message_zdm.htm

Status: finished

Submission Time: 2020-08-12 13:24:08 +02:00

Clean

Comments

Details

Analysis ID:
262844
API (Web) ID:
422281
Analysis Started:

2020-08-12 13:27:11 +02:00
Analysis Finished:

2020-08-12 13:36:53 +02:00
MD5:
95e6b9031150ad6a1c131bc9e0a4a8cb
SHA1:
c7a03361cfa6cd75ee83871c6db3145094665e68
SHA256:
4ed7f15614586f7e5c279f59c9a23f29eafa26e2f9bf313f32e914c0346a3e68
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
	Full Report Management Report IOC Report	clean Score: 2	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

IPs

IP	Country	Detection
148.72.250.194	United States
52.109.12.51	United States
172.67.83.132	United States

Domains

Name	IP	Detection
asf-ris-prod-neurope.northeurope.cloudapp.azure.com	168.63.67.155
dubosewonka.com	148.72.250.194
www.sway-cdn.com	23.39.66.13
Click to see the 6 hidden entries
sway.com	52.109.12.51
is.gd	172.67.83.132
sway.office.com	0.0.0.0
assets.onestore.ms	0.0.0.0
eus-www.sway-cdn.com	0.0.0.0
ajax.aspnetcdn.com	0.0.0.0

URLs

Name	Detection
http://fontello.com
https://office.live.com/start/Calendar.aspx?ui=en%2DUS&rs=US
https://dubosewonka.com/206/?https://www.office.com/l/AAChI-ex5t9XSZvDp41PqTT55By1LqR-kbQ/h
Click to see the 78 hidden entries
https://eus-www.sway-cdn.com/20158057306_Content/StoryPage.js
https://sway.office.com/AFzlJMuJoToJDSSM?ref=Link:This
https://www.clicktale.net/disable.html
https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protectio
https://www.xbox.com
https://support.office.com/article/Enable-JavaScript-7BB9EE74-6A9E-4DD1-BABF-B0A1BB136361
https://sway.office.com/AFzlJMuJoToJDSSM?ref=Link&loc=play
http://hammerjs.github.io/
https://eus-www.sway-cdn.com/Content/CommonDiagnostics-Sway-1.0.0.js
https://developer.yahoo.com/flurry/end-user-opt-out/
https://dubosewonka.com/206/?https://www.office.com/l/AAChI-ex5t9XSZvDp41PqTT55By1LqR-kbQ/h.Sign
https://sway.office.com/Content/wapsw.png?b=1601312710000
http://www.nytimes.com/
https://www.onenote.com/notebooks?ui=en%2DUS&rs=US
https://www.adjust.com/opt-out/
https://www.office.com?ui=en%2DUS&rs=US
https://www.aboutads.info/
https://sway.office.com/AFzlJMuJoToJDSSM?ref=Linkm/AFzlJMuJoToJDSSM?ref=LinkRoot
https://sway.office.com/AFzlJMuJoToJDSSM?ref=LinkRoot
https://eus-www.sway-cdn.com/20158057306_Content/Preload.js
https://sway.office.com/AFzlJMuJoToJDSSM?accessible=trueookiessimilartechnologiesmoduleay.office.com
https://sway.office.co/Desktop/message_zdm.htmm/AFzlJMuJoToJDSSM?ref=LinkRoot
https://www.linkedin.com/legal/privacy-policy
https://github.com/h5bp/html5-boilerplate/blob/master/src/css/main.css
http://www.live.com/
https://office.live.com/start/PowerPoint.aspx?ui=en%2DUS&rs=US
https://office.live.com/start/Excel.aspx?ui=en%2DUS&rs=US
http://www.wikipedia.com/
https://www.here.com/)
https://eus-www.sway-cdn.com/20158057306_Content/favicon.ico~
https://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager.html
https://office.live.com/start/Word.aspx?ui=en%2DUS&rs=US
https://office.live.com/start/OneDrive.aspx?ui=en%2DUS&rs=US
http://www.youtube.com/
https://sway.office.com/AFzlJMuJoToJDSSM?ref=Link
http://fontello.comiconsRegulariconsiconsVersion
https://sway.office.com/AFzlJMuJoToJDSSM?accessible=truedThis
https://sway.office.com/AFzlJMuJoToJDSSM?accessible=true
http://www.amazon.com/
https://sway.office.com/AFzlJMuJoToJDSSM?ref=Linkoft.com/en-us/privacystatement#me.com/AFzlJMuJoToJD
https://sway.office.com/AFzlJMuJoToJDSSM?ref=Linke.com/AFzlJMuJoToJDSSM?ref=Link
https://ondemand.webtrends.com/support/optout.asp
https://www.privacyshield.gov/welcome
http://www.twitter.com/
https://sway.office.com/Content/en-US/Globe_Light.20x20x32.png?b=1601312710000
https://office.live.com/start/People.aspx?ui=en%2DUS&rs=US
https://modernizr.com/download/?-animation-canvas-cssfilters-csstransforms-flexbox-geolocation-prese
http://www.asp.net/ajaxlibrary/CDN.ashx.
https://dubosewonka.co
https://office.live.com/start/Outlook.aspx?ui=en%2DUS&rs=US
https://sway.office.com/AFzlJMuJoToJDSSM?accessible=trueookiessimilartechnologiesmodule
http://jqueryui.com
https://www.youradchoices.ca/fr
https://pickit.com/terms-privacy/
https://www.optimizely.com/legal/opt-out/
https://eus-www.sway-cdn.com/Content/modernizr-3.3.1-custom.js
https://www.acuityads.com/opt-out/
https://login.skype.com/login
https://web.skype.com/?source=wac&ui=en%2DUS&rs=US
https://eus-www.sway-cdn.com/Content/jquery-ui-1.11.4-custom.js
https://www.youronlinechoices.com/
http://www.reddit.com/
http://github.com/requirejs/almond/LICENSE
https://sway.office.com/AFzlJMuJoToJDSSM?ref=Linkm/AFzlJMuJoToJDSSM?accessible=tre.com/AFzlJMuJoToJD
https://priv-policy.imrworldwide.com/priv/browser/us/en/optout.html
https://eus-www.sway-cdn.com/20158057306_Content/en-us/Resources.js
https://www.youradchoices.ca
https://eus-www.sway-cdn.com/20158057306_Content/favicon.ico
https://signin.kissmetrics.com/privacy/#controls
https://sway.com?ui=en%2DUS&rs=US
https://eus-www.sway-cdn.com/Content/jquery-2.2.4-custom-1.js
https://sway.office.co
https://eus-www.sway-cdn.com/20158057306_Content/Common.js
https://sway.officRoot
https://privacy.micros
https://www.appsflyer.com/optout
https://sway.office.com/AFzlJMuJoToJDSSM?ref=Linkm/206/?https://www.office.com/l/e.com/AFzlJMuJoToJD
https://eus-www.sway-cdn.com/20158057306_Content/tdb.js

Dropped files

Name	File Type	Hashes
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\latest[1].eot	Embedded OpenType (EOT), Segoe UI Light family	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\Hammer-2.0.4[1].js	ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\FcigGFO357[1].png	PNG image data, 80 x 24, 8-bit/color RGBA, non-interlaced	#
Click to see the 73 hidden entries
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\CommonDiagnostics-Sway-1.0.0[1].js	Non-ISO extended-ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\story_cluster[1].css	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\story[1].png	PNG image data, 310 x 319, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\override[1].css	ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\mscc-0.4.2.min[1].js	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\mscc-0.4.2.min[1].css	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\modernizr-3.3.1-custom[1].js	ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\Preload[1].css	ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\jquery-ui-1.11.4-custom[1].js	ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\jquery-2.2.4-custom-1[1].js	ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\icons[1].eot	Embedded OpenType (EOT), icons family	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\StoryPage[1].css	ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\OfficeBrowserFeedback[1].js	UTF-8 Unicode text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\Home[1].css	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\Common[1].css	ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\AFzlJMuJoToJDSSM[1].htm	HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF, LF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\okta-sign-in[1].css	ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Temp\~DF81BBDA4C2C25AB1A.TMP	data	#
C:\Users\user\AppData\Local\Temp\~DF45A0583593BACE1B.TMP	data	#
C:\Users\user\AppData\Local\Temp\~DF0D6BEF7B2AFDE1F0.TMP	data	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\traveling_dots1color_shorter_white[1].gif	GIF image data, version 89a, 439 x 8	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\tdb[1].js	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\style[1].css	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\script[1].js	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\privacystatement[1].htm	HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\print-icon[1].png	PNG image data, 16 x 16, 8-bit/color RGB, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\whitespinner.32x32[1].gif	GIF image data, version 89a, 32 x 32	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\modernizr-3.3.1-custom[1].js	ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\loginpage-theme[1].css	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\jquery-ui-1.11.4-custom[1].js	ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\jquery-2.2.4-custom-1[1].js	ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\jquery-1.11.2.min[1].js	ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\fs0o5cu0esFQtgFSr356[1].png	PNG image data, 108 x 24, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\RE1Mu3b[1].png	PNG image data, 216 x 46, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\Preload[1].js	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-8760897390\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\common_raw[1].js	C source, ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\app[1].css	ASCII text, with very long lines, with CRLF, LF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\Common[1].js	UTF-8 Unicode text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\CommonDiagnostics-Sway-1.0.0[1].js	Non-ISO extended-ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\206[1].htm	HTML document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\ynfz0jx\imagestore.dat	data	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin8215062560\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20332743330\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20259167780\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\favicon[1].ico	MS Windows icon resource - 6 icons, 128x128, 16 colors, 72x72, 16 colors	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-6757900\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-4759708130\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-314712940\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-21706820\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-18270793970\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-17529550060\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5994D4E2-DCDA-11EA-90E0-ECF4BB862DED}.dat	Microsoft Word Document	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{52D4F899-DCDA-11EA-90E0-ECF4BB862DED}.dat	Microsoft Word Document	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\Hammer-2.0.4[1].js	ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\swayiconb[1].woff	Web Open Font Format, TrueType, length 17748, version 1.0	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\swayicon[1].woff	Web Open Font Format, TrueType, length 22140, version 1.0	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\latest[2].eot	Embedded OpenType (EOT), Segoe UI Semibold family	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\latest[1].eot	Embedded OpenType (EOT), Segoe UI family	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\favicon[1].ico	MS Windows icon resource - 3 icons, 32x32, 32 bits/pixel, 24x24, 32 bits/pixel	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\c3-92aca2[1].css	UTF-8 Unicode text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\botye[1].jpg	[TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=paint.net 4.2.9], baseline, precision 8, 50x28, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\StoryPage[1].js	UTF-8 Unicode text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\Resources[1].js	UTF-8 Unicode text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{52D4F897-DCDA-11EA-90E0-ECF4BB862DED}.dat	Microsoft Word Document	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\GeorgiaPro-Regular[1].woff	Web Open Font Format, TrueType, length 98188, version 0.0	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\4d-6e4c52[1].js	ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\universc[1].woff	Web Open Font Format, TrueType, length 51108, version 1.0	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\univers[1].woff	Web Open Font Format, TrueType, length 48376, version 1.0	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\swayicont[1].woff	Web Open Font Format, TrueType, length 6140, version 1.0	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\swayiconsl[1].woff	Web Open Font Format, TrueType, length 17928, version 1.0	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\swayiconsb[1].woff	Web Open Font Format, TrueType, length 23704, version 1.0	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\shell.min[1].css	UTF-8 Unicode text, with very long lines, with no line terminators	#

message_zdm.htm

Comments

Tags

Available tags:

Details

Joe Sandbox

IPs

Domains

URLs

Dropped files

message_zdm.htm Options

Comments

Tags

Available tags:

Details

Joe Sandbox

IPs

Domains

URLs

Dropped files

Search started

message_zdm.htm