https://www.canva.com/design/DAELDmFwd6c/jyzAf71YbfDc9Ufc4rBARw/view?utm_content=DAELDmFwd6c&utm_campaign=designshare&utm_medium=link&utm_source=sharebutton

Status: finished

Submission Time: 2020-10-19 19:29:19 +02:00

Malicious

Phishing

HTMLPhisher

Comments

Details

Analysis ID:
300343
API (Web) ID:
495775
Analysis Started:

2020-10-19 19:29:20 +02:00
Analysis Finished:

2020-10-19 19:37:00 +02:00
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
	Full Report Management Report IOC Report	malicious Score: 60	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

IPs

IP	Country	Detection
239.255.255.250	Reserved
152.199.21.175	United States

Domains

Name	IP	Detection
static.canva.com	104.18.215.67
sni1gl.wpc.alphacdn.net	152.199.21.175
font-public.canva.com	104.18.215.67
Click to see the 9 hidden entries
www.canva.com	104.18.216.67
media-private.canva.com	104.18.215.67
dns.google	8.8.8.8
signup.live.com	0.0.0.0
aadcdn.msauth.net	0.0.0.0
assets.onestore.ms	0.0.0.0
acctcdn.msauth.net	0.0.0.0
ajax.aspnetcdn.com	0.0.0.0
client.hip.live.com	0.0.0.0

URLs

Name	Detection
http://fontello.comiconsRegulariconsiconsVersion
http://chrome.googl0
http://crl.pki.goog/gsr2/gsr2.crl0?
Click to see the 97 hidden entries
https://www.linkedin.com/legal/privacy-policy
https://static.canva.com/static/lib/cl/cl-0.4.0.min.js
https://www.microsoft.
https://mixer.com/about/tos
https://www.skype.com/go/legal
https://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager.html
http://www.youtube.com/
https://9812343.fls.doubleclick.net/activityi;src=9812343;type=retar0;cat=flood0;ord=8039126982952;g
https://9812343.fls.doubleclick.net/
https://aadcdn.msauth.net/shared/1.0/content/images/ellipsis_96f69d0cefd8a8ba623a182c351ccc64.png
https://canva.com/y
http://www.opensource.org/licenses/mit-license.php)
http://www.fontbureau.com/designers/frere-jones.html
https://acctcdn.msauth.net/converged_ux_v2_RfnRCrmapm3W_OFn994CMA2.css?v=1
http://www.carterandcone.coml
https://static.canva.com/static/lib/sentry/5.15.4.min.js
https://static.canva.com/web/480f82337a6c21743671.2.js
https://www.canva.com/design/DAELDmFwd6c/jyzAf71YbfDc9Ufc4rBARw/view?utm_content=DAELDmFwd6c&utm_cam
https://pki.goog/repository/0
https://acctcdn.msauth.net/images/favicon.ico?v=2~(
https://www.canva.com/design/DAELDmFwd6c/jyzAf71YbfDc9Ufc4rBARw/entState
https://github.com/douglascrockford/JSON-js
https://aadcdn.msauth.net/shared/1.0/content/images/microsoft_logo_ed9c9eb0dce17d752bedea6b5acda6d9.
https://www.amazon.fr
https://aadcdn.msauth.net/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.
https://privacy.microso
https://aadcdn.msauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico~(
http://sizzlejs.com/
http://www.unicode.org/copyright.html
http://ocsp.pki.goog/gsr2/ME4wTDBKMEgwRjAJBgUrDgMCGgUABBTgXIsxbvr2lBkPpoIEVRE6gHlCnAQUm%2BIHV2ccHsBq
https://www.optimizely.com/legal/opt-out/
https://acctcdn.msauth.net
http://www.fontbureau.com/designers?
https://canva.com/i
https://storage.google
https://www.gooleapis.com/auth
http://www.founder.com.cn/cn/bThe
http://jquery.org/license
https://www.skype.com/go/ustax
http://www.fontbureau.com/designers/?
http://ocsp.dil;charse
https://login.skype.com/login
https://signin.kissmetrics.com/privacy/#controls
https://aka.ms/redeemrewards
http://www.fontbureau.com/designersG
https://feedback.googleusercontent.com
https://aadcdn.msauth.net
https://www.xbox.com/en-US/Legal/CodeOfConduct
https://www.appnexus.com/
https://www.skype.com
https://www.amazon.in
https://bugs.chromium.org/p/chromium/issues/entry?template=Safety
http://www.interoperabilitybridges.com/wmp-extension-for-chrome
https://skype.com/go/myaccount
https://aka.ms/taxservice
http://www.founder.com.cn/cn/cThe
http://www.sajatypeworks.com
https://www.youtube.com
http://www.json.org/json2.js
http://opensource.org/licenses/mit-license.php)
https://acctcdn.msauth.net/knockout_3.3.0_X1BYS2jZMbi7hfUj8VuqFA2.js?v=1
http://www.fontbureau.com/designers
http://www.asp.net/ajaxlibrary/CDN.ashx.
https://www.xbox.com/en-US/Legal/CodeOfConduct)
https://www.adr.org
https://www.canva.com/
https://acctcdn.msauth.net/lwsignupstringscountrybirthdate_en-us_pVtahKS9WUIZdNqg1DDhHg2.js?v=1
https://www.youradchoices.ca/fr
https://www.amazon.com
https://www.acuityads.com/opt-out/
https://www.amazon.com.mx
https://aka.ms/useterms
https://mixer.com/contact
https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protectio
https://www.xbox.com
https://www.skype.com).
https://acctcdn.msauth.net/jquerypackage_1.10_5V7LAuc3bNAQx2QQfr1RPw2.js?v=1
https://www.amazon.co.jp
http://www.mpegla.com).
https://acctcdn.msauth.net/images/microsoft_logo_7lyNn7YkjJOP0NwZNw6QvQ2.svg
http://service.real.com/realplayer/security/02062012_player/en/~
https://static.canva.com/web/ff73bc33956d9403dd6c.2.js
https://www.amazon.co.br
http://download.divx.com/player/divxdotcom/DivXWebPlayerInstaller.exe
https://www.adjust.com/opt-out/
https://static.canva.com/web/3a8dd98875522073d08ca07f096162a2.2.runtime.js
https://www.youronlinechoices.com/
http://forms.real.com/real/realone/download.html?type=rpsp_us
http://www.reddit.com/
https://priv-policy.imrworldwide.com/priv/browser/us/en/optout.html
https://aadcdn.msauth.net/shared/1.0/content/images/ellipsis_grey_2b5d393db04a5e6e1f739cb266e65b4c.s
http://www.zhongyicts.com.cn
http://www.urwpp.deDPlease
http://www.galapagosdesign.com/DPlease
https://js.appboycdn.com/web-sdk/3.0/appboy.core.min.js
https://www.amazon.it
http://crl.pki.goog/GTS1O1core.crl0

Dropped files

Name	File Type	Hashes
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\b9aa9d79-16c6-45ac-8150-9755ddf72ad5.tmp	UTF-8 Unicode text, with very long lines, with no line terminators	#
Click to see the 97 hidden entries
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\afb3ccd0-c66d-457d-98c4-a486d4a0e316.tmp	UTF-8 Unicode text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Visited Links	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\QuotaManager-journal	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\QuotaManager	SQLite 3.x database, last written using SQLite version 3032001	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG	ASCII text	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-18270793970\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\datarequestpackage_h-_7C7UzwdefXJT9njDBTQ2[1].js	ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\arrow_px_up[1].gif	GIF image data, version 89a, 7 x 9	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\Print[1].png	PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\Me[1].htm	HTML document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\ynfz0jx\imagestore.dat	data	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin8215062560\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20332743330\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20259167780\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-8760897390\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-6757900\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-4759708130\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-21706820\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log	data	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-17529550060\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{3C85BDC8-127C-11EB-90E4-ECF4BB862DED}.dat	Microsoft Word Document	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{3C85BDC7-127C-11EB-90E4-ECF4BB862DED}.dat	Microsoft Word Document	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{3C85BDC5-127C-11EB-90E4-ECF4BB862DED}.dat	Microsoft Word Document	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\f28b14f6-6fee-4e1a-974c-0c7c8d207704.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version	ASCII text, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\databases\Databases.db-journal	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\databases\Databases.db	SQLite 3.x database, last written using SQLite version 3032001	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004	MPEG-4 LOAS	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1c643dde2e2b927f_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\da38065229f1c2b0_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d5d6277b1091be72_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c4950d0815c21f68_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c3d256598d5af694_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c2189956b60b2ce5_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6726d42dc28e6fb9_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\65809c222a71838f_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5e83b9cfa3f81ad1_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\4c9edaced3937224_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3577865f7dc41749_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\270ae0528ce28f93_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\243301520c11e031_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e4115b2c93fca474_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\018bc498f4b5fe54_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\7452ece4-e33e-4035-8493-7084c5edf7d3.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\3ed6e743-3f82-4c57-a0fd-2ca90c65d858.tmp	UTF-8 Unicode text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\223e4294-0f6f-44f8-ad02-7fb4f97a0c16.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1aad700c-30be-4f6c-916e-f727bf3bf257.tmp	very short file (no magic)	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\145e7ff9-221b-4928-94ee-e0db8841e97e.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\2e8619ed-df9d-461f-b210-253e650d2ad2.tmp	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\202fa49c-929e-4592-8b62-5a75c9628ec3.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons	SQLite 3.x database, last written using SQLite version 3032001	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.canva.com_0.indexeddb.leveldb\MANIFEST-000001	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.canva.com_0.indexeddb.leveldb\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.canva.com_0.indexeddb.leveldb\000003.log	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.canva.com_0.indexeddb.leveldb\000001.dbtmp	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History	SQLite 3.x database, last written using SQLite version 3032001	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\0950b3d3-a780-4715-95ca-c39672feb703.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_1\_metadata\computed_hashes.json	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ef7c547c70771637_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\eba1480a166263c9_0	data	#

https://www.canva.com/design/DAELDmFwd6c/jyzAf71YbfDc9Ufc4rBARw/view?utm_content=DAELDmFwd6c&utm_campaign=designshare&utm_medium=link&utm_source=sharebutton

Comments

Tags

Available tags:

Details

Joe Sandbox

IPs

Domains

URLs

Dropped files

https://www.canva.com/design/DAELDmFwd6c/jyzAf71YbfDc9Ufc4rBARw/view?utm_content=DAELDmFwd6c&utm_campaign=designshare&utm_medium=link&utm_source=sharebutton Options

Comments

Tags

Available tags:

Details

Joe Sandbox

IPs

Domains

URLs

Dropped files

Search started

https://www.canva.com/design/DAELDmFwd6c/jyzAf71YbfDc9Ufc4rBARw/view?utm_content=DAELDmFwd6c&utm_campaign=designshare&utm_medium=link&utm_source=sharebutton