top title background image
flash

https://app.box.com/s/70q04qjreskzhyh84ikrw9hwz58ee6hs

Status: finished
Submission Time: 2020-10-19 16:47:32 +02:00
Malicious
Phishing
HTMLPhisher

Comments

Tags

Details

  • Analysis ID:
    300258
  • API (Web) ID:
    495607
  • Analysis Started:
    2020-10-19 16:47:33 +02:00
  • Analysis Finished:
    2020-10-19 16:53:41 +02:00
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
malicious
Score: 60
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

malicious

IPs

IP Country Detection
185.235.236.200
Germany
185.235.236.197
Germany
162.0.229.41
Canada
Click to see the 1 hidden entries
185.235.236.201
Germany

Domains

Name IP Detection
bhjuijkl.gq
162.0.229.41
a.box.com
185.235.236.197
api.box.com
185.235.236.197
Click to see the 5 hidden entries
public.boxcloud.com
185.235.236.200
account.box.com
185.235.236.197
app.box.com
185.235.236.201
dddd4b9f56934ddc9af1070bd98b8e55.svc.dynamics.com
0.0.0.0
cdn01.boxcdn.net
0.0.0.0

URLs

Name Detection
https://www.box.com/pricing/personal/4ikrw9hwz58ee6hs
https://cdn01.boxcdn.net/fonts/1.0.2/lato/Lato-woff.css
https://github.com/derek-watson/jsUri
Click to see the 76 hidden entries
https://app.box.com/s/70q04qjreskzhyh84ikrw9hwz58ee6hs
https://feross.org
https://app.box.c
http://blog.stevenlevithan.com/archives/parseuri
https://account.box.com/login
https://www.box.com/home
https://cdn01.boxcdn.net/fonts/1.0.2/lato/Lato-Bold.woff)
https://support.box.com
https://account.box.com/logineskzhyh84ikrw9hwz58ee6hs
https://bhjuijkl.gq/ok/sharepoint-v9/3l5twa0m4q21nahjyil9ixbr.php?rand=13InboxLightaspxn.1774256418&
https://app.box.cRoot
https://cdn01.boxcdn.net/_assets/img/favicons/favicon-16x16-_kQSW4.png
https://account.b
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-72x72-7aVqne.png
https://app.box.cp.box.com/s/70q04qjreskzhyh84ikrw9hwz58ee6hs
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-60x60-Uv0qzu.png
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-152x152-r5tWgh.png
https://app.box.cicing/personal/Root
https://dddd4b9f56934ddc9af1070bd98b8e55.svc.dynamics.com/t/r/SWI6h7kOJfoTh_tI7MfqApxQ7PkKDTrBbH3ep9
https://cdn01.boxcdn.net/_assets/img/favicons/favicon-yz-tj-.ico
https://dddd4b9f56934ddc9af1070bd98b8e55.svc.dynamics.com/t/r/SWI6h7kOJfoTh_tI7MfqApxQ7PkKDTrBbH3ep9eK2fk
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-180x180-tV001c.png
http://www.box.com)
https://www.box.com/pricing/personal/4ikrw9hwz58ee6hsl
https://cdn01.boxcdn.net/_assets/img/favicons/favicon-32x32-VwW37b.png
http://www.live.com/
https://cdn01.boxcdn.net/_assets/img/favicons/mstile-144x144-pllCM8.png
https://account.box.co
https://cdn01.boxcdn.net/fonts/1.0.2/lato/Lato-Regular.woff)
http://www.wikipedia.com/
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-120x120-K-u4U5.png
https://cdn01.boxcdn.net/_assets/img/favicons/notification-favicon-32x32-brwW_W.png
https://cdn01.boxcdn.net/_assets/img/favicons/notification-favicon-96x96-TOQ9Kg.png
http://www.youtube.com/
http://rock.mit-license.org
https://cdn01.boxcdn.net/_assets/img/favicons/manifest-rw1AEP.json
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-114x114-busq-D.png
http://www.amazon.com/
https://cdn01.boxcdn.net/fonts/1.0.2/lato/Lato-Bold.woff2)
http://yuilibrary.com/license/
https://www.box.com/blog
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-57x57-fLlEpj.png
https://bhjuijkl.gq/okdc9af1070bd98b8e55.svc.dynamics.com/t/r/SWI6h7kOJfoTh_tI7MfqApxQ7PkKDTrBbH3ep9
https://cdn01.boxcdn.net/_assets/img/favicons/browserconfig-fdBReK.xml
http://www.twitter.com/
https://app.box.cm/logineskzhyh84ikrw9hwz58ee6hsRoot
https://cdn01.boxcdn.net/webapp_assets/login/js/login-bae14bec79.min.js
https://www.box.com/pr
https://cdn01.boxcdn.net/webapp_assets/login/css/login-055bcf7474.css
https://account.box.co70q04qjreskzhyh84ikrw9hwz58ee6hs
https://cdn01.boxcdn.net/fonts/1.0.2/lato/Lato-Regular.woff2)
https://account.box.com/login
https://app.box.com/s/70q04qjreskzhyh84ikrw9hwz58ee6hs70q04qjreskzhyh84ikrw9hwz58ee6hsRoot
https://github.com/zloirock/core-js
https://www.box.com/pricing
https://community.box.com
https://cdn01.boxcdn.net/_assets/img/favicons/notification-favicon-EHWWyP.ico
https://cdn01.boxcdn.net/_assets/img/favicons/android-chrome-192x192-96i97M.png
https://app.box.com/s/70q04qjreskzhyh84ikrw9hwz58ee6hsRoot
https://cdn01.boxcdn.net/_assets/img/favicons/favicon-96x96-XU7UE1.png
http://cssreset.com
http://www.nytimes.com/
http://www.apache.org/licenses/LICENSE-2.0
https://cdn01.boxcdn.net/_assets/img/favicons/safari-pinned-tab-jyt2W4.svg
https://www.box.com/pricing/personal/
https://account.box.com/login?redirect_url=https%3A%2F%2Fapp.box.com%2Fs%2F70q04qjreskzhyh84ikrw9hwz58ee6hs
http://www.reddit.com/
https://cdn01.boxcdn.net/enduser/app.9ec748f0eb.css
https://app.box.cm/login?redirect_url=https%3A%2F%2Fapp.box.com%2Fs%2F70q04qjreskzhyh84ikrw9hwz58ee6
https://cdn01.boxcdn.net/_assets/img/favicons/notification-favicon-16x16-Ou5N87.png
https://www.box.com/pricing/personal/
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-76x76-ZVGnRV.png
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-144x144-va9pYs.png
https://account.box.com/login?redirect_url=https%3A%2F%2Fapp.box.com%2Fs%2F70q04qjreskzhyh84ikrw9hwz
https://app.box.com/s/70q04qjreskzhyh84ikrw9hwz58ee6hs
https://app.box.cdc9af1070bd98b8e55.svc.dynamics.com/t/r/SWI6h7kOJfoTh_tI7MfqApxQ7PkKDTrBbH3ep9eK2fk

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\G62TDH9B\3l5twa0m4q21nahjyil9ixbr[1].htm
HTML document, UTF-8 Unicode text
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\httpErrorPagesScripts[1]
UTF-8 Unicode (with BOM) text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\intersection-observer[1].js
ASCII text, with very long lines, with no line terminators
#
Click to see the 87 hidden entries
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\favicon-32x32-VwW37b[1].png
PNG image data, 32 x 32, 8-bit colormap, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\errorPageStrings[1]
UTF-8 Unicode (with BOM) text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\dnserror[2]
HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\dnserror[1]
HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\css[2].css
ASCII text
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\core.min[1].js
UTF-8 Unicode text, with very long lines, with LF, NEL line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\content[1].jpg
[TIFF image data, big-endian, direntries=5, xresolution=74, yresolution=82, resolutionunit=1], baseline, precision 8, 1024x1024, frames 3
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\NewErrorPageTemplate[1]
UTF-8 Unicode (with BOM) text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\G62TDH9B\uploads-manager-enduser.1c050e7fd8[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\G62TDH9B\preview-components~shared-file.a8e9b0f033[1].css
ASCII text, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\G62TDH9B\pdf[1].png
PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\G62TDH9B\pdf.worker.min[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\G62TDH9B\messagecenter~preview-components~uploads-manager-enduser.bdf2ca5e65[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\G62TDH9B\login[1].htm
HTML document, UTF-8 Unicode text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\G62TDH9B\login-bae14bec79.min[1].js
HTML document, ASCII text, with very long lines, with escape sequences
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\G62TDH9B\login-055bcf7474[1].css
UTF-8 Unicode text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\G62TDH9B\exif.min[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\G62TDH9B\as-security~change-current-user-role-modal~collaborators~collection-detail-page~content-explorer-mod~244fdb54.62c4dbb45d[1].js
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\G62TDH9B\Lato-Regular[1].woff
Web Open Font Format, TrueType, length 119132, version 1.0
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\G62TDH9B\Lato-Bold[1].woff
Web Open Font Format, TrueType, length 118272, version 1.0
#
C:\Users\user\AppData\Local\Temp\dat743E.tmp
OpenType font data
#
C:\Users\user\AppData\Local\Temp\~DF863F27CF2E33F802.TMP
data
#
C:\Users\user\AppData\Local\Temp\~DF843628CFA6C3C01A.TMP
data
#
C:\Users\user\AppData\Local\Temp\~DF2CA593618F801BBF.TMP
data
#
C:\Users\user\AppData\Local\Temp\~DF2962513633A62CA6.TMP
data
#
C:\Users\user\AppData\Local\Temp\~DF225803FE462B4005.TMP
data
#
C:\Users\user\AppData\Local\Temp\datF3AD.tmp
Web Open Font Format, TrueType, length 2532, version 2.24904
#
C:\Users\user\AppData\Local\Temp\dat7665.tmp
TrueType Font data, 13 tables, 1st "OS/2", 20 names, Macintosh, \251 2018 Microsoft Corporation. All Rights Reserved.
#
C:\Users\user\AppData\Local\Temp\dat7635.tmp
TrueType Font data, 13 tables, 1st "OS/2", 20 names, Macintosh, \251 2018 Microsoft Corporation. All Rights Reserved.
#
C:\Users\user\AppData\Local\Temp\dat7605.tmp
OpenType font data
#
C:\Users\user\AppData\Local\Temp\dat7596.tmp
OpenType font data
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9QTQHWWN\vendors~app.272bfe9505[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Temp\dat59A0.tmp
Web Open Font Format (Version 2), TrueType, length 84396, version 2.983
#
C:\Users\user\AppData\Local\Temp\dat5961.tmp
Web Open Font Format, TrueType, length 119132, version 1.0
#
C:\Users\user\AppData\Local\Temp\dat13DF.tmp
Web Open Font Format, TrueType, length 21184, version 1.0
#
C:\Users\user\AppData\Local\Temp\dat131.tmp
Web Open Font Format, TrueType, length 21184, version 1.0
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\shared-file.16145d20dc[1].css
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\preview[1].js
UTF-8 Unicode text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\preview-components.a52cd4db8d[1].js
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\pdf_viewer.min[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\messagecenter~uploads-manager-enduser.e83b2dda31[1].js
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\login[1].htm
HTML document, UTF-8 Unicode text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-6757900\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3Y2ADQKS\pdf_viewer.min[1].css
assembler source, ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3Y2ADQKS\pdf.min[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3Y2ADQKS\messagecenter~preview-components~uploads-manager-enduser.41dd95b697[1].css
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3Y2ADQKS\logo_strip[1].png
PNG image data, 624 x 96, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3Y2ADQKS\down[1]
PNG image data, 15 x 15, 8-bit colormap, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3Y2ADQKS\Toyotetsu[1].pdf
PDF document, version 1.5
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\wlm7n14\imagestore.dat
data
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin8215062560\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20332743330\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20259167780\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-8760897390\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3Y2ADQKS\preview-components.9e30169cc3[1].css
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-4759708130\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-21706820\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-18270793970\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-17529550060\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{A892DCE4-1265-11EB-90E5-ECF4BB2D2496}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{A892DCE3-1265-11EB-90E5-ECF4BB2D2496}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{98501B30-1265-11EB-90E5-ECF4BB2D2496}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{917209E9-1265-11EB-90E5-ECF4BB2D2496}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{917209E7-1265-11EB-90E5-ECF4BB2D2496}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\IB42RK38\account.box[1].xml
ASCII text, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9QTQHWWN\app.ab7dab9361[1].js
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9QTQHWWN\runtime.11d728cc9f[1].js
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9QTQHWWN\logo[1].png
PNG image data, 226 x 48, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9QTQHWWN\loading[1].gif
GIF image data, version 89a, 30 x 30
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9QTQHWWN\lang-en-US.4174bd891d[1].js
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9QTQHWWN\lang-en-AU~lang-en-CA~lang-en-GB~lang-en-US~lang-en-x-pseudo.57dba5f597[1].js
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9QTQHWWN\httpErrorPagesScripts[1]
UTF-8 Unicode (with BOM) text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9QTQHWWN\errorPageStrings[1]
UTF-8 Unicode (with BOM) text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9QTQHWWN\down[1]
PNG image data, 15 x 15, 8-bit colormap, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9QTQHWWN\content-sidebar.561ead5a06[1].js
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9QTQHWWN\content-sidebar.35dcb75128[1].css
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\EQAWN5DV\app.box[1].xml
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9QTQHWWN\app.9ec748f0eb[1].css
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9QTQHWWN\NewErrorPageTemplate[1]
UTF-8 Unicode (with BOM) text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9QTQHWWN\Lato-woff[1].css
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9QTQHWWN\70q04qjreskzhyh84ikrw9hwz58ee6hs[1].htm
HTML document, ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3Y2ADQKS\uploads-manager-enduser.be5860ca88[1].css
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3Y2ADQKS\shared-file.8600c4b3c0[1].js
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3Y2ADQKS\share-point[1].css
ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3Y2ADQKS\promise[1].js
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3Y2ADQKS\preview[1].css
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3Y2ADQKS\preview-components~shared-file.270c62f3b2[1].js
ASCII text, with very long lines, with no line terminators
#