top title background image
flash

http://huehiufkerfpvkm.craetivehc.com/x/ZGllZ28uZmVycmVpcm9Ad2l6aW5rLmVz

Status: finished
Submission Time: 2021-01-27 17:14:09 +01:00
Malicious
Phishing
HTMLPhisher

Comments

Tags

Details

  • Analysis ID:
    345082
  • API (Web) ID:
    592079
  • Analysis Started:
    2021-01-27 17:14:09 +01:00
  • Analysis Finished:
    2021-01-27 17:18:10 +01:00
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
malicious
Score: 80
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

malicious

IPs

IP Country Detection
20.81.200.229
United States
40.84.135.214
United States
91.199.212.52
United Kingdom

Domains

Name IP Detection
docs-sharedourlooksecuredloging.onlinerslog.fit
40.84.135.214
crt.sectigo.com
91.199.212.52
huehiufkerfpvkm.craetivehc.com
20.81.200.229
Click to see the 1 hidden entries
zerossl.crt.sectigo.com
0.0.0.0

URLs

Name Detection
http://huehiufkerfpvkm.craetivehc.com/x/ZGllZ28uZmVycmVpcm9Ad2l6aW5rLmVzRoot
https://docs-sharedourlooksecuredloging.onlinerslog.fit/x/home?MTYxMTc2NDEwODBhNTQ0ZjBlY2JkM2NmYjc4MjcyYTZlM2E2YmYwNjMwNmFhNDM5N2U0NzlhMDZiMDQ2ZGI5Y2RlMTIxMjZlZmZmMThlOGRkNQ==&data=ZGllZ28uZmVycmVpcm9Ad2l6aW5rLmVz&email=diego.ferreiro@wizink.es&MTYxMTc2NDEwOGExZTE4OGY1ZTFlNTA0ZjViN2NkMDRhNzdhODlhMWY1NzRkZDE3OGEwNTI3ZjA2N2E1NGU3OWM0ZDU0YjQ0MjQ1YTZiMjBlYQ==%3D
http://huehiufkerfpvkm.craetivehc.com/x/ZGllZ28uZmVycmVpcm9Ad2l6aW5rLmVz
Click to see the 7 hidden entries
https://docs-sharedourlooksecuredloging.onlinerslog.fit/x/lib/img/favicon.ico~(
https://docs-sharedourlooksecuredloging.onlinerslog.fit/x/?diego.ferreiro
https://docs-sharedourlooksecuredloging.onlinerslog.fit/x/home?MTYxMTc2NDEwODBhNTQ0ZjBlY2JkM2NmYjc4M
https://docs-sharedour.craetivehc.com/x/ZGllZ28uZmVycmVpcm9Ad2l6aW5rLmVzlooksecuredloging.onlinerslo
http://zerossl.crt.sectigo.com/ZeroSSLRSADomainSecureSiteCA.crt
https://docs-sharedourlooksecuredloging.onlinerslog.fit/x/lib/img/favicon.ico
https://docs-sharedourlooksecuredloging.onlinerslog.fit/x/lib/img/favicon.ico~

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\home[1].htm
HTML document, UTF-8 Unicode text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\favicon[1].ico
MS Windows icon resource - 6 icons, 128x128, 16 colors, 72x72, 16 colors
#
C:\Users\user\AppData\Local\Temp\~DFD27693C6AAB55A24.TMP
data
#
Click to see the 15 hidden entries
C:\Users\user\AppData\Local\Temp\~DF356D71385CE4B18E.TMP
data
#
C:\Users\user\AppData\Local\Temp\~DF12B82F2018A6403B.TMP
data
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\logo3[1].png
PNG image data, 342 x 72, 4-bit colormap, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\login[1].css
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\white_ellipsis[1].svg
SVG Scalable Vector Graphics image
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\arrow[1].svg
SVG Scalable Vector Graphics image
#
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\10BDC45B4A27319429BBC4F08A4E8A10
data
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\ZGllZ28uZmVycmVpcm9Ad2l6aW5rLmVz[1].htm
HTML document, ASCII text
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\logo2[1].svg
SVG Scalable Vector Graphics image
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\background[1].jpg
[TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2], progressive, precision 8, 1920x1080, frames 3
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\dikxvqf\imagestore.dat
data
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{4994EEBB-6106-11EB-90E5-ECF4BB570DC9}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{3F72F0F0-6106-11EB-90E5-ECF4BB570DC9}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{3F72F0EE-6106-11EB-90E5-ECF4BB570DC9}.dat
Microsoft Word Document
#
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\10BDC45B4A27319429BBC4F08A4E8A10
data
#