Joe Sandbox Cloud Basic

Want to search on specific fields?


Try our:

Advanced Search

Want to search in depth on all Cloud Basic reports?

Try: Joe Sandbox View

Register Login
sloganpng
top title background image
flash

http://kiana-leather.com/wp-admin/access/file/onedri

Status: finished
Submission Time: 2020-10-17 00:36:40 +02:00
Malicious
Phishing
HTMLPhisher

Comments

Tags

Details

  • Analysis ID:
    299554
  • API (Web) ID:
    494208
  • Analysis Started:
    2020-10-17 00:36:41 +02:00
  • Analysis Finished:
    2020-10-17 00:40:58 +02:00
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
Full Report Management Report IOC Report
malicious
Score: 100
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

Open Full Report
malicious
Score: 10/80
malicious
malicious
malicious

IPs

IP Country Detection
176.9.11.210
 Germany
104.17.79.107
 United States

Domains

Name IP Detection
cdnjs.cloudflare.com
 104.17.79.107
kiana-leather.com
 176.9.11.210
code.jquery.com
 0.0.0.0
Click to see the 2 hidden entries
maxcdn.bootstrapcdn.com
 0.0.0.0
favicon.ico
 0.0.0.0

URLs

Name Detection
http://kiana-leather.com/wp-admin/access/file/onedri/images/officelogo.png
http://kiana-leather.com/wp-admin/access/file/onedri/images/officebg.jpg
http://kiana-leather.com/wp-admin/access/file/onedri/images/office.png
Click to see the 41 hidden entries
http://kiana-leather.com/wp-admin/access/file/onedri/images/webmaillogo.png
http://kiana-leather.com/wp-admin/access/file/onedri/
http://kiana-leather.com/wp-admin/access/file/onedri/images/microsoftlogo.png
http://kiana-leather.com/wp-admin/access/file/onedri/images/microbg.jpg
http://kiana-leather.com/wp-admin/access/file/onedri/office.php
http://kiana-leather.com/wp-admin/access/file/onedri/webmail.php
http://kiana-leather.com/wp-admin/access/file/onedri/images/mail.png
http://kiana-leather.com/wp-admin/access/file/onedri/microsoft.phpBSign
http://kiana-leather.com/wp-admin/access/file/onedri/Root
http://kiana-leather.com/wp-admin/access/file/onedri
http://kiana-leather.com/wp-admin/access/file/onedri/
http://kiana-leather.com/wp-admin/access/file/onedri/images/landing-devices-bg.jpg
http://kiana-leather.com/wp-admin/access/file/onedri/js/bootstrap.min.js
http://kiana-leather.com/wp-admin/access/file/onedri/microsoft.php
http://kiana-leather.com/wp-admin/access/file/onedri/webmail.php
http://kiana-leather.com/wp-admin/access/file/onedri/images/outlook.png
http://kiana-leather.com/wp-admin/access/file/onedri/microsoft.php
http://kiana-leather.com/wp-admin/access/file/onedri/office.php
http://kiana-leather.com/wp-admin/access/file/onedri/images/Onedrive-logo.png
http://kiana-leather.com/wp-admin/access/file/onedri/css/style.css
http://kiana-leather.com/wp-admin/access/file/onedri/css/bootstrap.min.css
http://kiana-leather.com/favicon.ico
http://kiana-leather.com/wp-admin/access/file/onekiana-leather.com/wp-admin/access/file/onedri/
http://kiana-leather.com/favicon.icoA
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.6/js/bootstrap.min.js
http://kiana-leather.c
https://github.com/twbs/bootstrap/blob/master/LICENSE)
https://getbootstrap.com)
http://kiana-leather.com/wp-admin/access/file/oneom/wp-admin/access/file/onedri/mkiana-leather.com/w
https://cdnjs.cloudflare.com/ajax/libs/tether/1.4.0/js/tether.min.js
http://kiana-leather.com/wp-admin/access/file/oneom/wp-admin/access/file/onedri/wkiana-leather.com/w
https://github.com/twbs/bootstrap/graphs/contributors)
https://code.jquery.com/jquery-3.1.1.slim.min.js
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
http://fontawesome.io/license/
http://fontawesome.io/license
http://kiana-leather.com/wp-admin/access/file/oneom/wp-admin/access/file/onedri/okiana-leather.com/w
http://fontawesome.iohttp://fontawesome.iohttp://fontawesome.io/license/http://fontawesome.io/licens
http://kiana-leather.com/wp-admin/access/file/oneRoot
http://fontawesome.io
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.6/css/bootstrap.min.css

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\microsoft[1].htm
 HTML document, UTF-8 Unicode (with BOM) text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\office[1].htm
 HTML document, ASCII text
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\webmail[1].htm
 HTML document, ASCII text
 #
Click to see the 40 hidden entries
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\onedri[1].htm
 HTML document, ASCII text
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\bootstrap.min[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\memnYaGs126MiZpBA-UFUKW-U9hrIqU[1].woff
 Web Open Font Format, TrueType, length 17788, version 1.1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\font-awesome.min[1].css
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\jquery-3.1.1.slim.min[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\mail[1].png
 PNG image data, 100 x 87, 8-bit colormap, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\style[1].css
 ASCII text
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\Onedrive-logo[1].png
 PNG image data, 170 x 114, 8-bit colormap, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\bootstrap.min[1].css
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\mem6YaGs126MiZpBA-UFUK0Zdcs[1].woff
 Web Open Font Format, TrueType, length 17440, version 1.1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\memnYaGs126MiZpBA-UFUKWiUNhrIqU[1].woff
 Web Open Font Format, TrueType, length 17452, version 1.1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\memnYaGs126MiZpBA-UFUKWyV9hrIqU[1].woff
 Web Open Font Format, TrueType, length 17668, version 1.1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\officebg[1].jpg
 JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1420x1080, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\officelogo[1].png
 PNG image data, 163 x 75, 8-bit colormap, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\onedri[1].htm
 HTML document, ASCII text
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\webmaillogo[1].png
 PNG image data, 322 x 50, 8-bit colormap, non-interlaced
 #
C:\Users\user\AppData\Local\Temp\~DF68ACAC4C769D196B.TMP
 data
 #
C:\Users\user\AppData\Local\Temp\~DF7A268CC854F39FC3.TMP
 data
 #
C:\Users\user\AppData\Local\Temp\~DFACC945A4E439F5ED.TMP
 data
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\outlook[1].png
 PNG image data, 213 x 211, 8-bit colormap, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{9C093498-104B-11EB-90E4-ECF4BB862DED}.dat
 Microsoft Word Document
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{9C093499-104B-11EB-90E4-ECF4BB862DED}.dat
 Microsoft Word Document
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\ynfz0jx\imagestore.dat
 data
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\22-1[1].png
 PNG image data, 151 x 60, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\bootstrap.min[1].css
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\fontawesome-webfont[1].eot
 Embedded OpenType (EOT), FontAwesome family
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\landing-devices-bg[1].jpg
 JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1200x800, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\microbg[1].jpg
 JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1080, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\microsoftlogo[1].png
 PNG image data, 115 x 26, 8-bit colormap, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\office[1].png
 PNG image data, 512 x 512, 8-bit colormap, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\memnYaGs126MiZpBA-UFUKXGUdhrIqU[1].woff
 Web Open Font Format, TrueType, length 17492, version 1.1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\tether.min[1].js
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\bootstrap.min[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\css[1].css
 ASCII text
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\mem5YaGs126MiZpBA-UN7rgOUuhv[1].woff
 Web Open Font Format, TrueType, length 18900, version 1.1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\mem5YaGs126MiZpBA-UN8rsOUuhv[1].woff
 Web Open Font Format, TrueType, length 19072, version 1.1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\mem5YaGs126MiZpBA-UN_r8OUuhv[1].woff
 Web Open Font Format, TrueType, length 18668, version 1.1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\mem5YaGs126MiZpBA-UNirkOUuhv[1].woff
 Web Open Font Format, TrueType, length 18696, version 1.1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\mem8YaGs126MiZpBA-UFVZ0d[1].woff
 Web Open Font Format, TrueType, length 18100, version 1.1
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{9C093496-104B-11EB-90E4-ECF4BB862DED}.dat
 Microsoft Word Document
 #