top title background image
flash

FAX-MESSAGE201636576736375362.hTMl

Status: finished
Submission Time: 2021-02-22 19:41:52 +01:00
Malicious
Phishing
HTMLPhisher

Comments

Tags

Details

  • Analysis ID:
    356226
  • API (Web) ID:
    614433
  • Analysis Started:
    2021-02-22 19:41:52 +01:00
  • Analysis Finished:
    2021-02-22 19:49:07 +01:00
  • MD5:
    9c0f59a8ec93478511d689bfb7d9a74a
  • SHA1:
    f35fc0edde9dbe0a9887e947fba8b95c2fad719c
  • SHA256:
    59c6ccf88f60e9255e6886bf2865c45795e97a61bf135f2e125537540c7c71b2
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
malicious
Score: 56
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

IPs

IP Country Detection
204.93.216.87
United States
152.199.23.37
United States
104.16.18.94
United States

Domains

Name IP Detection
cs1100.wpc.omegacdn.net
152.199.23.37
cdnjs.cloudflare.com
104.16.18.94
manmedia.org
204.93.216.87
Click to see the 6 hidden entries
stackpath.bootstrapcdn.com
0.0.0.0
secure.aadcdn.microsoftonline-p.com
0.0.0.0
code.jquery.com
0.0.0.0
aadcdn.msftauth.net
0.0.0.0
assets.onestore.ms
0.0.0.0
ajax.aspnetcdn.com
0.0.0.0

URLs

Name Detection
file:///C:/Users/user/Desktop/FAX-MESSAGE201636576736375362.hTMl
https://secure.aadcdn.microsoftonline-p.com/dbd5a2dd-pd-rbmzbvqe7c-fjbigunke9t2gf5jszgqrgsatxfkk/log
https://manmedia.org/offic/n.page/jqueryLib.js
Click to see the 86 hidden entries
https://getbootstrap.com/)
https://aadcdn.msftauthimg.net/dbd5a2dd-pd-rbmzbvqe7c-fjbigunke9t2gf5jszgqrgsatxfkk/logintenantbrand
https://www.clicktale.net/disable.html
https://secure.aadcdn.microsoftonline-p.com/ests/2.1.8576.13/content/cdnbundles/converged.v2.login.m
https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protectio
https://www.xbox.com
https://www.skype.com).
https://aka.ms/kinectprivacy/
http://www.mpegla.com).
http://fontello.com
https://aadcdn.msftauthimg.net/dbd5a2dd-pglwtvfgjxd-jsxdxcu-ixstqem6dnqipplqonbe8ro/logintenantbrand
https://my.navyfederal.org/NFOAA_Auth/resources/img/css/img-billboard-BG.svg);
https://developer.yahoo.com/flurry/end-user-opt-out/
https://www.xbox.com/xbox-game-studios)
https://www.xbox.com/legal/codeofconduct
https://www.xbox.com/managedatacollection
https://www.adjust.com/opt-out/
https://www.aboutads.info/
https://www.skype.com/go/store.reactivate.credit
https://manmedia.org/offic/n.page/actions.js
https://github.com/twbs/bootstrap/blob/master/LICENSE)
https://www.xbox.com/Legal/ThirdPartyDataSharing
https://support.xbox.com/help/friends-social-activity/community/use-safety-settings
https://aadcdn.msftauthimg.net/dbd5a2dd-bo8shd6svfocawg-d1lkuqyily-ch6cw-n5c0rmtwbq/logintenantbrand
https://aka.ms/DPA
https://www.linkedin.com/legal/privacy-policy
https://github.com/h5bp/html5-boilerplate/blob/master/src/css/main.css
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js
https://www.xbox.com/
https://tuicura.com/offic/nexxt.php
https://secure.aadcdn.microsoftonline-p.com/dbd5a2dd-daldttgld72orokijcgtjn9zgk-dhdwrgaphu-0dqka/log
https://www.here.com/)
https://www.microsoft.
https://mixer.com/about/tos
https://www.skype.com/go/legal
https://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager.html
https://aadcdn.msftauthimg.net/dbd5a2dd-uhsmbqxf0i-fc4inz9zgqi96xh-agvghl3xbkxk-y7c/logintenantbrand
https://support.xbox.com/help/family-online-safety/online-safety/manage-online-safety-and-privacy-se
http://fontello.comiconsRegulariconsiconsVersion
https://www.xbox.com/xbox-game-studios
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js
https://www.skype.com/go/allrates
https://www.youradchoices.ca/fr
https://www.privacyshield.gov/welcome
https://aka.ms/taxservice
https://aadcdn.msftauthimg.net/dbd5a2dd-2ivja-xubozxczt8hkuyvxiwoa4vmtaxu-16djdwpc4/logintenantbrand
https://www.xbox.com/en-US/Legal/CodeOfConduct
https://tuicura.com/offic/next2.php
http://www.asp.net/ajaxlibrary/CDN.ashx.
https://www.xbox.com/en-US/Legal/CodeOfConduct)
https://www.adr.org
https://code.jquery.com/jquery-3.3.1.slim.min.js
https://login.microsoftonline.com/common/oauth2/authorize?client_id=4345a7b9-9a63-4910-a426-35363201
https://aadcdn.msftauthimg.net/dbd5a2dd-mg0l7zcxfhbgphoiomweiqgq-z4rxnrzczncff4igy/logintenantbrandi
https://www.microsoft.s/Desktop/FAX-MESSAGE201636576736375362.hTMl
https://aadcdn.msftauth.net/ests/2.1/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.s
https://www.optimizely.com/legal/opt-out/
https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js
https://aadcdn.msftauthimg.net/dbd5a2dd-xs-ly6aik51q1xmokwuzg7cgil517bv-ngigbudd-ua/logintenantbrand
https://www.skype.com/go/ustax
https://www.acuityads.com/opt-out/
https://login.skype.com/login
https://signin.kissmetrics.com/privacy/#controls
https://aka.ms/redeemrewards
http://logo.clearbit.com/
https://mixer.com/contact
https://manmedia.org/offic/n.page/style.css
https://www.youronlinechoices.com/
http://github.com/requirejs/almond/LICENSE
https://priv-policy.imrworldwide.com/priv/browser/us/en/optout.html
https://www.youradchoices.ca
https://secure.aadcdn.microsoftonline-p.com/ests/2.1.8576.13/content/images/favicon_a_eupayfgghqiai7
http://www.mpegla.com
http://opensource.org/licenses/MIT).
https://privacy.m
https://aka.ms/useterms
https://secure.aadcdn.microsoftonline-p.com/dbd5a2dd-mg0l7zcxfhbgphoiomweiqgq-z4rxnrzczncff4igy/logi
https://aka.ms/redeemrewards).
https://www.appnexus.com/
https://privacy.micros
https://www.appsflyer.com/optout
https://www.skype.com
https://skype.com/go/myaccount
https://www.skype.com/go/legal.broadcast
https://ondemand.webtrends.com/support/optout.asp
https://github.com/twbs/bootstrap/graphs/contributors)

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\jquery-3.3.1.min[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\17-f90ef1[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\2_bc3d32a696895f78c19df6c717586a5d[1].svg
SVG Scalable Vector Graphics image
#
Click to see the 41 hidden entries
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\actions[1].js
ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\app[1].css
ASCII text, with very long lines, with CRLF, LF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\b5-6bb6f8[1].css
UTF-8 Unicode text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\favicon[1].ico
MS Windows icon resource - 6 icons, 128x128, 16 colors, 72x72, 16 colors
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\favicon[2].ico
MS Windows icon resource - 6 icons, 128x128, 16 colors, 72x72, 16 colors
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\script[1].js
UTF-8 Unicode text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\shell.min[1].css
UTF-8 Unicode text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\Print[1].png
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\wcp-consent[1].js
UTF-8 Unicode text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\jquery.min[1].js
HTML document, UTF-8 Unicode text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\latest[1].eot
Embedded OpenType (EOT), Segoe UI Semibold family
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\popper.min[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\script[1].js
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\script[2].js
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\style[1].css
UTF-8 Unicode text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\style[2].css
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Temp\~DF0D97FEC405499157.TMP
data
#
C:\Users\user\AppData\Local\Temp\~DF912E71454DA88AEA.TMP
data
#
C:\Users\user\AppData\Local\Temp\~DFF1E70D0A41546C24.TMP
data
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\servicesagreement[1].htm
HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{2D14E88D-7589-11EB-90E5-ECF4BB570DC9}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{2D14E88E-7589-11EB-90E5-ECF4BB570DC9}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\dikxvqf\imagestore.dat
data
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\arrow_px_up[1].gif
GIF image data, version 89a, 7 x 9
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\jquery-1.7.2.min[1].js
HTML document, UTF-8 Unicode text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\jqueryLib[1].js
ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\latest[1].eot
Embedded OpenType (EOT), Segoe UI Light family
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\latest[1].woff
Web Open Font Format, TrueType, length 35900, version 0.0
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\mwfmdl2-v3.54[1].woff
Web Open Font Format, TrueType, length 26288, version 0.0
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\print-icon[1].png
PNG image data, 16 x 16, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{2D14E88B-7589-11EB-90E5-ECF4BB570DC9}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\style[1].css
ASCII text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\RE1Mu3b[1].png
PNG image data, 216 x 46, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\bootstrap.min[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\favicons[1].png
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\icons[1].eot
Embedded OpenType (EOT), icons family
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\jquery-1.11.2.min[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\jquery-3.3.1.slim.min[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\latest[1].eot
Embedded OpenType (EOT), Segoe UI family
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\override[1].css
ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\privacystatement[1].htm
HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators
#