top title background image
flash

https://architectchintanvirani.com/1/2support/index.php?email=mmaye4@uottawa.ca

Status: finished
Submission Time: 2021-02-22 20:55:37 +01:00
Malicious
Phishing
HTMLPhisher

Comments

Tags

Details

  • Analysis ID:
    356287
  • API (Web) ID:
    614557
  • Analysis Started:
    2021-02-22 20:55:37 +01:00
  • Analysis Finished:
    2021-02-22 20:59:00 +01:00
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
malicious
Score: 64
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

malicious
Score: 6/79
malicious

IPs

IP Country Detection
35.214.201.112
United States
173.237.190.111
United States
104.129.25.9
United States
Click to see the 1 hidden entries
104.16.19.94
United States

Domains

Name IP Detection
www.politikesgeuseis.gr
35.214.201.112
openplaywcowuk.gb.net
104.129.25.9
cdnjs.cloudflare.com
104.16.19.94
Click to see the 6 hidden entries
architectchintanvirani.com
173.237.190.111
stackpath.bootstrapcdn.com
0.0.0.0
ka-f.fontawesome.com
0.0.0.0
code.jquery.com
0.0.0.0
kit.fontawesome.com
0.0.0.0
maxcdn.bootstrapcdn.com
0.0.0.0

URLs

Name Detection
https://www.politikesgeuseis.gr/cricl/oauth/site/service/demp.php?email=info@dell.com#
https://openplaywcowuk.gb.net/qwehbgfvdcfvtbgrvfecd/QXNpYQ==22-02-202107-56-25pm3803fe4e995ba53820d5309dd609ff4d2cc7b4d82702293091209e3ad38ed14aNHZVVml0czVCRkxRWmswVUVzPQ==UGFraXN0YW4=VUVzPQ==4vUVits5BFLQZk0/?Key=QXNpYQ==22-02-202107-56-25pm3803fe4e995ba53820d5309dd609ff4d2cc7b4d82702293091209e3ad38ed14aNHZVVml0czVCRkxRWmswVUVzPQ==UGFraXN0YW4=VUVzPQ==4vUVits5BFLQZk0&rand=13InboxLightaspxn_QXNpYQ==22-02-202107-56-25pm3803fe4e995ba53820d5309dd609ff4d2cc7b4d82702293091209e3ad38ed14aNHZVVml0czVCRkxRWmswVUVzPQ==UGFraXN0YW4=VUVzPQ==4vUVits5BFLQZk0_NHZVVml0czVCRkxRWmsw-&21613cde29049b3c91b62de76cfc8570a2e0ec37b8668ec5d246bab8a58db410#mmaye4@uottawa.ca
https://www.politikesgeuseis.gr/cricl/oauth/site/service/demp.php?email=info
Click to see the 28 hidden entries
https://fontawesome.com
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
https://kit.fontawesome.com/585b051251.js
http://opensource.org/licenses/MIT).
https://github.com/twbs/bootstrap/blob/master/LICENSE)
http://getbootstrap.com)
https://architectchintanvirani.com/1/2support/index.php?email=mmaye4
https://melissadatawde.ru/ghyjunhtbgvsadrbt18feb/next.php
https://openplaywcowuk.gb.net/qwehbgfvdcfvtbgrvfecd/?sicmalsnj3f3=83djnskjac4fr
https://getbootstrap.com)
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
https://github.com/twbs/bootstrap/graphs/contributors)
https://kit.fontawesome.com
https://openplaywcowuk.gb.net/qwehbgfvdcfvtbgrvfecd/?sicmalsnj3f3=83djnskjac4fr#mmaye4
http://fontawesome.io/license
https://fontawesome.com/license/free
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
https://code.jquery.com/jquery-3.3.1.js
https://fontawesome.comhttps://fontawesome.comFont
https://www.politikesg.gb.net/qwehbgfvdcfvtbgrvfecd/QXNpYQ==22-02-202107-56-25pm3803fe4e995ba53820d5
https://getbootstrap.com/)
https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
https://openplaywcowuk.gb.net/qwehbgfvdcfvtbgrvfecd/QXNpYQ==22-02-202107-56-25pm3803fe4e995ba53820d5
https://code.jquery.com/jquery-3.1.1.min.js
https://code.jquery.com/jquery-3.2.1.slim.min.js
https://ka-f.fontawesome.com
https://openplaywcowukanvirani.com/1/2support/index.php?email=mmaye4
http://fontawesome.io

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\QXNpYQ==22-02-202107-56-25pm3803fe4e995ba53820d5309dd609ff4d2cc7b4d82702293091209e3ad38ed14aNHZVVml0czVCRkxRWmswVUVzPQ==UGFraXN0YW4=VUVzPQ==4vUVits5BFLQZk0[1].htm
HTML document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\popper.min[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Temp\~DFDD76AF591DFFF30C.TMP
data
#
Click to see the 28 hidden entries
C:\Users\user\AppData\Local\Temp\~DFD7E45C6E89F63922.TMP
data
#
C:\Users\user\AppData\Local\Temp\~DF5C6855DB7C39EC1D.TMP
data
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\mem5YaGs126MiZpBA-UN7rgOUuhv[1].woff
Web Open Font Format, TrueType, length 18900, version 1.1
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\free-fa-solid-900[1].eot
Embedded OpenType (EOT), Font Awesome 5 Free Solid family
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\bootstrap.min[2].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\bootstrap.min[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\bootstrap.min[1].css
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\KFOlCnqEu92Fr1MmWUlfBBc-[1].woff
Web Open Font Format, TrueType, length 20356, version 1.1
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\jquery.min[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\jquery-3.2.1.slim.min[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\jquery-3.1.1.min[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\free-fa-regular-400[1].eot
Embedded OpenType (EOT), Font Awesome 5 Free Regular family
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\css[1].css
ASCII text
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\qwehbgfvdcfvtbgrvfecd[1].htm
HTML document, ASCII text
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{78E9B5C6-7593-11EB-90E4-ECF4BB862DED}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\mem8YaGs126MiZpBA-UFVZ0d[1].woff
Web Open Font Format, TrueType, length 18100, version 1.1
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\font-awesome.min[1].css
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\favicons[1].png
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\css[1].css
ASCII text
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\QXNpYQ==22-02-202107-56-25pm3803fe4e995ba53820d5309dd609ff4d2cc7b4d82702293091209e3ad38ed14aNHZVVml0czVCRkxRWmswVUVzPQ==UGFraXN0YW4=VUVzPQ==4vUVits5BFLQZk0[1].htm
HTML document, ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\KFOmCnqEu92Fr1Mu4mxM[1].woff
Web Open Font Format, TrueType, length 20268, version 1.1
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\free.min[1].css
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\free-v4-shims.min[1].css
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\favicons[1].png
PNG image data, 16 x 16, 8-bit/color RGB, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\585b051251[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\ynfz0jx\imagestore.dat
data
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{7F62BA04-7593-11EB-90E4-ECF4BB862DED}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{78E9B5C8-7593-11EB-90E4-ECF4BB862DED}.dat
Microsoft Word Document
#