Joe Sandbox Cloud Basic

Want to search on specific fields?


Try our:

Advanced Search

Want to search in depth on all Cloud Basic reports?

Try: Joe Sandbox View

Register Login
sloganpng
top title background image
flash

https://cyttatesful.com/CD/nridistribution.com/office_365_authentication/owa.php

Status: finished
Submission Time: 2020-09-23 23:35:50 +02:00
Malicious
Phishing
HTMLPhisher

Comments

Tags

Details

  • Analysis ID:
    289327
  • API (Web) ID:
    473763
  • Analysis Started:
    2020-09-23 23:35:50 +02:00
  • Analysis Finished:
    2020-09-23 23:39:46 +02:00
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
Full Report Management Report IOC Report
malicious
Score: 92
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

Open Full Report
malicious
Score: 10/80
malicious
malicious

IPs

IP Country Detection
173.82.115.103
 United States
151.101.12.193
 United States
152.199.23.37
 United States
Click to see the 2 hidden entries
151.139.128.8
 United States
104.17.79.107
 United States

Domains

Name IP Detection
kit-free.fontawesome.com
 151.139.128.8
cs1100.wpc.omegacdn.net
 152.199.23.37
cyttatesful.com
 173.82.115.103
Click to see the 6 hidden entries
cdnjs.cloudflare.com
 104.17.79.107
kit.fontawesome.com
 151.139.128.8
ipv4.imgur.map.fastly.net
 151.101.12.193
code.jquery.com
 0.0.0.0
aadcdn.msftauth.net
 0.0.0.0
i.imgur.com
 0.0.0.0

URLs

Name Detection
https://cyttatesful.com/CD/nridistribution.com/office_365_authentication/owa.php
https://cyttatesful.com/CD/nridistribution.com/office_365_authentication/owa.php$Sign
https://cyttatesful.com/CD/nridistribution.com/office_365_authentication/owa.phpRoot
Click to see the 46 hidden entries
https://cyttatesful.com/CD/nridistribution.com/office_365_authentication/owa.php
https://i.imgur.com/I4Qd9nH.jpg);
https://jqueryvalidation.org/
https://jqueryvalidation.org/number-method/
https://code.jquery.com/jquery-3.1.1.min.js
https://jqueryvalidation.org/range-method/
https://jqueryvalidation.org/jQuery.validator.format/
https://aadcdn.msftauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico~
https://aadcdn.msftauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico~(
https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.0/jquery.validate.js
https://jqueryvalidation.org/email-method/
https://jqueryvalidation.org/minlength-method/
https://jqueryvalidation.org/unchecked-selector/
https://jqueryvalidation.org/Validator.form/
https://i.imgur.com/eDXfU9D.png
https://jqueryvalidation.org/url-method/
https://jqueryvalidation.org/validate/
https://jqueryvalidation.org/jQuery.validator.setDefaults/
https://jqueryvalidation.org/rangelength-method/
https://jqueryvalidation.org/maxlength-method/
https://jqueryvalidation.org/step-method/
https://gist.github.com/dperini/729294
https://jqueryvalidation.org/valid/
https://jqueryvalidation.org/digits-method/
https://jqueryvalidation.org/max-method/
https://kit-free.fontawesome.com
https://jqueryvalidation.org/dateISO-method/
https://jqueryvalidation.org/blank-selector/
https://jqueryvalidation.org/remote-method/
https://jqueryvalidation.org/jQuery.validator.addMethod/
https://jqueryvalidation.org/date-method/
https://mathiasbynens.be/demo/url-regex
https://jqueryvalidation.org/Validator.resetForm/
https://jqueryvalidation.org/jQuery.validator.methods/
https://aadcdn.msftauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
https://html.spec.whatwg.org/multipage/forms.html#valid-e-mail-address
https://jqueryvalidation.org/Validator.showErrors/
https://kit.fontawesome.com/7cd4d97275.js
https://jqueryvalidation.org/required-method/
https://aadcdn.msftauth.net/ests/2.1/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.
https://jqueryvalidation.org/min-method/
https://jqueryvalidation.org/equalTo-method/
https://jqueryvalidation.org/filled-selector/
https://jqueryvalidation.org/Validator.element/
https://api.jquery.com/category/selectors/
https://jqueryvalidation.org/rules/

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\owa[1].htm
 HTML document, ASCII text
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\G62TDH9B\eDXfU9D[1].png
 PNG image data, 342 x 72, 4-bit colormap, non-interlaced
 #
C:\Users\user\AppData\Local\Temp\~DFA08C4EE0DFD22D3F.TMP
 data
 #
Click to see the 15 hidden entries
C:\Users\user\AppData\Local\Temp\~DF915E641A080D6276.TMP
 data
 #
C:\Users\user\AppData\Local\Temp\~DF69A9FF2500C45DEE.TMP
 data
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\free.min[1].js
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\css[1].css
 ASCII text
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\7cd4d97275[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\G62TDH9B\jquery-3.1.1.min[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{4BDD8E49-FE30-11EA-90E3-ECF4BB2D2496}.dat
 Microsoft Word Document
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9QTQHWWN\mem8YaGs126MiZpBA-UFVZ0d[1].woff
 Web Open Font Format, TrueType, length 18100, version 1.1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9QTQHWWN\jquery.validate[1].js
 UTF-8 Unicode text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9QTQHWWN\I4Qd9nH[1].jpg
 JPEG image data, baseline, precision 8, 1920x1080, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3Y2ADQKS\microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd[1].svg
 SVG Scalable Vector Graphics image
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3Y2ADQKS\favicon_a_eupayfgghqiai7k9sol6lg2[1].ico
 MS Windows icon resource - 6 icons, 128x128, 16 colors, 72x72, 16 colors
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\wlm7n14\imagestore.dat
 data
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{537F4005-FE30-11EA-90E3-ECF4BB2D2496}.dat
 Microsoft Word Document
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{4BDD8E4B-FE30-11EA-90E3-ECF4BB2D2496}.dat
 Microsoft Word Document
 #