flash

https://app.box.com/s/f59992hq0o3230yh4ysvn4wry4ishg01

Status: finished
Submission Time: 13.01.2021 19:33:38
Malicious
Phishing
HTMLPhisher

Comments

Tags

Details

  • Analysis ID:
    339276
  • API (Web) ID:
    580473
  • Analysis Started:
    13.01.2021 19:33:39
  • Analysis Finished:
    13.01.2021 19:37:54
  • Technologies:
Full Report Management Report IOC Report Engine Info Verdict Score Reports
New

System: Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211

malicious
60/100

malicious

IPs

IP Country Detection
185.235.236.200
Germany
185.235.236.197
Germany
69.49.228.205
United States
Click to see the 4 hidden entries
185.235.236.201
Germany
152.199.23.37
United States
15.237.76.117
United States
104.16.18.94
United States

Domains

Name IP Detection
chimneystudent.com
69.49.228.205
cs1100.wpc.omegacdn.net
152.199.23.37
api.box.com
185.235.236.197
Click to see the 9 hidden entries
public.boxcloud.com
185.235.236.200
cdnjs.cloudflare.com
104.16.18.94
account.box.com
185.235.236.197
app.box.com
185.235.236.201
boxinc.sc.omtrdc.net
15.237.76.117
code.jquery.com
0.0.0.0
assets.adobedtm.com
0.0.0.0
aadcdn.msftauth.net
0.0.0.0
cdn01.boxcdn.net
0.0.0.0

URLs

Name Detection
https://chimneystudent.com/Dawn/Brown/$Sign
https://chimneystudent.com/Dawn/Brown/
https://chimneystudent.com/Dawn/Brown/#rl=https%3A%2F%2Fapp.box.com%2Fs%2Ff59992hq0o3230yh4ysvn4wry4
Click to see the 80 hidden entries
https://chimneystudent.com/Dawn/Brown/
https://chimneystudent.com/Dawn/Brown/)
https://chimneystudent.com/Dawn/Brown/rl=https%3A%2F%2Fapp.box.com%2Fs%2Ff59992hq0o3230yh4ysvn4wry4i
http://fontawesome.io
https://assets.adobedtm.com/6055abd7bbba/292d6a5f4786/launch-54b165b09013.js
https://app.box.com/s/f59992hq0o3230yh4ysvn4wry4ishg01
https://aadcdn.msftauth.net/ests/2.1/content/images/picker_more_7568a43cf440757c55d2e7f51557ae1f.svg
https://cdn01.boxcdn.net/_assets/img/favicons/notification-favicon-EHWWyP.ico
https://community.box.com
https://www.box.com/pricing
https://github.com/zloirock/core-js
https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.js
https://aadcdn.msftauth.net/ests/2.1/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.s
https://cdn01.boxcdn.net/fonts/1.0.2/lato/Lato-Regular.woff2)
https://aadcdn.msftauth.net/ests/2.1/content/images/ellipsis_635a63d500a92a0b8497cdc58d0f66b1.svg
https://aadcdn.msftauth.net/ests/2.1/content/images/picker_account_aad_9de70d1c5191d1852a0d5aac28b44
https://cdn01.boxcdn.net/webapp_assets/login/js/login-bae14bec79.min.js
https://aadcdn.msftauth.net/ests/2.1/content/images/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg
https://cdn01.boxcdn.net/_assets/img/favicons/browserconfig-fdBReK.xml
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-57x57-fLlEpj.png
https://www.box.com/blog
http://yuilibrary.com/license/
https://cdn01.boxcdn.net/fonts/1.0.2/lato/Lato-Bold.woff2)
https://cdn01.boxcdn.net/webapp_assets/login/css/login-1b220e0913.css
https://app.box.com/s/f59992hq0o3230yh4ysvn4wry4ishg01
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-144x144-va9pYs.png
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-76x76-ZVGnRV.png
https://app.box.c.com/Dawn/Brown/#rl=https%3A%2F%2Fapp.box.com%2Fs%2Ff59992hq0o3pp.box.com/s/f59992h
https://aadcdn.msftauth.net/ests/2.1/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.
https://cdn01.boxcdn.net/_assets/img/favicons/notification-favicon-16x16-Ou5N87.png
https://cdn01.boxcdn.net/enduser/app.8f4ad58129.css
https://aadcdn.msftauth.net/ests/2.1/content/images/ellipsis_96f69d0cefd8a8ba623a182c351ccc64.png
https://cdn01.boxcdn.net/_assets/img/favicons/android-chrome-192x192-96i97M.png
http://jedwatson.github.io/classnames
https://aadcdn.msftauth.net/ests/2.1/content/images/applogos/53_8b36337037cff88c3df203bb73d58e41.png
https://cdn01.boxcdn.net/_assets/img/favicons/safari-pinned-tab-jyt2W4.svg
http://www.apache.org/licenses/LICENSE-2.0
http://cssreset.com
https://cdn01.boxcdn.net/_assets/img/favicons/favicon-96x96-XU7UE1.png
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css
https://app.box.com/s/f59992hq0o3230yh4ysvn4wry4ishg01Root
https://app.box.cpp.box.com/s/f59992hq0o3230yh4ysvn4wry4ishg01
https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_Acti
https://aadcdn.msftauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
https://account.box.co
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-152x152-r5tWgh.png
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-60x60-Uv0qzu.png
https://code.jquery.com/jquery-3.1.1.min.js
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-72x72-7aVqne.png
https://app.box.c.com/Dawn/Brown/rl=https%3A%2F%2Fapp.box.com%2Fs%2Ff59992hq0o3pp.box.com/s/f59992hq
https://cdn01.boxcdn.net/_assets/img/favicons/favicon-16x16-_kQSW4.png
https://aadcdn.msftauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico~
https://app.box.cRoot
https://aadcdn.msftauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico~(
https://cdn01.boxcdn.net/fonts/1.0.2/lato/Lato-Bold.woff)
https://aadcdn.msftauth.net/ests/2.1/content/images/ellipsis_grey_2b5d393db04a5e6e1f739cb266e65b4c.s
https://www.box.com/home
http://fontawesome.io/license
https://aadcdn.msftauth.net/ests/2.1/content/images/picker_account_add_56e73414003cdb676008ff7857343
http://blog.stevenlevithan.com/archives/parseuri
https://feross.org
https://github.com/derek-watson/jsUri
https://account.box.cof59992hq0o3230yh4ysvn4wry4ishg01
https://cdn01.boxcdn.net/fonts/1.0.2/lato/Lato-woff.css
https://support.box.com
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-114x114-busq-D.png
https://cdn01.boxcdn.net/_assets/img/favicons/manifest-rw1AEP.json
http://rock.mit-license.org
https://app.box.cm/login?redirect_url=https%3A%2F%2Fapp.box.com%2Fs%2Ff59992hq0o3pp.box.com/s/f59992
https://cdn01.boxcdn.net/_assets/img/favicons/notification-favicon-96x96-TOQ9Kg.png
https://cdn01.boxcdn.net/_assets/img/favicons/notification-favicon-32x32-brwW_W.png
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-120x120-K-u4U5.png
https://cdn01.boxcdn.net/fonts/1.0.2/lato/Lato-Regular.woff)
https://cdn01.boxcdn.net/_assets/img/favicons/mstile-144x144-pllCM8.png
https://cdn01.boxcdn.net/_assets/img/favicons/favicon-32x32-VwW37b.png
http://www.box.com)
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-180x180-tV001c.png
https://account.box.com/login?redirect_url=https%3A%2F%2Fapp.box.com%2Fs%2Ff59992hq0o3230yh4ysvn4wry
https://aadcdn.msftauth.net/ests/2.1/content/images/ellipsis_grey_5bc252567ef56db648207d9c36a9d004.p
https://cdn01.boxcdn.net/_assets/img/favicons/favicon-yz-tj-.ico

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\Brown[1].htm
HTML document, UTF-8 Unicode text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\E5F0NRSV\app.box[1].xml
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\URW0GA4Q\account.box[1].xml
ASCII text, with no line terminators
#
Click to see the 77 hidden entries
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{F52BBC2D-55CD-11EB-90EB-ECF4BBEA1588}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{F52BBC2F-55CD-11EB-90EB-ECF4BBEA1588}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{FBBFBA5F-55CD-11EB-90EB-ECF4BBEA1588}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\gee00pr\imagestore.dat
data
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\53_8b36337037cff88c3df203bb73d58e41[1].png
PNG image data, 342 x 72, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\ES%20ROBBINS[1].pdf
PDF document, version 1.6
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\app.3caae0bb80[1].js
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\ellipsis_635a63d500a92a0b8497cdc58d0f66b1[1].svg
SVG Scalable Vector Graphics image
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\f59992hq0o3230yh4ysvn4wry4ishg01[1].htm
HTML document, ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\font-awesome[1].css
troff or preprocessor input, ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\jquery-3.1.1.min[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd[1].svg
SVG Scalable Vector Graphics image
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\pdf.worker.min[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\preview-components~shared-file.ff88431f84[1].css
ASCII text, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\preview[1].css
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\preview[1].js
UTF-8 Unicode text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\runtime.1abde09726[1].js
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\s65616671852272[1].gif
GIF image data, version 89a, 2 x 2
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\shared-file.eeb97be84f[1].css
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\uploads-manager-enduser.47cb9896f5[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\vendors~app.ad1b5c324e[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\2_bc3d32a696895f78c19df6c717586a5d[1].svg
SVG Scalable Vector Graphics image
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\Lato-Bold[1].woff
Web Open Font Format, TrueType, length 118272, version 1.0
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\Lato-Regular[1].woff
Web Open Font Format, TrueType, length 119132, version 1.0
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\Lato-woff[1].css
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\app.8f4ad58129[1].css
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\favicon_a_eupayfgghqiai7k9sol6lg2[1].ico
MS Windows icon resource - 6 icons, 128x128, 16 colors, 72x72, 16 colors
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\lang-en-US.e38312dc59[1].js
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\launch-54b165b09013.min[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\messagecenter~uploads-manager-enduser.e83b2dda31[1].js
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\pdf.min[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\pdf_viewer.min[1].css
assembler source, ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\picker_account_aad_9de70d1c5191d1852a0d5aac28b44a6c[1].svg
SVG Scalable Vector Graphics image
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\uploads-manager-enduser.41330e25db[1].css
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\AppMeasurement.min[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\AppMeasurement_Module_ActivityMap.min[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410[1].svg
SVG Scalable Vector Graphics image
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\content-sidebar.d7d089246d[1].js
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\favicon-32x32-VwW37b[1].png
PNG image data, 32 x 32, 8-bit colormap, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\intersection-observer[1].js
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\loading[1].gif
GIF image data, version 89a, 30 x 30
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\messagecenter~preview-components~uploads-manager-enduser.4c14b7f15f[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\pdf_viewer.min[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\picker_account_add_56e73414003cdb676008ff7857343074[1].svg
SVG Scalable Vector Graphics image
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\preview-components.b6077e4fab[1].css
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\promise[1].js
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\shared-file.9493eefcb7[1].js
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\as-security~change-current-user-role-modal~collaborators~collection-detail-page~content-explorer-mod~244fdb54.62c4dbb45d[1].js
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\content-sidebar.a7013a9589[1].css
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\content[1].jpg
[TIFF image data, big-endian, direntries=5, xresolution=74, yresolution=82, resolutionunit=1], baseline, precision 8, 724x1024, frames 3
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\core.min[1].js
UTF-8 Unicode text, with very long lines, with LF, NEL line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\ellipsis_grey_2b5d393db04a5e6e1f739cb266e65b4c[1].svg
SVG Scalable Vector Graphics image
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\exif.min[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\lang-en-AU~lang-en-CA~lang-en-GB~lang-en-US~lang-en-x-pseudo.57dba5f597[1].js
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\login-1b220e0913[1].css
UTF-8 Unicode text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\login-bae14bec79.min[1].js
HTML document, ASCII text, with very long lines, with escape sequences
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\login[1].htm
HTML document, UTF-8 Unicode text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\messagecenter~preview-components~uploads-manager-enduser.23ae1c6583[1].css
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\picker_more_7568a43cf440757c55d2e7f51557ae1f[1].svg
SVG Scalable Vector Graphics image
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\preview-components.04034d91d5[1].js
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\preview-components~shared-file.036fa94865[1].js
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Temp\dat991F.tmp
Web Open Font Format, TrueType, length 119132, version 1.0
#
C:\Users\user\AppData\Local\Temp\dat996E.tmp
Web Open Font Format (Version 2), TrueType, length 84396, version 2.983
#
C:\Users\user\AppData\Local\Temp\datB554.tmp
OpenType font data
#
C:\Users\user\AppData\Local\Temp\datB565.tmp
OpenType font data
#
C:\Users\user\AppData\Local\Temp\datB585.tmp
OpenType font data
#
C:\Users\user\AppData\Local\Temp\datB596.tmp
OpenType font data
#
C:\Users\user\AppData\Local\Temp\datB875.tmp
OpenType font data
#
C:\Users\user\AppData\Local\Temp\datB8A5.tmp
TrueType Font data, 13 tables, 1st "OS/2", 20 names, Macintosh, Original licenceOpenSans-RegularUnknownuniqueIDOpenSans-RegularVersion 0.11UnknownUnknownUnknow
#
C:\Users\user\AppData\Local\Temp\datB8B5.tmp
OpenType font data
#
C:\Users\user\AppData\Local\Temp\datB8B6.tmp
TrueType Font data, 13 tables, 1st "OS/2", 20 names, Macintosh, Original licenceOpenSans-LightUnknownuniqueIDOpenSans-LightVersion 0.11UnknownUnknownUnknown
#
C:\Users\user\AppData\Local\Temp\datB8B7.tmp
TrueType Font data, 13 tables, 1st "OS/2", 20 names, Macintosh, Original licenceOpenSans-BoldUnknownuniqueIDOpenSans-BoldVersion 0.11UnknownUnknownUnknown
#
C:\Users\user\AppData\Local\Temp\datBA3F.tmp
OpenType font data
#
C:\Users\user\AppData\Local\Temp\datEC1E.tmp
Web Open Font Format, TrueType, length 21184, version 1.0
#
C:\Users\user\AppData\Local\Temp\~DFA1E4E9666BD3905F.TMP
data
#
C:\Users\user\AppData\Local\Temp\~DFA3BE48DC535D6904.TMP
data
#
C:\Users\user\AppData\Local\Temp\~DFCD1A8EDAA1551B78.TMP
data
#