Register Login

sloganpng

top title background image

https://lhklzbenyc.objects-us-east-1.dream.io/liinkk.html#qs=r-abacacfekhccacaeikheababacafeadbfaccagjdacjekaibfgjacb

Status: finished

Submission Time: 2020-11-26 00:15:27 +01:00

Malicious

Phishing

Phisher

Comments

Tags

Details

Analysis ID:
322846
API (Web) ID:
547475
Analysis Started:

2020-11-26 00:15:28 +01:00
Analysis Finished:

2020-11-26 00:18:09 +01:00
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
	Full Report Management Report IOC Report	malicious Score: 48	Error: Incomplete analysis, please check the report for detailed error information System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

IPs

IP	Country	Detection
111.90.140.95	Malaysia
51.15.153.186	France
208.113.201.33	United States

Domains

Name	IP	Detection
objects-us-east-1.dream.io	208.113.201.33
luckyxguy.com	111.90.140.95
gizmoskiff.com	51.15.153.186
Click to see the 1 hidden entries
lhklzbenyc.objects-us-east-1.dream.io	0.0.0.0

URLs

Name	Detection
https://luckyxguy.com/0/0/0/12b675ea62affcf4faac04f5d20e8bdd/37963_1_11/0_1_0_0_1_1439611_43_1839_70
https://luckyxguy.com/
https://lhklzbenyc.objects-us-east-1.dream.io/liinkk.html#qs=r-abacacfekhccacaeikheababacafeadbfacca
Click to see the 4 hidden entries
http://gizmoskiff.com/qs=r-abacacfekhccacaeikheababacafeadbfaccagjdacjekaibfgjacb
https://lhklzbenyc.obj
http://gizmoskiff.com/
https://lhklzbenyc.objects-us-east-1.dream.io/liinkk.html

Dropped files

Name	File Type	Hashes	Detection
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\liinkk[1].htm	HTML document, ASCII text, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{A6FA38B3-2FBF-11EB-90E4-ECF4BB862DED}.dat	Microsoft Word Document	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{A6FA38B5-2FBF-11EB-90E4-ECF4BB862DED}.dat	Microsoft Word Document	#
Click to see the 12 hidden entries
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{AD7A6107-2FBF-11EB-90E4-ECF4BB862DED}.dat	Microsoft Word Document	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\http_403[1]	HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\info_48[1]	PNG image data, 47 x 48, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\background_gradient[1]	JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1x800, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\httpErrorPagesScripts[1]	UTF-8 Unicode (with BOM) text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\ErrorPageTemplate[1]	UTF-8 Unicode (with BOM) text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\bullet[1]	PNG image data, 15 x 15, 8-bit colormap, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\down[1]	PNG image data, 15 x 15, 8-bit colormap, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\errorPageStrings[1]	UTF-8 Unicode (with BOM) text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\~DF2F607BA7733F9ACF.TMP	data	#
C:\Users\user\AppData\Local\Temp\~DF55A80DF302D01A96.TMP	data	#
C:\Users\user\AppData\Local\Temp\~DFB7E7B6F16E3436F0.TMP	data	#