https://pro-bee-beepro-messages.s3.amazonaws.com/643069/625197/1218256/5967655.html

Status: finished

Submission Time: 2021-03-05 20:20:02 +01:00

Malicious

Phishing

Trojan

HTMLPhisher

Comments

Details

Analysis ID:
364079
API (Web) ID:
630218
Analysis Started:

2021-03-05 20:20:03 +01:00
Analysis Finished:

2021-03-05 20:27:01 +01:00
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
	Full Report Management Report IOC Report	malicious Score: 68	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

IPs

IP	Country	Detection
107.174.240.63	United States
52.206.27.160	United States
172.217.23.33	United States
Click to see the 9 hidden entries
52.218.20.57	United States
239.255.255.250	Reserved
192.229.221.185	United States
152.199.23.37	United States
143.204.2.84	United States
208.89.12.87	United States
151.101.1.192	United States
15.237.76.117	United States
104.16.19.94	United States

Domains

Name	IP	Detection
ffdas.duckdns.org	107.174.240.63
statics-eus.onestore.ms	0.0.0.0
statics-neu.onestore.ms	0.0.0.0
Click to see the 29 hidden entries
mem.gfx.ms	0.0.0.0
assets.onestore.ms	0.0.0.0
aadcdn.msftauth.net	0.0.0.0
statics-eas.onestore.ms	0.0.0.0
bingexplore.azurewebsites.net	0.0.0.0
statics-wcus.onestore.ms	0.0.0.0
logincdn.msauth.net	0.0.0.0
static-assets.fs.liveperson.com	0.0.0.0
lptag.liveperson.net	0.0.0.0
clients2.googleusercontent.com	0.0.0.0
code.jquery.com	0.0.0.0
publisher.liveperson.net	0.0.0.0
accdn.lpsnmedia.net	0.0.0.0
pro-bee-beepro-messages.s3.amazonaws.com	0.0.0.0
amp.azure.net	0.0.0.0
ajax.aspnetcdn.com	0.0.0.0
va.v.liveperson.net	0.0.0.0
lpcdn.lpsnmedia.net	0.0.0.0
googlehosted.l.googleusercontent.com	172.217.23.33
s3-3-w.amazonaws.com	52.218.20.57
liveperson.map.fastly.net	151.101.1.192
mcraa.fs.liveperson.com	3.214.119.212
cs1227.wpc.alphacdn.net	192.229.221.185
liveperson.teridion.systems	208.89.12.87
dh1y47vf5ttia.cloudfront.net	143.204.2.84
rebrand.ly	52.206.27.160
cdnjs.cloudflare.com	104.16.19.94
microsoftwindows.112.2o7.net	15.237.76.117
cs1100.wpc.omegacdn.net	152.199.23.37

URLs

Name	Detection
https://ffdas.duckdns.org/Priv8/Priv8/Priv8/
https://ffdas.duckdns.org/Priv8/Priv8/Priv8/
https://ffdas.duckdns.org/Priv8/Priv8/Priv8/Sign
Click to see the 66 hidden entries
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.11.2.min.js
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.7.2.min.jsaD
https://logincdn.msauth.net/16.000/content/js/MeControl_mDEQjNo-v8fzxvfr-ss1Pw2.jsaD
https://pro-bee-beepro-messages.s3.amazonaws.com/643069/625197/1218256/5967655.html
https://pro-bee-beepro-messages.s3.amazonaws.com/643069/625197/1218256/5967655.html
https://mem.gfx.ms/scripts/me/MeControl/10.21035.1/de-DE/meBoot.min.jsaD
https://code.jquery.com
https://ajax.aspnetcdn.com/
https://mem.gfx.ms/meversion?partner=OfficeProducts&market=de-ch&uhf=1
https://liveperson.net/V
https://accdn.lpsnmedia.net/api/account/60270350/configuration/engagement-window/window-confs/164451
https://publisher.liveperson.net/iframe-le-tag/iframe.html?lpsite=60270350&lpsection=store-sales-de-ch&buttons=lpChatService,lpChatSales
https://rebrand.ly/6d978Y
https://mem.gfx.ms/meversion?partner=Surface&market=de-ch&uhf=1
https://code.jquery.com/jquery-3.1.1.min.js
https://aadcdn.msftauth.net
https://ffdas.duckdns.org/
https://accdn.lpsnmedia.net/api/account/60270350/configuration/setting/accountproperties/?cb=lpCb986
https://lptag.liveperson.net/tag/tag.js?site=60270350
https://lptag.liveperson.net/lptag/api/account/60270350/configuration/applications/taglets/.jsonp?v=
https://feedback.googleusercontent.com
https://static-assets.fs.liveperson.com/microsoft/lp_ada_enhancements-prod.js
https://liveperson.net/b#
https://clients2.googleusercontent.com
https://lpcdn.lpsnmedia.net/le_re/3.43.0.1-release_5028/jsv2/overlay.js?_v=3.43.0.1-release_5028
https://amp.azure.net/libs/amp/1.8.0/azuremediaplayer.min.jsaD
https://amp.azure.net/libs/amp/1.8.0/azuremediaplayer.min.jsa
https://mem.gfx.ms/scripts/me/MeControl/10.21035.1/de-DE/meCore.min.js
https://amp.azure.net/libs/amp/1.8.0/azuremediaplayer.min.js
https://a.nel.cloudflare.com/report?s=DG8Quwy6re3M91Qos772gNSdV7XDhGCQLkYCf46w7cNAYlSc9nRQb%2BrZnc%2
https://liveperson.net/~
https://liveperson.net/
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.11.2.min.jsaD
https://lpcdn.lpsnmedia.net/
https://logincdn.msauth.net/16.000/content/js/MeControl_mDEQjNo-v8fzxvfr-ss1Pw2.js
https://accdn.lpsnmedia.net/api/account/60270350/configuration/le-campaigns/zones?fields=id&fields=z
https://mem.gfx.ms/scripts/me/MeControl/10.21035.1/de-DE/meCore.min.jsaD
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.7.2.min.js
http://amp.azure.net/libs/amp/
https://accdn.lpsnmedia.net/api/account/60270350/configuration/setting/accountproperties/?cb=lpCb971
https://mem.gfx.ms/scripts/me/MeControl/10.21035.1/de-DE/meBoot.min.js
https://live.com/
https://consentreceiverfd-prod.azurefd.net/v1
https://rebrand.ly/6d9780
https://rebrand.ly/6d978
https://publisher.liveperson.net/
https://lpcdn.lpsnmedia.net(_https://lpcdn.lpsnmedia.net
https://publisher.liveperson.net-_https://publisher.liveperson.net
https://accdn.lpsnmedia.net/api/account/60270350/configuration/setting/accountproperties/?cb=lpCb144
https://pro-bee-beepro-messages.s3.amazonaws.com/643069/625197/1218256/5967655.html2:
https://assets.onestore.ms/
https://lpcdn.lpsnmedia.net
https://aadcdn.msftauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
https://dns.google
https://cdnjs.cloudflare.com/
https://lpcdn.lpsnmedia.net/le_secure_storage/3.12.0.0-release_5037/storage.secure.min.js?loc=https%
https://mem.gfx.ms/meversion?partner=MSHomePage&market=de-ch&uhf=1
https://accdn.lpsnmedia.net/api/account/60270350/configuration/le-campaigns/campaigns/1644274130/eng
https://rebrand.ly/6d978Sign
https://publisher.liveperson.net
https://lpcdn.lpsnmedia.net/le_re/3.43.0.1-release_5028/jsv2/UISuite.js?_v=3.43.0.1-release_5028
https://cdnjs.cloudflare.com
https://pro-bee-beepro-messages.s3.amazonaws.com/643069/625197/1218256/5967655.html/
https://lpcdn.lpsnmedia.net/le_secure_storage/3.12.0.0-release_5037/storage.secure.min.html?loc=http
https://pro-bee-beepro-messages.s3.amazonaws.com/643069/625197/1218256/5967655.html2
https://publisher.liveperson.net/iframe-le-tag/iframe.html?lpsite=60270350&lpsection=store-sales-de-

Dropped files

Name	File Type	Hashes
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\aaf69a3442bd52cc_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ff3254c380ce1732_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\fbfb01c217345625_0	data	#
Click to see the 97 hidden entries
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f809066e4876de09_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f46ad1d2652b0b43_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f400745d60269123_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f2dc0e70f1c715ad_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f02653fb37768483_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e4b9b26cef092fbf_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e4b92c98510f85ab_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e11ae17e8ade2df1_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d5db3b76f36a3d39_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c85b0b52a65f7bf1_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies	SQLite 3.x database, last written using SQLite version 3032001	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a28564b05f7fa3cb_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9a5575bef7c495dc_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9a34a7eeed0c2f32_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\92c7f6616b55c342_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9299ed2c4c7a3963_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9196aec62f33f79f_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8f3c2e2c260a7099_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8664dce38f69ed75_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8591e0c5755acc61_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\781980b07f1bb38f_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\72090e93af2b3d0c_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_lpcdn.lpsnmedia.net_0.indexeddb.leveldb\MANIFEST-000001	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_lpcdn.lpsnmedia.net_0.indexeddb.leveldb\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_lpcdn.lpsnmedia.net_0.indexeddb.leveldb\000005.ldb	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_lpcdn.lpsnmedia.net_0.indexeddb.leveldb\000004.log	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_lpcdn.lpsnmedia.net_0.indexeddb.leveldb\000003.log	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_lpcdn.lpsnmedia.net_0.indexeddb.leveldb\000001.dbtmp	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History	SQLite 3.x database, last written using SQLite version 3032001	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6e891b8778e4b960_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons	SQLite 3.x database, last written using SQLite version 3032001	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1eb3bbff-5bbd-4e58-8b94-14f2981bfc6f.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\094e2d6bf2abec98_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\0481116f3cd8293f_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\989f2180-24b8-46d7-93c3-53b7b4d8d01f.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\84c2b8cb-e91c-4f2f-a51d-fdeeadbfcd92.tmp	UTF-8 Unicode text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\78333aff-fc24-4286-bf37-98d9a04f8c60.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\72f7890d-56a5-4520-9c56-7d9110c47c1a.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\729e7081-a65b-4d8b-baaf-14df411eaceb.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\696edfed-62d5-49d2-a538-2876abda8e95.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\4b275a19-0327-48a3-a3ba-3ddfa650963e.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\264218c2-46d8-4a5c-82d3-bc4f837994e2.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\0e80c2761a024f13_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\19c5a6a0-6cd9-46c4-8fba-925e6eb26a76.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\659a0f7f-cb02-4155-b229-8c51e29da421.tmp	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\64192ad8-63f3-48fe-8fd8-a1a80d8c499c.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\5e859c91-8260-47c8-93d9-800fc5cfc085.tmp	SysEx File -	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\546f2804-8e61-4d9d-b13d-96f54aa07f2a.tmp	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\3500dbd5-93b5-44b5-ac49-1957e2bd46ef.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\332b19e3-f51d-40b7-bb97-f5864a3d8d74.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\1ccb057b-11a4-4185-a375-4eb399dafdc9.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506	data	#
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506	Microsoft Cabinet archive data, 58596 bytes, 1 file	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3b99dc3d3bc104fb_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6b848a87f40dd230_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6686b0c92e7fc912_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5db4ad138a5b020e_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5884bcf8588200e3_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5775d7ea69d43f30_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\561241d948dbccfb_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\547db41b413d52f1_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\50030ae951750ff1_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\4ac2f448771ab57b_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\4a35f9faee710733_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\48b1cea232975fe0_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\43fb384703621b6c_0	data	#
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3b1229ca2dee820e_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\387757f5f0f1ee37_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\309184ad59030aa2_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\2ab90d28379232be_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\2a29a02c54dc7d2b_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\27a12f8f0981b1e4_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\235721645bd63009_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\22fb0e1969c285c1_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\166ee82c52b87e97_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\145375f6fd9456d5_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\12649853fd6ff52e_0	data	#

https://pro-bee-beepro-messages.s3.amazonaws.com/643069/625197/1218256/5967655.html

Comments

Tags

Available tags:

Details

Joe Sandbox

IPs

Domains

URLs

Dropped files

https://pro-bee-beepro-messages.s3.amazonaws.com/643069/625197/1218256/5967655.html Options

Comments

Tags

Available tags:

Details

Joe Sandbox

IPs

Domains

URLs

Dropped files

Search started

https://pro-bee-beepro-messages.s3.amazonaws.com/643069/625197/1218256/5967655.html