top title background image
flash

https://shopkhairboutique.com/globalfolder

Status: finished
Submission Time: 2020-10-19 19:08:05 +02:00
Malicious
Phishing
HTMLPhisher

Comments

Tags

Details

  • Analysis ID:
    300330
  • API (Web) ID:
    495751
  • Analysis Started:
    2020-10-19 19:08:06 +02:00
  • Analysis Finished:
    2020-10-19 19:11:48 +02:00
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
malicious
Score: 80
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

malicious
malicious

IPs

IP Country Detection
162.241.115.157
United States

Domains

Name IP Detection
shopkhairboutique.com
162.241.115.157
r4.res.office365.com
0.0.0.0
spoprod-a.akamaihd.net
0.0.0.0

URLs

Name Detection
https://shopkhairboutique.com/globalfolder/assets/files/prefetch.htm
https://shopkhairboutique.com/globalfolder/que.com/globalfolder/Login.php?sslchannel=true&sessionid=
https://shopkhairboutique.com/globalfolder/Root
Click to see the 43 hidden entries
https://shopkhairboutique.com/globalfolder/Login.php?sslchannel=true&sessionid=g4egWc76Q1lYZoNTccFfs
https://shopkhairboutique.com/globalfolder/assets/files/favicon_a_eupayfgghqiai7k9sol6lg2.ico~(
https://shopkhairboutique.com/globalfolder/assets/files/favicon_a_eupayfgghqiai7k9sol6lg2.ico
https://shopkhairboutique.com/globalfolder/assets/files/prefetch_data/share.htm
https://shopkhairboutique.com/globalfolder/assets/files/favicon_a_eupayfgghqiai7k9sol6lg2.ico~
https://shopkhairboutique.com/globalfolder/
https://shopkhairboutique.com/globalfolder/Login.php?sslchannel=true&sessionid=g4egWc76Q1lYZoNTccFfs2ScbeiM2FOeWiZS4EHvvR0fyE1MzOaNJonb06i75fzIm04X3tuAMuiT27sntMkItZGMe2saBdDR9v7Q2Zh31Hvgn7eMLDmu4wSmNb3u58wzDS
https://shopkhairboutique.com/globalfolder/assets/files/prefetch_data/prefetch.htm
https://suk.officehome.msocdn.com/s/4d533dea/Areas/Home/Content/images/favicons/favicon-sway.ico
https://r4.res.office365.com/owa/prem/16.2750.1.2638403/resources/styles/fonts/office365icons.eot?#i
http://www.opensource.org/licenses/mit-license.php)
https://r4.res.office365.com/owa/prem/16.2750.1.2638403/resources/styles/fonts/office365icons.woff
https://suk.officehome.msocdn.com/s/d4a8b97b/ClientApp/build/bundles/app-bundle.js
https://spoprod-a.akamaihd.net/files/odsp-next-prod_2018-12-07_20181213.002/
https://r4.res.office365.com/owa/prem/16.2750.1.2638403/resources/images/0/sprite1.mouse.png
https://suk.officehome.msocdn.com/s/a4b23eff/ClientApp/build/bundles/vendor-bundle.js
https://r4.res.office365.com/owa/prem/16.2750.1.2638403/resources/styles/fonts/office365icons.svg
https://suk.officehome.msocdn.com/s/92695d98/ClientApp/build/bundles/staticScripts.js
https://suk.officehome.msocdn.com/s/fab5fe9a/Areas/Home/Content/images/document-sprite.png
https://suk.officehome.msocdn.com/s/398b5c2a/Areas/Home/Content/images/zero-docs-sprite.png
https://suk.officehome.msocdn.com/s/9f94b783/css/startpages/swayTheme.min.css
https://r4.res.office365.com/owa/prem/16.2750.1.2638403/scripts/boot.worldwide.2.mouse.js
https://admin.onedrive.com/favicon.ico
https://suk.officehome.msocdn.com/s/746cbc9f/Areas/Home/Content/images/favicons/favicon-excel.ico
http://www.apache.org/licenses/LICENSE-2.0
https://suk.officehome.msocdn.com/s/11398ebe/Areas/Home/Content/images/fluent-background-sources/hea
https://suk.officehome.msocdn.com/s/21b61227/ClientApp/build/bundles/sharedScripts.js
https://spoprod-a.akamaihd.net/files/fabric/assets/icons/
https://suk.officehome.msocdn.com/s/de8e28e0/css/startpages/excelTheme.min.css
https://suk.officehome.msocdn.com/s/9471c196/Areas/Home/Content/images/favicons/favicon-word.ico
https://r4.res.office365.com/owa/prem/16.2750.1.2638403/scripts/boot.worldwide.1.mouse.js
https://r4.res.office365.com/owa/prem/16.2750.1.2638403/resources/images/0/sprite1.mouse.css
https://r4.res.office365.com/owa/prem/16.2750.1.2638403/scripts/boot.worldwide.0.mouse.js
https://suk.officehome.msocdn.com/s/21ef5ed1/ClientApp/build/bundles/react-bundle.js
https://r4.res.office365.com/owa/prem/16.2750.1.2638403/resources/styles/fonts/office365icons.ttf
https://r4.res.office365.com/owa/prem/16.2750.1.2638403/scripts/boot.worldwide.3.mouse.js
http://knockoutjs.com/
https://suk.officehome.msocdn.com/s/b93a4dd5/ClientApp/build/bundles/polyfills-bundle.js
https://suk.officehome.msocdn.com/s/bd5c758d/css/startpages/wordTheme.min.css
https://suk.officehome.msocdn.com/s/964f9d81/css/startpages/powerpointTheme.min.css
http://github.com/jquery/globalize
https://suk.officehome.msocdn.com/s/b39fe91f/Areas/Home/Content/images/favicons/favicon-powerpoint.i
https://r4.res.office365.com/owa/prem/16.2750.1.2638403/resources/styles/0/boot.worldwide.mouse.css

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\Login[1].htm
HTML document, UTF-8 Unicode text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\globalfolder[2].htm
HTML document, ASCII text, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\globalfolder[1].htm
HTML document, ASCII text
#
Click to see the 42 hidden entries
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\boot.worldwide.0.mouse[1].js
data
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\boot.worldwide.2.mouse[1].js
UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\boot.worldwide.mouse[1].css
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\favicon_a_eupayfgghqiai7k9sol6lg2[1].ico
MS Windows icon resource - 6 icons, 128x128, 16 colors, 72x72, 16 colors
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\prefetch[1].htm
HTML document, ASCII text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\sharedFontStyles[1].css
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\staticStylesFluent[1].css
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\aria-eae6c86d[1].js
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\boot[1].css
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\converged[1].css
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\0_a5dbd4393ff6a725c7e62b61df7e72f0[1].jpg
JPEG image data, baseline, precision 8, 1920x1080, frames 3
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\knockout-ca982f11[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd[1].svg
SVG Scalable Vector Graphics image
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\odbshare-f97b68ca[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\odbshare[1].js
UTF-8 Unicode text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\react-d2a47505[1].js
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\sprite1.mouse[1].png
PNG image data, 600 x 75, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Temp\~DF429874619D0AF090.TMP
data
#
C:\Users\user\AppData\Local\Temp\~DFA84F0241EC78899D.TMP
data
#
C:\Users\user\AppData\Local\Temp\~DFB8C64FD565AC9CAC.TMP
data
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\odbshare-f97b68ca[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{340DFFD1-1279-11EB-90E5-ECF4BB570DC9}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{340DFFD3-1279-11EB-90E5-ECF4BB570DC9}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{3B72CAB7-1279-11EB-90E5-ECF4BB570DC9}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\dikxvqf\imagestore.dat
data
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\boot[1].js
UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\boot_002[1].js
data
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\boot_003[1].js
UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\ellipsis_grey_2b5d393db04a5e6e1f739cb266e65b4c[1].svg
SVG Scalable Vector Graphics image
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\ellipsis_white_5ac590ee72bfe06a7cecfd75b588ad73[1].svg
SVG Scalable Vector Graphics image
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\knockout-ca982f11[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\DURNCK2N\shopkhairboutique[1].xml
ASCII text, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\react-d2a47505[1].js
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\sprite1.mouse[1].css
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\boot.worldwide.1.mouse[1].js
UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\boot.worldwide.3.mouse[1].js
UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\boot_004[1].js
UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\prefetch[1].htm
HTML document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\share[1].htm
HTML document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\sprite1[1].css
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\sprite1[1].png
PNG image data, 600 x 75, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\0-small_138bcee624fa04ef9b75e86211a9fe0d[1].jpg
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x28, frames 3
#