top title background image
flash

https://www.canva.com/design/DAEMFdyXLwU/Qca1gQjVaXRphNINixMtCg/view?utm_content=DAEMFdyXLwU&utm_campaign=designshare&utm_medium=link&utm_source=sharebutton

Status: finished
Submission Time: 2020-10-30 19:09:21 +01:00
Malicious
Phishing
HTMLPhisher

Comments

Tags

Details

  • Analysis ID:
    307733
  • API (Web) ID:
    517259
  • Analysis Started:
    2020-10-30 19:09:22 +01:00
  • Analysis Finished:
    2020-10-30 19:15:22 +01:00
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
malicious
Score: 84
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

malicious

IPs

IP Country Detection
239.255.255.250
Reserved
208.67.20.63
United States
104.16.18.94
United States

Domains

Name IP Detection
dns.google
8.8.8.8
9812343.fls.doubleclick.net
0.0.0.0
snap.licdn.com
0.0.0.0
Click to see the 15 hidden entries
code.jquery.com
0.0.0.0
maxcdn.bootstrapcdn.com
0.0.0.0
kit.fontawesome.com
0.0.0.0
ka-f.fontawesome.com
0.0.0.0
sdk.iad-01.braze.com
0.0.0.0
stackpath.bootstrapcdn.com
0.0.0.0
dart.l.doubleclick.net
172.217.21.70
media-private.canva.com
104.18.215.67
www.canva.com
104.18.216.67
storytimechildcare.com
208.67.20.63
cl.canva.com
104.18.215.67
font-public.canva.com
104.18.215.67
cdnjs.cloudflare.com
104.16.18.94
js.appboycdn.com
104.22.9.79
static.canva.com
104.18.216.67

URLs

Name Detection
https://storytimechildcare.com/o/pp/j
https://storytimechildcare.com/o/pp/OneDrive
https://storytimechildcare.com/o/pp/
Click to see the 97 hidden entries
https://fontawesome.com/license/free
http://www.fonts.com
https://www.canva.com/design/DAEMFdyq
https://www.canva.com/design/DAEMFdyXLwU/Qca1gQjVaXRphNINixMtCg/e
http://safebrowsing.googleusercontent.com/safebrowsing/clientreport/chrome-certs
https://static.canva.com/web/169aab431c6d134d2e5b.2.js
https://www.canva.com:443
http://fontfabrik.com
http://www.typography.netD
https://www.amazon.co.uk
http://www.sandoll.co.kr
https://static.canva.com/static/images/apple-touch-120x120.png
https://9812343.fls.doubleclick.net
https://www.hulu.com
https://www.ecosia.org/search?q=&addon=opensearch
https://static.canva.com/web/7e34b4d9b595ddb21505.2.js
http://www.unicode.org/copyright.html
https://doubleclick.net/
https://ka-f.fontawesome.com
http://www.founder.com.cn/cn/bThe
https://www.canva.comP
https://feedback.googleusercontent.com
https://static.canva.com/web/cbf62df7a1f4b5f10694.2.js
http://www.founder.com.cn/cn
https://static.canva.com/static/images/apple-touch-180x180.pngiy72le5S1JN
https://search.yahoo.com/favicon.icoteChanged0
https://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
https://static.canva.com/web/images/692e0a08e1ee
http://gmail.com/
https://static.canva.com/web/images/4b3c4f99c12fcb153b4dd0ec858c7630.pngVA
https://static.canva.com/web/images/a01ad30577857b27d2567fe514e5e926.png
https://doubleclick.netP
https://getbootstrap.com)
http://service.real.com/realplayer/security/02062012_player/en/
https://static.canva.com/static/images/apple-touch-152x152.pngQzUopOQhuI
https://adservice.google.co.uk/
https://github.com/twbs/bootstrap/blob/master/LICENSE)
https://static.canva.com/web/images/692e0a08e1eec70086d96611501ab27c.pngn
http://www.fontbureau.com/designers/cabarga.htmlN
https://static.canva.com/web/images/3f1b404294be513b884389f64a6512eb.mp3
https://code.jquery.com/jquery-3.3.1.js
https://getbootstrap.com/)
https://search.yahoo.com/favicon.icohttps://search.yahoo.com/search
https://static.canva.com/web/images/8de0036d9c159fef2826d39e41e41e0d.pngz
https://www.canva.com
https://code.jquery.com/jquery-3.1.1.min.js
https://sdk.iad-01.braze.com/api/v3
https://static.canva.com/static/images/favicon.ico
https://doubleclick.net/der5
https://kit.fontawesome.com/585b051251.js
http://www.galapagosdesign.com/DPlease
https://js.appboycdn.com/web-sdk/3.0/appboy.core.min.js
https://www.amazon.it
https://static.canva.com/web/images/07161d1908d12dfa15ac45f5b4bd5a67.mp3
https://9812343.fls.doubleclick.net/TTRC
https://www.amazon.in
https://bugs.chromium.org/p/chromium/issues/entry?template=Safety
https://github.com/twbs/bootstrap/graphs/contributors)
https://static.canva.com/web/images/e79b53e03f16de9d9239f40b9cc0457a.png
https://fontawesome.com
https://www.youtube.com
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
https://fontawesome.comhttps://fontawesome.comFont
http://www.fontbureau.com/designers
https://www.canva.com/
https://static.canva.com/static/images/android-192x192.pngYSdV1WmIi1k/c
https://cdn.ecosia.org/assets/images/ico/favicon.ico8
https://code.jquery.com/jquery-3.2.1.slim.min.js
https://static.canva.com/web/images/8de0036d9c159fef2826d39e41e41e0d.png
https://www.amazon.com.mx
https://static.canva.com/web/images/4e5669e881b4
https://search.yahoo.com/search?ei=&fr=crmas&p=
https://duckduckgo.com/ac/?q=
https://search.yahoo.com/search?ei=&fr=crmas&p=searchTerms
https://duckduckgo.com/chrome_newtab
http://ianlunn.co.uk/
https://static.canva.com/web/images/692e0a08e1ee86d9.png
https://9812343.fls.doubleclick.net/
http://www.carterandcone.coml
https://duckduckgo.com/favicon.ico
https://www.canva.comi
https://static.canva.com/web/images/a01ad30577857b27d2567fe514e5e926.pngg
https://static.canva.com/static/images/android-192x192.pngpngTKLRLGwDZkI
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
https://cdn.ecosia.org/assets/images/ico/favicon.ico
https://github.com/IanLunn/Hover
https://www.canva.com/design/DAEMFdyXLwU/Qca1gQjVaXRphNINixMtCg/view?utm_content=DAEMFdyXLwU&utm_cam
https://duckduckgo.com/?q=
https://static.canva.com/web/images/4e56e4a569e82e82432bc1f681b4a381.pngF
https://static.canva.com/static/images/apple-touch-180x180.pnga22YqBaVqN
https://www.amazon.co.br
https://media-private.canva.com/_jZGM/MAEMFr_jZGM/1/s.png?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Cre
https://static.canva.com/static/images/android-192x192.pngpngyqTC
https://static.canva.com/static/images/android-192x192.png9dZFMWdhRKNaB
https://static.canva.com/web/images/4b3c4f99c12fcb153b4dd0ec858c7630.pngr
https://doubleclick.net/eti
http://www.zhongyicts.com.cn

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\pp[1].htm
HTML document, ASCII text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004
MPEG-4 LOAS
#
Click to see the 97 hidden entries
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\a80521e3-d261-4c4e-bfbf-0d4ff9306679.tmp
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Visited Links
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\databases\Databases.db
SQLite 3.x database, last written using SQLite version 3032001
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\QuotaManager-journal
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\QuotaManager
SQLite 3.x database, last written using SQLite version 3032001
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG
ASCII text
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\jquery-3.1.1.min[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\free-v4-shims.min[1].css
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\free-fa-solid-900[1].woff
Web Open Font Format, TrueType, length 104280, version 331.34144
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\bootstrap.min[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\bootstrap.min[1].css
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\free-fa-solid-900[1].ttf
TrueType Font data, 13 tables, 1st "FFTM", 28 names, Macintosh
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\free-fa-solid-900[1].eot
Embedded OpenType (EOT), Font Awesome 5 Free Solid family
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\free-fa-regular-400[1].eot
Embedded OpenType (EOT), Font Awesome 5 Free Regular family
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\bootstrap.min[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\585b051251[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\jquery.min[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\jquery-3.2.1.slim.min[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
ASCII text
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\hover[1].css
ASCII text
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\album[1].css
assembler source, ASCII text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\History\History.IE5\mms\F1N203EG\onedrive[1].dat
data
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{46283B2E-1B1E-11EB-90E4-ECF4BB862DED}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{3F3AD797-1B1E-11EB-90E4-ECF4BB862DED}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{3F3AD795-1B1E-11EB-90E4-ECF4BB862DED}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
ASCII text, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\f855e08d-aec7-4816-a4c9-bdfb43c9cd10.tmp
very short file (no magic)
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\databases\Databases.db-journal
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\270ae0528ce28f93_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d0b48746d2734b6a_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c4950d0815c21f68_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c3d256598d5af694_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c2189956b60b2ce5_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7ec0a48446c78dad_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6726d42dc28e6fb9_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6504a43514bd864a_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\60740d5c4047228f_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5e83b9cfa3f81ad1_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\56a246e5228caa4a_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3d3a05e042f8193e_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\34ec1c4940ad2c8d_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e4115b2c93fca474_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\23eebbe63fc6e140_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\9aecba04-8325-43ee-84a7-8c0a9d61ec39.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\56e160c1-e721-467e-95b5-d36128ddd54b.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\49892d2d-1f42-43f7-a2e6-4d0da916c7ab.tmp
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\3cc14ff3-3669-450d-ac3e-d1fe62b44ded.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\7d0aae3a-e43b-423a-8a50-658151ad6997.tmp
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\6ca40dd4-6078-4f9a-8011-d24cd5a7cb64.tmp
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\4f515718-8675-4568-b71e-c8fd966247d5.tmp
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.canva.com_0.indexeddb.leveldb\MANIFEST-000001
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.canva.com_0.indexeddb.leveldb\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.canva.com_0.indexeddb.leveldb\000003.log
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.canva.com_0.indexeddb.leveldb\000001.dbtmp
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
SQLite 3.x database, last written using SQLite version 3032001
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\48eaab73-db44-4fc3-9e7a-c875aa2fd776.tmp
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons
SQLite 3.x database, last written using SQLite version 3032001
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_1\_metadata\computed_hashes.json
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\eba1480a166263c9_0
data
#