Joe Sandbox Cloud Basic

Want to search on specific fields?


Try our:

Advanced Search

Want to search in depth on all Cloud Basic reports?

Try: Joe Sandbox View

Register Login
sloganpng
top title background image
flash

https://online.pubhtml5.com/whlz/taka/

Status: finished
Submission Time: 2021-02-25 21:07:48 +01:00
Malicious

Comments

Tags

Details

  • Analysis ID:
    358569
  • API (Web) ID:
    619144
  • Analysis Started:
    2021-02-25 21:07:48 +01:00
  • Analysis Finished:
    2021-02-25 21:11:56 +01:00
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
Full Report Management Report IOC Report
malicious
Score: 56
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

malicious

IPs

IP Country Detection
31.13.92.14
 Ireland
13.227.156.43
 United States
13.224.94.26
 United States

Domains

Name IP Detection
scontent.xx.fbcdn.net
 31.13.92.14
d3rhwgcb75mtkj.cloudfront.net
 13.227.156.43
d1cox3gain5yl8.cloudfront.net
 13.224.94.26
Click to see the 3 hidden entries
connect.facebook.net
 0.0.0.0
static.pubhtml5.com
 0.0.0.0
online.pubhtml5.com
 0.0.0.0

URLs

Name Detection
https://twitter.com/intent/tweet?url=
http://www.addthis.com/bookmark.php?v=300&url=
http://digg.com/submit?url=
Click to see the 17 hidden entries
https://online.pubhtml5.com/whlz/taka/#p=1
https://online.pubhtml5.com/whlz/taka/
https://mail.qq.com/
https://online.pubhtml5.com/whlz/taka/#p=1
http://reddit.com/submit?url=
http://www.linkedin.com/shareArticle?url=
http://www.fliphtml5.com
https://player.vimeo.com/api/player.js
https://curepumpiones.com/foldersss
https://hm.baidu.com/hm.js?
https://online.pubhtml5.com/whlz/taka/Root
https://online.pubhtml5.com/whlz/taka/#p=1Root
https://online.pubhtml5.com/favicon.ico~
http://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=
http://www.paypal.com/cgi-bin/webscr?cmd=_cart&upload=1
https://online.pubhtml5.com/whlz/taka/files/shot.jpg
https://www.internalfb.com/intern/invariant/

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\player[1].css
 ASCII text
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9QTQHWWN\visitinfo[1].js
 HTML document, UTF-8 Unicode text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\G62TDH9B\catalog_firstButton[1].png
 PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced
 #
Click to see the 30 hidden entries
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\G62TDH9B\catalog_lastButton[1].png
 PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\G62TDH9B\config[1].js
 ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\G62TDH9B\flipHtml5.hiSlider2.min[1].js
 UTF-8 Unicode text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\G62TDH9B\slide_leftButton[1].png
 PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\favicon[1].ico
 MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\loading[1].gif
 GIF image data, version 89a, 24 x 24
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9QTQHWWN\slide_rightButton[1].png
 PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\sdk[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\sdk[2].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\taka[1].htm
 HTML document, ASCII text, with CRLF, LF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\visitinfo[1].js
 HTML document, UTF-8 Unicode text, with very long lines
 #
C:\Users\user\AppData\Local\Temp\~DF25960FAA17C283EF.TMP
 data
 #
C:\Users\user\AppData\Local\Temp\~DF8D688095D3D83F40.TMP
 data
 #
C:\Users\user\AppData\Local\Temp\~DFEBD97EC9ADA788CD.TMP
 data
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\EQAWN5DV\online.pubhtml5[1].xml
 ASCII text, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9QTQHWWN\phoneTemplate[1].css
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9QTQHWWN\main[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9QTQHWWN\getuserinfo[1].js
 ASCII text, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9QTQHWWN\book_config[1].js
 UTF-8 Unicode (with BOM) text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9QTQHWWN\1[1].jpg
 JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 1391x1800, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3Y2ADQKS\template[1].css
 UTF-8 Unicode (with BOM) text
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3Y2ADQKS\style[1].css
 UTF-8 Unicode (with BOM) text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3Y2ADQKS\slideJS[1].js
 ASCII text, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3Y2ADQKS\jquery-1.9.1.min[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3Y2ADQKS\hiSlider2.min[1].css
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3Y2ADQKS\LoadingJS[1].js
 HTML document, ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\wlm7n14\imagestore.dat
 data
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{B38574C4-77F0-11EB-90E5-ECF4BB2D2496}.dat
 Microsoft Word Document
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{ACE24E76-77F0-11EB-90E5-ECF4BB2D2496}.dat
 Microsoft Word Document
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{ACE24E74-77F0-11EB-90E5-ECF4BB2D2496}.dat
 Microsoft Word Document
 #