cremocompany-Invoice_216083-xlsx.html

Status: finished

Submission Time: 2021-01-13 18:14:14 +01:00

Malicious

Phishing

Evader

HTMLPhisher

Comments

Details

Analysis ID:
339241
API (Web) ID:
580403
Analysis Started:

2021-01-13 18:14:14 +01:00
Analysis Finished:

2021-01-13 18:21:33 +01:00
MD5:
1a47aae367d4ac2427943631bd4d08f5
SHA1:
87fc8341efabb13c8a33d6acb28bb6e5a5d23b54
SHA256:
9c7b05df9abde7ae8d91cfea08ca275132a6692bec1875aca9c49f1b74f766c9
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
	Full Report Management Report IOC Report	malicious Score: 56	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

IPs

IP	Country	Detection
145.239.131.51	France
51.91.224.95	France
91.207.103.145	Romania
Click to see the 4 hidden entries
216.239.38.21	United States
104.20.138.65	United States
5.189.183.184	Germany
104.16.19.94	United States

Domains

Name	IP	Detection
tinyurl.com	104.20.138.65
yourjavascript.com	5.189.183.184
cdnjs.cloudflare.com	104.16.19.94
Click to see the 7 hidden entries
uceniciifbi.ro	91.207.103.145
i.postimg.cc	51.91.224.95
svgur.com	216.239.38.21
i.ibb.co	145.239.131.51
code.jquery.com	0.0.0.0
www.iconj.com	0.0.0.0
maxcdn.bootstrapcdn.com	0.0.0.0

URLs

Name	Detection
file:///C:/Users/user/Desktop/cremocompany-Invoice_216083-xlsx.html
http://erik.eae.net/archives/2007/07/27/18.54.15/#comment-102291
https://developer.mozilla.org/en/Security/CSP
Click to see the 33 hidden entries
http://yourjavascript.com/99821182021/5343434322.js
http://www.youtube.com/
http://getbootstrap.com)
https://github.com/twbs/bootstrap/blob/master/LICENSE)
http://www.wikipedia.com/
https://i.ibb.co/518rjZQ/Fotoram-io.jpg
http://www.live.com/
http://api.jquery.com/jQuery.browser
http://helpful.knobs-dials.com/index.php/Component_returned_failure_code:_0x80040111_(NS_ERROR_NOT_A
https://github.com/jquery/jquery/pull/764
https://bugzilla.mozilla.org/show_bug.cgi?id=491668
http://www.reddit.com/
http://javascript.nwbox.com/IEContentLoaded/
http://jquery.com/
http://yourjavascript.com/18210902102/7565654564.js
http://weblogs.java.net/blog/driscoll/archive/2009/09/08/eval-javascript-global-context
http://bugs.jquery.com/ticket/12359
http://jquery.org/license
http://perfectionkills.com/detecting-event-support-without-browser-sniffing/
http://json.org/json2.js
http://svgur.com/i/G6D.svg
https://bugzilla.mozilla.org/show_bug.cgi?id=649285
http://sizzlejs.com/
http://www.amazon.com/
http://www.nytimes.com/
http://www.twitter.com/
http://fluidproject.org/blog/2008/01/09/getting-setting-and-removing-tabindex-values-with-javascript
https://bugs.webkit.org/show_bug.cgi?id=29084
http://blindsignals.com/index.php/2009/07/jquery-delay/
http://bugs.jquery.com/ticket/12282#comment:15
https://developer.mozilla.org/en-US/docs/CSS/display
http://dev.w3.org/csswg/cssom/#resolved-values
http://i.postimg.cc/vHgYSJgT/arrow.jpg

Dropped files

Name	File Type	Hashes
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\5343434322[1].js	ASCII text, with very long lines, with CRLF, LF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\7565654564[1].js	ASCII text, with very long lines, with CRLF, LF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\arrow[1].jpg	[TIFF image data, big-endian, direntries=4], baseline, precision 8, 29x32, frames 3	#
Click to see the 24 hidden entries
C:\Users\user\AppData\Local\Temp\~DF9B8C62206A21CFC2.TMP	data	#
C:\Users\user\AppData\Local\Temp\~DF8B5138716A0631E4.TMP	data	#
C:\Users\user\AppData\Local\Temp\~DF07F4302587011DD4.TMP	data	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\jquery.min[1].js	ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\arrow[1].htm	HTML document, ASCII text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\0009098lm[1].css	ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\bootstrap.min[1].css	ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\G6D[1].svg	SVG Scalable Vector Graphics image	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\jquery-1.8.2[1].js	UTF-8 Unicode text	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\00[1].png	PNG image data, 1920 x 1039, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\off[1].png	PNG image data, 994 x 356, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{4FDAFE63-560E-11EB-90E4-ECF4BB862DED}.dat	Microsoft Word Document	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\87875434-878676zxxzx[1].css	ASCII text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin8215062560\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20332743330\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20259167780\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-8760897390\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-6757900\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-4759708130\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-21706820\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-18270793970\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-17529550060\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{4FDAFE66-560E-11EB-90E4-ECF4BB862DED}.dat	Microsoft Word Document	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{4FDAFE65-560E-11EB-90E4-ECF4BB862DED}.dat	Microsoft Word Document	#

cremocompany-Invoice_216083-xlsx.html

Comments

Tags

Available tags:

Details

Joe Sandbox

IPs

Domains

URLs

Dropped files

cremocompany-Invoice_216083-xlsx.html Options

Comments

Tags

Available tags:

Details

Joe Sandbox

IPs

Domains

URLs

Dropped files

Search started

cremocompany-Invoice_216083-xlsx.html