https://app.box.com/s/eqit09n816yvtnxs1iqirsq7ectaev7m

Status: finished

Submission Time: 2021-01-13 21:52:16 +01:00

Malicious

Phishing

HTMLPhisher

Comments

Details

Analysis ID:
339375
API (Web) ID:
580680
Analysis Started:

2021-01-13 21:53:38 +01:00
Analysis Finished:

2021-01-13 21:58:56 +01:00
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
	Full Report Management Report IOC Report	malicious Score: 60	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

malicious

IPs

IP	Country	Detection
185.235.236.200	Germany
185.235.236.197	Germany
185.235.236.201	Germany
Click to see the 3 hidden entries
152.199.23.37	United States
104.16.18.94	United States
162.219.248.247	United States

Domains

Name	IP	Detection
cs1100.wpc.omegacdn.net	152.199.23.37
api.box.com	185.235.236.197
public.boxcloud.com	185.235.236.200
Click to see the 6 hidden entries
cdnjs.cloudflare.com	104.16.18.94
app.box.com	185.235.236.201
costa-rica-infos.com	162.219.248.247
code.jquery.com	0.0.0.0
aadcdn.msftauth.net	0.0.0.0
cdn01.boxcdn.net	0.0.0.0

URLs

Name	Detection
https://costa-rica-infos.com/Debbie/Ortiz/
https://costa-rica-infos.com/Debbie/Ortiz/#q7ectaev7m
https://github.com/derek-watson/jsUri
Click to see the 69 hidden entries
https://feross.org
https://app.box.c
http://blog.stevenlevithan.com/archives/parseuri
https://app.box.com/s/eqit09n816yvtnxs1iqirsq7ectaev7mRoot
https://aadcdn.msftauth.net/ests/2.1/content/images/picker_account_add_56e73414003cdb676008ff7857343
http://fontawesome.io/license
https://aadcdn.msftauth.net/ests/2.1/content/images/ellipsis_grey_2b5d393db04a5e6e1f739cb266e65b4c.s
https://cdn01.boxcdn.net/fonts/1.0.2/lato/Lato-Bold.woff)
https://raincrosspub.com/Debbie/Ortiz/)
https://aadcdn.msftauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico~(
https://app.box.cos.com/Debbie/Ortiz/#q7ectaev7mRoot
https://app.box.cRoot
https://aadcdn.msftauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico~
https://cdn01.boxcdn.net/_assets/img/favicons/favicon-16x16-_kQSW4.png
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-72x72-7aVqne.png
https://code.jquery.com/jquery-3.1.1.min.js
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-120x120-K-u4U5.png
https://cdn01.boxcdn.net/_assets/img/favicons/favicon-yz-tj-.ico
https://aadcdn.msftauth.net/ests/2.1/content/images/ellipsis_grey_5bc252567ef56db648207d9c36a9d004.p
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-180x180-tV001c.png
http://www.box.com)
https://cdn01.boxcdn.net/_assets/img/favicons/favicon-32x32-VwW37b.png
https://cdn01.boxcdn.net/_assets/img/favicons/mstile-144x144-pllCM8.png
https://cdn01.boxcdn.net/fonts/1.0.2/lato/Lato-Regular.woff)
https://costa-ricsta-rica-infos.com/Debbie/Ortiz/
https://cdn01.boxcdn.net/fonts/1.0.2/lato/Lato-woff.css
https://cdn01.boxcdn.net/_assets/img/favicons/notification-favicon-32x32-brwW_W.png
https://cdn01.boxcdn.net/_assets/img/favicons/notification-favicon-96x96-TOQ9Kg.png
http://rock.mit-license.org
https://costa-rica-infos.com/Debbie/Ortiz/)
https://cdn01.boxcdn.net/_assets/img/favicons/manifest-rw1AEP.json
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-114x114-busq-D.png
https://support.box.com
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-60x60-Uv0qzu.png
https://app.box.com/s/eqit09n816yvtnxs1iqirsq7ectaev7m
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-57x57-fLlEpj.png
https://app.box.com/s/eqit09n816yvtnxs1iqirsq7ectaev7meqit09n816yvtnxs1iqirsq7ectaev7mRoot
https://cdn01.boxcdn.net/_assets/img/favicons/browserconfig-fdBReK.xml
https://aadcdn.msftauth.net/ests/2.1/content/images/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg
https://app.box.com/s/eqit09n816yvtnxs1iqirsq7ectaev7m
https://app.box.com/s/eqit09n816yvtnxs1iqirsq7ectaev7mXT.B.
https://aadcdn.msftauth.net/ests/2.1/content/images/picker_account_aad_9de70d1c5191d1852a0d5aac28b44
https://costa-rica-infos.com/Debbie/Ortiz/q7ectaev7m
https://cdn01.boxcdn.net/fonts/1.0.2/lato/Lato-Bold.woff2)
https://aadcdn.msftauth.net/ests/2.1/content/images/ellipsis_635a63d500a92a0b8497cdc58d0f66b1.svg
https://cdn01.boxcdn.net/fonts/1.0.2/lato/Lato-Regular.woff2)
https://aadcdn.msftauth.net/ests/2.1/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.s
https://app.box.cos.com/Debbie/Ortiz/q7ectaev7mRoot
https://app.box.ca-infos.com/Debbie/Ortiz/$Sign
https://github.com/zloirock/core-js
https://cdn01.boxcdn.net/_assets/img/favicons/notification-favicon-EHWWyP.ico
https://aadcdn.msftauth.net/ests/2.1/content/images/picker_more_7568a43cf440757c55d2e7f51557ae1f.svg
https://cdn01.boxcdn.net/_assets/img/favicons/android-chrome-192x192-96i97M.png
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-152x152-r5tWgh.png
https://aadcdn.msftauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css
https://cdn01.boxcdn.net/_assets/img/favicons/favicon-96x96-XU7UE1.png
https://cdn01.boxcdn.net/_assets/img/favicons/safari-pinned-tab-jyt2W4.svg
https://aadcdn.msftauth.net/ests/2.1/content/images/applogos/53_8b36337037cff88c3df203bb73d58e41.png
http://jedwatson.github.io/classnames
https://costa-rica-infos.com/Debbie/Ortiz/
http://fontawesome.io
https://aadcdn.msftauth.net/ests/2.1/content/images/ellipsis_96f69d0cefd8a8ba623a182c351ccc64.png
https://cdn01.boxcdn.net/enduser/app.8f4ad58129.css
https://costa-rica-infos.com/Debbie/Ortiz/$Sign
https://cdn01.boxcdn.net/_assets/img/favicons/notification-favicon-16x16-Ou5N87.png
https://aadcdn.msftauth.net/ests/2.1/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-76x76-ZVGnRV.png
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-144x144-va9pYs.png

Dropped files

Name	File Type	Hashes
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\Ortiz[1].htm	HTML document, UTF-8 Unicode text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\vendors~app.ad1b5c324e[1].js	ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\preview[1].css	ASCII text, with very long lines	#
Click to see the 68 hidden entries
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\preview-components~shared-file.ff88431f84[1].css	ASCII text, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\messagecenter~preview-components~uploads-manager-enduser.4c14b7f15f[1].js	ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\loading[1].gif	GIF image data, version 89a, 30 x 30	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\jquery-3.1.1.min[1].js	ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\favicon-32x32-VwW37b[1].png	PNG image data, 32 x 32, 8-bit colormap, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\exif.min[1].js	ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\content-sidebar.a7013a9589[1].css	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410[1].svg	SVG Scalable Vector Graphics image	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\shared-file.9493eefcb7[1].js	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\runtime.1abde09726[1].js	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\pdf.worker.min[1].js	ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\lang-en-US.e38312dc59[1].js	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\lang-en-AU~lang-en-CA~lang-en-GB~lang-en-US~lang-en-x-pseudo.57dba5f597[1].js	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\eqit09n816yvtnxs1iqirsq7ectaev7m[1].htm	HTML document, ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\ellipsis_grey_2b5d393db04a5e6e1f739cb266e65b4c[1].svg	SVG Scalable Vector Graphics image	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\ellipsis_635a63d500a92a0b8497cdc58d0f66b1[1].svg	SVG Scalable Vector Graphics image	#
C:\Users\user\AppData\Local\Temp\datDB4D.tmp	OpenType font data	#
C:\Users\user\AppData\Local\Temp\~DFF6C89A18730061FE.TMP	data	#
C:\Users\user\AppData\Local\Temp\~DF957A63CC4223DA9F.TMP	data	#
C:\Users\user\AppData\Local\Temp\~DF8555B65C2B7E7125.TMP	data	#
C:\Users\user\AppData\Local\Temp\datE100.tmp	OpenType font data	#
C:\Users\user\AppData\Local\Temp\datDBFD.tmp	TrueType Font data, 13 tables, 1st "OS/2", 20 names, Macintosh, Original licenceOpenSans-BoldUnknownuniqueIDOpenSans-BoldVersion 0.11UnknownUnknownUnknown	#
C:\Users\user\AppData\Local\Temp\datDBDD.tmp	TrueType Font data, 13 tables, 1st "OS/2", 20 names, Macintosh, Original licenceOpenSans-LightUnknownuniqueIDOpenSans-LightVersion 0.11UnknownUnknownUnknown	#
C:\Users\user\AppData\Local\Temp\datDBCC.tmp	OpenType font data	#
C:\Users\user\AppData\Local\Temp\datDBAC.tmp	TrueType Font data, 13 tables, 1st "OS/2", 20 names, Macintosh, Original licenceOpenSans-RegularUnknownuniqueIDOpenSans-RegularVersion 0.11UnknownUnknownUnknow	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\app.8f4ad58129[1].css	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Temp\datD6C8.tmp	OpenType font data	#
C:\Users\user\AppData\Local\Temp\datD669.tmp	OpenType font data	#
C:\Users\user\AppData\Local\Temp\datD5BD.tmp	OpenType font data	#
C:\Users\user\AppData\Local\Temp\datD57D.tmp	OpenType font data	#
C:\Users\user\AppData\Local\Temp\datB11C.tmp	Web Open Font Format (Version 2), TrueType, length 84396, version 2.983	#
C:\Users\user\AppData\Local\Temp\datB0DC.tmp	Web Open Font Format, TrueType, length 119132, version 1.0	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\uploads-manager-enduser.41330e25db[1].css	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\favicon_a_eupayfgghqiai7k9sol6lg2[1].ico	MS Windows icon resource - 6 icons, 128x128, 16 colors, 72x72, 16 colors	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\53_8b36337037cff88c3df203bb73d58e41[1].png	PNG image data, 342 x 72, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\2_bc3d32a696895f78c19df6c717586a5d[1].svg	SVG Scalable Vector Graphics image	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\shared-file.eeb97be84f[1].css	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\promise[1].js	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\preview-components~shared-file.036fa94865[1].js	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\pdf_viewer.min[1].css	assembler source, ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\messagecenter~preview-components~uploads-manager-enduser.23ae1c6583[1].css	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\font-awesome[1].css	troff or preprocessor input, ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\core.min[1].js	UTF-8 Unicode text, with very long lines, with LF, NEL line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\content[1].jpg	[TIFF image data, big-endian, direntries=5, xresolution=74, yresolution=82, resolutionunit=1], baseline, precision 8, 724x1024, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\as-security~change-current-user-role-modal~collaborators~collection-detail-page~content-explorer-mod~244fdb54.62c4dbb45d[1].js	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\Lato-Regular[1].woff	Web Open Font Format, TrueType, length 119132, version 1.0	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\Lato-Bold[1].woff	Web Open Font Format, TrueType, length 118272, version 1.0	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\po60zt0\imagestore.dat	data	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{FE4053F8-562C-11EB-90E6-ECF4BB82F7E0}.dat	Microsoft Word Document	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{F6FBA45E-562C-11EB-90E6-ECF4BB82F7E0}.dat	Microsoft Word Document	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{F6FBA45C-562C-11EB-90E6-ECF4BB82F7E0}.dat	Microsoft Word Document	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\picker_more_7568a43cf440757c55d2e7f51557ae1f[1].svg	SVG Scalable Vector Graphics image	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\T8DRMTJ1\app.box[1].xml	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\app.3caae0bb80[1].js	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\T.B.%20Penick%20&%20Sons,%20Inc[1].pdf	PDF document, version 1.6	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\Lato-woff[1].css	ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\uploads-manager-enduser.47cb9896f5[1].js	ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\preview[1].js	UTF-8 Unicode text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\preview-components.b6077e4fab[1].css	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\preview-components.04034d91d5[1].js	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\content-sidebar.d7d089246d[1].js	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\picker_account_add_56e73414003cdb676008ff7857343074[1].svg	SVG Scalable Vector Graphics image	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\picker_account_aad_9de70d1c5191d1852a0d5aac28b44a6c[1].svg	SVG Scalable Vector Graphics image	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\pdf_viewer.min[1].js	ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\pdf.min[1].js	ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd[1].svg	SVG Scalable Vector Graphics image	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\messagecenter~uploads-manager-enduser.e83b2dda31[1].js	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\intersection-observer[1].js	ASCII text, with very long lines, with no line terminators	#

https://app.box.com/s/eqit09n816yvtnxs1iqirsq7ectaev7m

Comments

Tags

Available tags:

Details

Joe Sandbox

Third Party Analysis Engines

IPs

Domains

URLs

Dropped files

https://app.box.com/s/eqit09n816yvtnxs1iqirsq7ectaev7m Options

Comments

Tags

Available tags:

Details

Joe Sandbox

Third Party Analysis Engines

IPs

Domains

URLs

Dropped files

Search started

https://app.box.com/s/eqit09n816yvtnxs1iqirsq7ectaev7m