https://firebasestorage.googleapis.com/v0/b/kcdvdjv037jcdi0e3767933.appspot.com/o/!%7D%7B%24%23%40%5E%26%20jaf%40!__%7D%20.html?alt=media&token=08503d5e-c8e8-4a7c-b39c-8a3de4c0bf78#jason.maddern@navitas.com

Status: finished

Submission Time: 2021-04-08 02:54:26 +02:00

Malicious

Phishing

HTMLPhisher

Comments

Details

Analysis ID:
383614
API (Web) ID:
669371
Analysis Started:

2021-04-08 02:54:27 +02:00
Analysis Finished:

2021-04-08 02:58:05 +02:00
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
	Full Report Management Report IOC Report	malicious Score: 64	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

malicious

IPs

IP	Country	Detection
104.18.10.207	United States
239.255.255.250	Reserved
172.217.168.33	United States
Click to see the 2 hidden entries
52.217.76.78	United States
104.16.19.94	United States

Domains

Name	IP	Detection
stackpath.bootstrapcdn.com	104.18.10.207
s3.amazonaws.com	52.217.76.78
cdnjs.cloudflare.com	104.16.19.94
Click to see the 5 hidden entries
maxcdn.bootstrapcdn.com	104.18.10.207
googlehosted.l.googleusercontent.com	172.217.168.33
clients2.googleusercontent.com	0.0.0.0
code.jquery.com	0.0.0.0
cdn.jsdelivr.net	0.0.0.0

URLs

Name	Detection
https://dns.google
https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
https://clients2.googleusercontent.com
Click to see the 6 hidden entries
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
https://code.jquery.com/jquery-3.2.1.slim.min.js
https://a.nel.cloudflare.com/report?s=xkpt82MHHMv3muDjCOwvAAgdJpt8uB5ERV7nx2Iz%2BKCgOGTBJFWZlxkLW2eh
https://feedback.googleusercontent.com
https://cdn.jsdelivr.net/npm/jquery.session

Dropped files

Name	File Type	Hashes
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG	ASCII text	#
C:\Users\user\AppData\Local\Temp\a6e301e5-1c0a-4f9d-a5f8-af8c8687511c.tmp	Google Chrome extension, version 3	#
C:\Users\user\AppData\Local\Temp\5fa42d40-5425-4bd5-913c-900563c92636.tmp	very short file (no magic)	#
Click to see the 97 hidden entries
C:\Users\user\AppData\Local\Temp\00ba8e9f-836b-45f0-b357-7605248f5c36.tmp	Google Chrome extension, version 3	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version	ASCII text, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004	MPEG-4 LOAS	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\b1db336d-b13d-4990-9faf-16fb50bd979b.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\a71e61e4-40a1-4c22-b65a-23f6de49f0b7.tmp	UTF-8 Unicode text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Visited Links	data	#
C:\Users\user\AppData\Local\Temp\ee97ac8e-f3b7-4694-ad38-27cac3985026.tmp	very short file (no magic)	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\191ba0ee-a227-4778-aa0f-376ebe1a9c61.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG	ASCII text	#
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\et\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\kn\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\ja\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\it\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\id\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\hu\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\hr\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\hi\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\gu\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\fr\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\fil\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\fi\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\fa\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG	ASCII text	#
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\es\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\en\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\el\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\de\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\da\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\cs\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\ca\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\bn\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\bg\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\ar\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\am\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\43d3f142-9db5-407e-9615-b4eab73bf2c0.tmp	UTF-8 Unicode text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies	SQLite 3.x database, last written using SQLite version 3032001	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f8d798d069065fcb_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e47a33ac8e679b3a_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\bc5a8aa50bf25355_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\75ea7cb2dc185fee_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\56aefa09742044bf_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3e29eaa8f606a452_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\9ff5ae1b-f9b3-4e3f-a917-fd60ed51fb99.tmp	very short file (no magic)	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\39ca5eea-0084-47b0-a549-5f4c8acb9dde.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\300c7021-d8b9-48a6-a74b-12782db4358e.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\2c564247-f5bc-4b16-a954-c6f32975d65b.tmp	UTF-8 Unicode text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1574577d-1303-4360-b2d2-7a001c227c51.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\68ece7bf-824a-44e5-a2cc-99f6b611d946.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\6380d18b-7640-4e6a-9d86-f1cc0c30b22e.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\3131b0ff-c790-4d91-b772-b2d4467228f9.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\0869d031-5cb1-4aa4-82f8-d9dea2ef6fa2.tmp	data	#
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506	data	#
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506	Microsoft Cabinet archive data, 58596 bytes, 1 file	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History	SQLite 3.x database, last written using SQLite version 3032001	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\268198b6-5f46-4002-a89a-35bece8dc8ab.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL-journal	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL	SQLite 3.x database, last written using SQLite version 3032001	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache	data	#
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs	data	#

https://firebasestorage.googleapis.com/v0/b/kcdvdjv037jcdi0e3767933.appspot.com/o/!%7D%7B%24%23%40%5E%26%20jaf%40!__%7D%20.html?alt=media&token=08503d5e-c8e8-4a7c-b39c-8a3de4c0bf78#jason.maddern@navitas.com

Comments

Tags

Available tags:

Details

Joe Sandbox

Third Party Analysis Engines

IPs

Domains

URLs

Dropped files

https://firebasestorage.googleapis.com/v0/b/kcdvdjv037jcdi0e3767933.appspot.com/o/!%7D%7B%24%23%40%5E%26%20jaf%40!__%7D%20.html?alt=media&token=08503d5e-c8e8-4a7c-b39c-8a3de4c0bf78#jason.maddern@navitas.com Options

Comments

Tags

Available tags:

Details

Joe Sandbox

Third Party Analysis Engines

IPs

Domains

URLs

Dropped files

Search started

https://firebasestorage.googleapis.com/v0/b/kcdvdjv037jcdi0e3767933.appspot.com/o/!%7D%7B%24%23%40%5E%26%20jaf%40!__%7D%20.html?alt=media&token=08503d5e-c8e8-4a7c-b39c-8a3de4c0bf78#jason.maddern@navitas.com