Joe Sandbox Cloud Basic

Want to search on specific fields?


Try our:

Advanced Search

Want to search in depth on all Cloud Basic reports?

Try: Joe Sandbox View

Register Login
sloganpng
top title background image
flash

http://microsoftonlineofficeteam.weebly.com

Status: finished
Submission Time: 2020-11-20 19:45:31 +01:00
Malicious
Phishing
HTMLPhisher

Comments

Tags

Details

  • Analysis ID:
    321294
  • API (Web) ID:
    544391
  • Analysis Started:
    2020-11-20 19:45:32 +01:00
  • Analysis Finished:
    2020-11-20 19:49:07 +01:00
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
Full Report Management Report IOC Report
malicious
Score: 52
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

IPs

IP Country Detection
35.158.107.63
 United States
151.101.1.46
 United States
35.163.165.143
 United States
Click to see the 1 hidden entries
199.34.228.54
 United States

Domains

Name IP Detection
pages-wildcard.weebly.com
 199.34.228.54
sp-2020021412301152490000000a-1069308460.us-west-2.elb.amazonaws.com
 35.163.165.143
weebly.map.fastly.net
 151.101.1.46
Click to see the 5 hidden entries
youronlinechoices.eu
 35.158.107.63
ec.editmysite.com
 0.0.0.0
www.youronlinechoices.eu
 0.0.0.0
microsoftonlineofficeteam.weebly.com
 0.0.0.0
cdn2.editmysite.com
 0.0.0.0

URLs

Name Detection
https://microsoftonlineofficeteam.weebly.com/
https://microsoftonlineofficeteam.weebly.com/FRoot
http://microsoftonlineofficeteam.weebly.com/
Click to see the 24 hidden entries
https://yoc.edaa.eu/tpc/step2.js.php
https://microsoftonlineofficeteam.weebly.com/uploads/1/3/4/9/134905392/office-logo_orig.png
https://www.youronlineeofficeteam.weebly.com/
https://www.youronlinechoices.eu/weebly.com/d
https://microsoftonlineofficeteam.weebly.com/uploads/1/3/4/9/134905392/tiny_orig.png
https://www.youronlinechoices.eu/favicon.ico~
https://stats.g.doubleclick.net/j/collect?
https://www.google.%/ads/ga-audiences?
https://microsoftonlineofficeteam.weebly.com/
https://www.youronlinechoices.eu/
https://microsoftonlineofficeteam.weebly.com/"
https://microsoftonlineofficeteam.weebly.com/Root
https://www.youronlinechoices.eu/weebly.com/
https://microsoftonlineofficeteam.weebly.com/Fchoices.eu/weebly.com/Root
https://github.com/snowplow/snowplow-javascript-tracker/blob/2.6.2/src/js/tracker.js#L1509
http://hammerjs.github.io/
https://www.youronlinechoices.eu/
https://microsoftonlineofficeteam.weebly.com/FOffice
https://cdn2.editmysite.com/js/
https://microsoftonlineofficeteam.weebly.com/uploads/1/3/4/9/134905392/click-image_orig.png
https://www.weebly.com/signup?utm_source=internal&utm_medium=footer
https://microsoftonlineofficeteam.weebly.com/favicon.ico
https://twitter.com/jacobrossi/status/480596438489890816
https://www.youronlinechoices.eu/4Your

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\OZpEg_xvsDZQL_LKIF7q4jP3zWj8[1].woff
 Web Open Font Format, TrueType, length 47412, version 1.1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\_style[1].css
 ASCII text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\click-image_orig[1].png
 PNG image data, 2809 x 427, 8-bit/color RGBA, non-interlaced
 #
Click to see the 48 hidden entries
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\css[1].css
 ASCII text
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\free-footer-v3[1].css
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\ga[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\hashslider[1].js
 ASCII text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\hp-1[1].jpg
 [TIFF image data, little-endian, direntries=0], baseline, precision 8, 350x226, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\jquery-1.7.1.min[1].js
 HTML document, UTF-8 Unicode text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\js[1].js
 ASCII text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\office-logo_orig[1].png
 PNG image data, 724 x 482, 8-bit/color RGB, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\optout_testpage[1].js
 ASCII text
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\tiny_orig[1].png
 PNG image data, 149 x 38, 8-bit/color RGB, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\INS6GHRP.htm
 HTML document, UTF-8 Unicode text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\OZpbg_xvsDZQL_LKIF7q4jP_eE3vfqne[1].woff
 Web Open Font Format, TrueType, length 49732, version 1.1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\YRETO7NA.htm
 HTML document, ASCII text, with very long lines, with CRLF, LF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\css[1].css
 ASCII text
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\custom[1].js
 ASCII text
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\jquery.min[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\va9X4lja2NVIDdIAAoMR5MfuElaRB0zMj_bTDXDoiw[1].woff
 Web Open Font Format, TrueType, length 32856, version 1.1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\va9Z4lja2NVIDdIAAoMR5MfuElaRB0RyklrfPXo[1].woff
 Web Open Font Format, TrueType, length 31536, version 1.1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\va9a4lja2NVIDdIAAoMR5MfuElaRB0zMh0P2Hg[1].woff
 Web Open Font Format, TrueType, length 34136, version 1.1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\va9c4lja2NVIDdIAAoMR5MfuElaRB0zHt0k[1].woff
 Web Open Font Format, TrueType, length 31580, version 1.1
 #
C:\Users\user\AppData\Local\Temp\~DF6183A4918010BD9D.TMP
 data
 #
C:\Users\user\AppData\Local\Temp\~DF95679539DE16C271.TMP
 data
 #
C:\Users\user\AppData\Local\Temp\~DFAA861CDFA17B3544.TMP
 data
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\recaptcha__en[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{1C4F9818-2BAC-11EB-90E4-ECF4BB862DED}.dat
 Microsoft Word Document
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{1C4F981A-2BAC-11EB-90E4-ECF4BB862DED}.dat
 Microsoft Word Document
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{22594615-2BAC-11EB-90E4-ECF4BB862DED}.dat
 Microsoft Word Document
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\ynfz0jx\imagestore.dat
 data
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\_base[1].css
 ASCII text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\api[1].js
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\bg[1].jpg
 [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1200x820, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\css[1].css
 ASCII text
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\favicon[1].ico
 MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\favicon[2].ico
 MS Windows icon resource - 1 icon, 16x16, 8 bits/pixel
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\main_style[1].css
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\plugins[1].js
 ASCII text
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\EE99FI2K\microsoftonlineofficeteam.weebly[1].xml
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\snowday262[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\allbg[1].png
 PNG image data, 800 x 600, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\fancybox[1].css
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\footer-toast-published-image-1[1].png
 PNG image data, 199 x 97, 8-bit colormap, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\footerSignup[1].js
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\gdprscript[1].js
 HTML document, ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\main-customer-accounts-site[1].js
 UTF-8 Unicode text, with very long lines, with LF, NEL line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\main[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\sites[1].css
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\social-icons[1].css
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\stl[1].js
 HTML document, UTF-8 Unicode text, with very long lines
 #