_a_eupayfgghqiai7k9sol6lg2[1].ico
 MS Windows icon resource - 6 icons, 128x128, 16 colors, 72x72, 16 colors
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\favicon[2].ico
 MS Windows icon resource - 6 icons, 128x128, 16 colors, 72x72, 16 colors
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\arrow_px_up[1].gif
 GIF image data, version 89a, 7 x 9
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\picker_more_7568a43cf440757c55d2e7f51557ae1f[1].svg
 SVG Scalable Vector Graphics image
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\4d-6e4c52[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\analytics[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\font-awesome[1].css
 troff or preprocessor input, ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\latest[1].eot
 Embedded OpenType (EOT), Segoe UI Light family
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\mscc-0.4.2.min[1].css
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\mscc-0.4.2.min[1].js
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\mwfmdl2-v3.54[1].woff
 Web Open Font Format, TrueType, length 26288, version 0.0
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\print-icon[1].png
 PNG image data, 16 x 16, 8-bit/color RGB, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\script[1].js
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\style[1].css
 UTF-8 Unicode text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Temp\~DF3E0B3F9A82A7DD80.TMP
 data
 #
C:\Users\user\AppData\Local\Temp\~DF4E3F96BB0DCF42ED.TMP
 data
 #
C:\Users\user\AppData\Local\Temp\~DFDBFABEB4315C57E4.TMP
 data
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\archivebar-desktop[1].css
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{012FFA83-D2B3-11EA-90E5-ECF4BBEA1588}.dat
 Microsoft Word Document
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{0AFBD436-D2B3-11EA-90E5-ECF4BBEA1588}.dat
 Microsoft Word Document
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-17529550060\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-18270793970\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-21706820\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-314712940\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-4759708130\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-6757900\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-8760897390\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20259167780\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20332743330\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin8215062560\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\gee00pr\imagestore.dat
 data
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\12-b98955[1].css
 UTF-8 Unicode text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\RE1Mu3b[1].png
 PNG image data, 216 x 46, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{012FFA81-D2B3-11EA-90E5-ECF4BBEA1588}.dat
 Microsoft Word Document
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\favicon[2].ico
 MS Windows icon resource - 6 icons, 128x128, 16 colors, 72x72, 16 colors
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\icons[1].eot
 Embedded OpenType (EOT), icons family
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\jquery-1.11.2.min[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\jquery-1.7.2.min[1].js
 HTML document, UTF-8 Unicode text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\jquery-3.1.1.min[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\jquery.min[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\override[1].css
 ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\privacystatement[1].htm
 HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\script[1].js
 UTF-8 Unicode text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\servicesagreement[1].htm
 HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\style[1].css
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\2_bc3d32a696895f78c19df6c717586a5d[1].svg
 SVG Scalable Vector Graphics image
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\Print[1].png
 PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\app[1].css
 ASCII text, with very long lines, with CRLF, LF line terminators
 #