top title background image
flash

http://www.bit.ly/3iFKTZK

Status: finished
Submission Time: 2020-09-16 10:59:02 +02:00
Malicious
Phishing
Phisher

Comments

Tags

Details

  • Analysis ID:
    286242
  • API (Web) ID:
    467649
  • Analysis Started:
    2020-09-16 10:59:02 +02:00
  • Analysis Finished:
    2020-09-16 11:02:50 +02:00
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
malicious
Score: 68
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

malicious

IPs

IP Country Detection
169.60.179.238
United States
67.199.248.11
United States
188.127.225.2
Russian Federation

Domains

Name IP Detection
s305936.smrtp.ru
188.127.225.2
bit.ly
67.199.248.11
maptechinfo.com
169.60.179.238
Click to see the 2 hidden entries
www.bit.ly
0.0.0.0
code.jquery.com
0.0.0.0

URLs

Name Detection
http://www.wikipedia.com/
http://s305936.smrtp.ru/UB4x3eYjULL0iEmRGrJ3FCFWpk9erBJCCE06iOf3aqs8wWQ2DawJ/App26a1227/?verify=LE1U
http://www.twitter.com/
Click to see the 21 hidden entries
http://www.reddit.com/
https://code.jquery.com/jquery-3.4.1.min.js
http://s305936.smrtp.ru/UB4x3eYjULL0iEmRGrJ3FCFWpk9erBJCCE06iOf3aqs8wWQ2DawJ/App26a1227/css/transition.css
http://maptechinfo.com/wordpress/wp-content/plugins/wp-file-manager/lib/files/MQ8743nf.php?65we4f65qf4efe6w4f6wef21fw564
http://s305936.smrtp.ru/favicon.ico
http://www.live.com/
http://s305936.smrtp.ru/UB4x3eYjULL0iEmRGrJ3FCFWpk9erBJCCE06iOf3aqs8wWQ2DawJ/App26a1227/scripts/script.js
http://www.bit.ly/3iFKTZK
http://www.amazon.com/
http://s305936.smrtp.ru/UB4x3eYjULL0iEmRGrJ3FCFWpk9erBJCCE06iOf3aqs8wWQ2DawJ/Root
http://s305936.smrtp.ru/UB4x3eYjULL0iEmRGrJ3FCFWpk9erBJCCE06iOf3aqs8wWQ2DawJ/App26a1227/scripts/jquery.mask.min.js
http://s305936.smrtp.ru/UB4x3eYjULL0iEmRGrJ3FCFWpk9erBJCCE06iOf3aqs8wWQ2DawJ/App26a1227/?verify=LE1UDI8VLE1U-LFJ3-LE1ULFJ3LFJ3-RZIHLFJ3&sessionUser=b80298629b6a2b486a149faabb4e6f46&userLogin=98f13708210194c475687be6106a3b84
http://www.youtube.com/
http://s305936.smrtp.ru/UB4x3eYjULL0iEmRGrJ3FCFWpk9erBJCCE06iOf3aqs8wWQ2DawJ/App26a1227/favicon.ico
http://s305936.smrtp.ru/UB4x3eYjULL0iEmRGrJ3FCFWpk9erBJCCE06iOf3aqs8wWQ2DawJ/
http://maptechinfo.com/wordpress/wp-content/plugins/wp-file-manager/lib/files/MQ8743nf.php?65we4f65q
http://s305936.smrtp.ru/UB4x3eYjULL0iEmRGrJ3FCFWpk9erBJCCE06iOf3aqs8wWQ2DawJ/App26a1227/css/style.css
http://bit.ly/3iFKTZK
http://s305936.smrtp.ru/UB4x3eYjULL0iEmRGrJ3FCFWpk9erBJCCE06iOf3aqs8wWQ2DawJ/App26a1227/images/logo.png
http://s305936.smrtp.ru/UB4x3eYjULL0iEmRGrJ3FCFWpk9erBJCCE06iOf3aqs8wWQ2DawJ/u/UB4x3eYjULL0iEmRGrJ3F
http://www.nytimes.com/

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\UB4x3eYjULL0iEmRGrJ3FCFWpk9erBJCCE06iOf3aqs8wWQ2DawJ[1].htm
ASCII text, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\App26a1227[1].htm
HTML document, ASCII text
#
C:\Users\user\AppData\Local\Temp\~DFD19F91636F992317.TMP
data
#
Click to see the 28 hidden entries
C:\Users\user\AppData\Local\Temp\~DF90E51E5456C83BCB.TMP
data
#
C:\Users\user\AppData\Local\Temp\~DF5F256E407BA6257E.TMP
data
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\script[1].js
ASCII text
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\jquery.mask.min[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\3iFKTZK[1].htm
HTML document, ASCII text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\transition[1].css
ASCII text
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\style[1].css
ASCII text
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvoorCIPrc[1].woff
Web Open Font Format, TrueType, length 24372, version 1.1
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\1Ptxg8zYS_SKggPN4iEgvnHyvveLxVsEpbCIPrc[1].woff
Web Open Font Format, TrueType, length 25220, version 1.1
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\logo[1].png
PNG image data, 306 x 63, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\css[1].css
ASCII text
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\3iFKTZK[1].htm
HTML document, ASCII text
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\jquery-3.4.1.min[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{6B9A4BA2-F846-11EA-90E2-ECF4BB862DED}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrc[1].woff
Web Open Font Format, TrueType, length 24900, version 1.1
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\1Ptxg8zYS_SKggPN4iEgvnHyvveLxVuEorCIPrc[1].woff
Web Open Font Format, TrueType, length 24824, version 1.1
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin8215062560\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20332743330\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20259167780\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-8760897390\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-6757900\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-4759708130\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-314712940\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-21706820\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-18270793970\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-17529550060\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{6B9A4BA5-F846-11EA-90E2-ECF4BB862DED}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{6B9A4BA4-F846-11EA-90E2-ECF4BB862DED}.dat
Microsoft Word Document
#