Register Login

sloganpng

top title background image

http://wuftzayaebbtzem.activeinernational.com/espnxx/ZGFuaXNhLndpbGxpYW1zQGdlYXBwbGlhbmNlcy5jb20=

Status: finished

Submission Time: 2020-10-15 17:56:43 +02:00

Malicious

Phishing

HTMLPhisher

Comments

Tags

Details

Analysis ID:
298795
API (Web) ID:
492716
Analysis Started:

2020-10-15 17:58:20 +02:00
Analysis Finished:

2020-10-15 18:02:04 +02:00
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
	Full Report Management Report IOC Report	malicious Score: 72	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

malicious

IPs

IP	Country	Detection
162.241.5.177	United States
23.247.102.108	United States

Domains

Name	IP	Detection
wuftzayaebbtzem.activeinernational.com	23.247.102.108
elsfwa.com	162.241.5.177

URLs

Name	Detection
https://elsfwa.com/site/partner3/lib/img/favicon.ico~
https://elsfwa.com/site/partner3/?danisa.williams
https://elsfwa.com/site/partner3/1cexjdblkshxqjegtvhe5cfh.php?MTYwMjc3NzU1OGE1OWNlZGZjNzI5ZGEwNTg4Nm
Click to see the 2 hidden entries
https://elsfwa.com/site/partner3/lib/img/favicon.ico
https://elsfwa.com/site/partner3/lib/img/favicon.ico~(

Dropped files

Name	File Type	Hashes	Detection
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3Y2ADQKS\1cexjdblkshxqjegtvhe5cfh[1].htm	HTML document, UTF-8 Unicode text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{CD180BED-0F4A-11EB-90E5-ECF4BB2D2496}.dat	Microsoft Word Document	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{CD180BEF-0F4A-11EB-90E5-ECF4BB2D2496}.dat	Microsoft Word Document	#
Click to see the 13 hidden entries
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{D7602CEB-0F4A-11EB-90E5-ECF4BB2D2496}.dat	Microsoft Word Document	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\wlm7n14\imagestore.dat	data	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3Y2ADQKS\background[1].jpg	[TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2], progressive, precision 8, 1920x1080, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3Y2ADQKS\login[1].css	ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9QTQHWWN\ZGFuaXNhLndpbGxpYW1zQGdlYXBwbGlhbmNlcy5jb20=[1].htm	HTML document, ASCII text	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9QTQHWWN\favicon[1].ico	MS Windows icon resource - 6 icons, 128x128, 16 colors, 72x72, 16 colors	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9QTQHWWN\white_ellipsis[1].svg	SVG Scalable Vector Graphics image	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\G62TDH9B\arrow[1].svg	SVG Scalable Vector Graphics image	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\logo2[1].svg	SVG Scalable Vector Graphics image	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\logo3[1].png	PNG image data, 342 x 72, 4-bit colormap, non-interlaced	#
C:\Users\user\AppData\Local\Temp\~DF1D2A2AD58E32361C.TMP	data	#
C:\Users\user\AppData\Local\Temp\~DF1E9F711CF262AE1C.TMP	data	#
C:\Users\user\AppData\Local\Temp\~DF31150979467F106C.TMP	data	#