https://ww-agf.primside.ga/YW5keS5rb2NoYXJAYWdmLmNvbQ==

Status: finished

Submission Time: 2021-01-27 15:12:05 +01:00

Malicious

Phishing

HTMLPhisher

Comments

Details

Analysis ID:
344972
API (Web) ID:
591864
Analysis Started:

2021-01-27 15:12:05 +01:00
Analysis Finished:

2021-01-27 15:19:19 +01:00
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
	Full Report Management Report IOC Report	malicious Score: 72	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

malicious

IPs

IP	Country	Detection
172.217.22.225	United States
208.89.12.87	United States
151.101.1.192	United States
Click to see the 7 hidden entries
172.67.70.208	United States
162.241.67.201	United States
239.255.255.250	Reserved
192.229.221.185	United States
35.181.18.61	United States
143.204.11.14	United States
152.199.23.37	United States

Domains

Name	IP	Detection
lpcdn.lpsnmedia.net	0.0.0.0
lptag.liveperson.net	0.0.0.0
amp.azure.net	0.0.0.0
Click to see the 22 hidden entries
publisher.liveperson.net	0.0.0.0
bingexplore.azurewebsites.net	0.0.0.0
clients2.googleusercontent.com	0.0.0.0
mem.gfx.ms	0.0.0.0
static-assets.fs.liveperson.com	0.0.0.0
ajax.aspnetcdn.com	0.0.0.0
assets.onestore.ms	0.0.0.0
aadcdn.msauth.net	0.0.0.0
aadcdn.msftauth.net	0.0.0.0
accdn.lpsnmedia.net	0.0.0.0
cdn.clipart.email	172.67.70.208
logincdn.msauth.net	0.0.0.0
googlehosted.l.googleusercontent.com	172.217.22.225
liveperson.map.fastly.net	151.101.1.192
snowtike.cf	162.241.67.201
mcraa.fs.liveperson.com	3.218.234.129
cs1227.wpc.alphacdn.net	192.229.221.185
va.v.liveperson.net	208.89.12.87
dh1y47vf5ttia.cloudfront.net	143.204.11.14
ww-agf.primside.ga	162.241.67.201
microsoftwindows.112.2o7.net	35.181.18.61
cs1100.wpc.omegacdn.net	152.199.23.37

URLs

Name	Detection
https://snowtike.cf/aU5Y9Sr7Z6nkVtcMyiIpNePqHXJB2lRLsfwzhEm0FO8Tgv4GjAKboCQ13DuxsceumNbRTPlWDO7y0hz8gE9x42XrYApiqajkfS1LM6nZJUQ3HtCwvVoIKGB5yFRDtqlKkLAUm3E7Mr6if2o08InaYbpOZ1BV4h9N5gexzGTXWJvSQPwCusjc23JnlRX9s0gPyOpcFuHMh7Qv4jkBrowibSq1zNt56VImCeZfaDKxEYUAWL8T/lFXaUGxqWkQEj2DLgt5cJRZwCnAP3Mp9SNBv4HVhK61u8fmTybeo7z0sIiYr.php
https://amp.azure.net/libs/amp/1.8.0/azuremediaplayer.min.js
https://liveperson.net/
Click to see the 51 hidden entries
https://publisher.liveperson.net/iframe-le-tag/iframe.html?lpsite=60270350&lpsection=store-sales-de-ch&buttons=lpChatService,lpChatSales
https://accdn.lpsnmedia.net/api/account/60270350/configuration/engagement-window/window-confs/164451
https://mem.gfx.ms/meversion?partner=OfficeProducts&market=de-ch&uhf=1
https://logincdn.msauth.net/16.000/content/js/MeControl_cfDm2fEwfL1YuSiw8j6tzA2.jsaD
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.11.2.min.js
https://mem.gfx.ms/scripts/me/MeControl/10.20321.2/de-DE/meCore.min.jsaD
https://cdn.clipart.email/de08a54070b0e35e96d77ab05a6eea4a_microsoft-logo-transparent-png-picture-75
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.7.2.min.jsaD
https://snowtike.cf
https://lpcdn.lpsnmedia.net/le_re/3.43.0.1-release_5028/jsv2/overlay.js?_v=3.43.0.1-release_5028
https://ajax.aspnetcdn.com/
https://lpcdn.lpsnmedia.net
https://mem.gfx.ms/scripts/me/MeControl/10.20321.2/de-DE/meBoot.min.jsaD
https://snowtike.cf/andy.kochar
https://aadcdn.msftauth.net
https://cdn.clipart.email
https://clients2.googleusercontent.com
https://mem.gfx.ms/scripts/me/MeControl/10.20321.2/de-DE/meCore.min.js
https://mem.gfx.ms/scripts/me/MeControl/10.20321.2/en-US/meBoot.min.js
https://static-assets.fs.liveperson.com/microsoft/lp_ada_enhancements-prod.js
https://aadcdn.msauth.net
https://feedback.googleusercontent.com
https://snowtike.cf/aU5Y9Sr7Z6nkVtcMyiIpNePqHXJB2lRLsfwzhEm0FO8Tgv4GjAKboCQ13DuxsceumNbRTPlWDO7y0hz8
https://lptag.liveperson.net/lptag/api/account/60270350/configuration/applications/taglets/.jsonp?v=
https://lptag.liveperson.net/tag/tag.js?site=60270350
https://publisher.liveperson.net/iframe-le-tag/iframe.html?lpsite=60270350&lpsection=store-sales-de-
https://accdn.lpsnmedia.net/api/account/60270350/configuration/setting/accountproperties/?cb=lpCb223
https://publisher.liveperson.net-_https://publisher.liveperson.net
https://lpcdn.lpsnmedia.net(_https://lpcdn.lpsnmedia.net
https://publisher.liveperson.net/
https://liveperson.net//
https://consentreceiverfd-prod.azurefd.net/v1
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.11.2.min.jsaD
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.7.2.min.js
https://mem.gfx.ms/meversion?partner=OfficeProducts&market=en-us&uhf=1
https://accdn.lpsnmedia.net/api/account/60270350/configuration/le-campaigns/zones?fields=id&fields=z
https://lpcdn.lpsnmedia.net/
https://live.com/
https://assets.onestore.ms/
https://lpcdn.lpsnmedia.net/le_secure_storage/3.12.0.0-release_5037/storage.secure.min.html?loc=http
https://lpcdn.lpsnmedia.net/le_re/3.43.0.1-release_5028/jsv2/UISuite.js?_v=3.43.0.1-release_5028
https://publisher.liveperson.net
https://a.nel.cloudflare.com/report?s=fHk66Wobqmp1oRWQAGcEYYR9LG79ETz6PsBQ0Jf4Z8Lqd4gGsWKYC0MH%2BTUX
https://mem.gfx.ms/scripts/me/MeControl/10.20321.2/de-DE/meBoot.min.js
https://accdn.lpsnmedia.net/api/account/60270350/configuration/le-campaigns/campaigns/1644274130/eng
https://mem.gfx.ms/meversion?partner=MSHomePage&market=de-ch&uhf=1
https://lpcdn.lpsnmedia.net/le_secure_storage/3.12.0.0-release_5037/storage.secure.min.js?loc=https%
https://dns.google
https://accdn.lpsnmedia.net/api/account/60270350/configuration/setting/accountproperties/?cb=lpCb321
https://mem.gfx.ms/scripts/me/MeControl/10.20321.2/en-US/meCore.min.js
https://logincdn.msauth.net/16.000/content/js/MeControl_cfDm2fEwfL1YuSiw8j6tzA2.js

Dropped files

Name	File Type	Hashes
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d0581f11f03b3afc_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal	data	#
Click to see the 97 hidden entries
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies	SQLite 3.x database, last written using SQLite version 3032001	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ff3254c380ce1732_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\fbfb01c217345625_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f50f7e3b3653a201_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f4de1fe6dac9263c_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f46ad1d2652b0b43_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e4b9b26cef092fbf_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e4b92c98510f85ab_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\dc2be4daef321d91_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d351c2e105cdeba7_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ac17804cac642505_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9a5575bef7c495dc_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9299ed2c4c7a3963_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8f3c2e2c260a7099_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\781980b07f1bb38f_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\778b8f5c60850b23_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\73b12b162f1cf8a7_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\72090e93af2b3d0c_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6b848a87f40dd230_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6aa8f657d25858ac_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\67ff2080fc2646fa_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_publisher.liveperson.net_0.indexeddb.leveldb\MANIFEST-000001	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_publisher.liveperson.net_0.indexeddb.leveldb\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_publisher.liveperson.net_0.indexeddb.leveldb\000003.log	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_publisher.liveperson.net_0.indexeddb.leveldb\000001.dbtmp	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_lpcdn.lpsnmedia.net_0.indexeddb.leveldb\MANIFEST-000001	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_lpcdn.lpsnmedia.net_0.indexeddb.leveldb\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_lpcdn.lpsnmedia.net_0.indexeddb.leveldb\000003.log	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_lpcdn.lpsnmedia.net_0.indexeddb.leveldb\000001.dbtmp	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History	SQLite 3.x database, last written using SQLite version 3032001	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5db4ad138a5b020e_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons	SQLite 3.x database, last written using SQLite version 3032001	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_1\_metadata\computed_hashes.json	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\8a43084a-5b1a-4f82-a744-0c7659b27bab.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\89a2b4b8-8744-4d1a-b469-cd599255f02a.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\845fcbde-0615-40a5-a17a-11be9d8a03ec.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\7302de00-9c6e-4b9a-adf1-843a7291d8a1.tmp	very short file (no magic)	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\56d9fc6a-e8f3-441c-8f65-98dc89e5d5b5.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\4f8c529e-b48c-4147-9d8f-c3900f6e629c.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\38c897cf-f38c-4142-8c40-3a54566787eb.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\27bda5cb-db84-4d48-b6fe-4b6986678f30.tmp	UTF-8 Unicode text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1ffb1c12-8e67-4610-a43d-85a8d7ad61f5.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1c7dc873-96c8-4ccf-8476-d32acdbc1b74.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\0ec8195d-560a-4721-94a6-7f51dcf513a3.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\9d17ae73-80d1-44df-88ca-efb8d7627f86.tmp	SysEx File -	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\830f6d71-f14f-4425-8444-d8ae53d174d3.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\73c6fcfb-0b6e-4010-af7a-42ae04fc98c1.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\4f2c1bd8-04b1-4009-ad36-945037dc656f.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\4ce0e581-54d2-47b1-8286-57ad74f4e6e6.tmp	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\2c10c6a5-25c7-421d-8ca9-0039863da4c8.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\2a54a5ad-1e43-40c1-bc9b-ca30dc5e385d.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\234bde21-9b5e-4d37-bad0-e7e113540445.tmp	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\0129cfb3-5ed5-4d93-8a1b-66c6235633e3.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506	data	#
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506	Microsoft Cabinet archive data, 59134 bytes, 1 file	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\330c4816a9e28618_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5ce38a7727ba7508_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5a0d44391b90ff78_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5775d7ea69d43f30_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\560eb50eaa655bc7_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\547db41b413d52f1_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\50030ae951750ff1_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\4ac2f448771ab57b_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\462d64d34aad30da_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\43fb384703621b6c_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\431ab35fa84a13dd_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3b99dc3d3bc104fb_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\359022573035c25f_0	data	#
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\309184ad59030aa2_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\2e8df38f3f8fb595_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\22fb0e1969c285c1_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\176d14383a4cd8c3_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\166ee82c52b87e97_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\145375f6fd9456d5_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\11a58c3d643cb456_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\0ab0a6b6ec5e900e_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\094e2d6bf2abec98_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\0464521381b40578_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\00add0752dc81105_0	data	#

https://ww-agf.primside.ga/YW5keS5rb2NoYXJAYWdmLmNvbQ==

Comments

Tags

Available tags:

Details

Joe Sandbox

Third Party Analysis Engines

IPs

Domains

URLs

Dropped files

https://ww-agf.primside.ga/YW5keS5rb2NoYXJAYWdmLmNvbQ== Options

Comments

Tags

Available tags:

Details

Joe Sandbox

Third Party Analysis Engines

IPs

Domains

URLs

Dropped files

Search started

https://ww-agf.primside.ga/YW5keS5rb2NoYXJAYWdmLmNvbQ==