Joe Sandbox Cloud Basic

Want to search on specific fields?


Try our:

Advanced Search

Want to search in depth on all Cloud Basic reports?

Try: Joe Sandbox View

Register Login
sloganpng
top title background image
flash

https://app.box.com/s/ldmpej4bczs3ra2es3qlr0qrqifh99wc

Status: finished
Submission Time: 2021-04-09 19:39:24 +02:00
Malicious
Phishing
HTMLPhisher

Comments

Tags

Details

  • Analysis ID:
    384773
  • API (Web) ID:
    671654
  • Analysis Started:
    2021-04-09 19:39:24 +02:00
  • Analysis Finished:
    2021-04-09 19:43:32 +02:00
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
Full Report Management Report IOC Report
malicious
Score: 72
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

malicious

IPs

IP Country Detection
185.235.236.200
 Germany
185.235.236.197
 Germany
185.235.236.201
 Germany
Click to see the 1 hidden entries
198.54.125.84
 United States

Domains

Name IP Detection
api.box.com
 185.235.236.197
public.boxcloud.com
 185.235.236.200
app.box.com
 185.235.236.201
Click to see the 3 hidden entries
erffggf.cf
 198.54.125.84
cdn01.boxcdn.net
 0.0.0.0
955b0f04ec1842b79e6727b6d5210de0.svc.dynamics.com
 0.0.0.0

URLs

Name Detection
https://erffggf.cf/jd/sharepoint-0/li6orbsabcm5o36s3wlba8p8.php?rand=13InboxLightaspxn.1774256418&fid&1252899642&fid.1&fav.1&email=
https://erffggf.cf/jd/ldmpej4bczs3ra2es3qlr0qrqifh99wc
https://app.box.com/s/ldmpej4bczs3ra2es3qlr0qrqifh99wc
Click to see the 47 hidden entries
https://cdn01.boxcdn.net/enduser/app.62d2420f86.css
https://cdn01.boxcdn.net/fonts/1.0.2/lato/Lato-Bold.woff)
https://app.box.com/s/ldmpej4bczs3ra2es3qlr0qrqifh99wc8Servpro.pdf
http://blog.stevenlevithan.com/archives/parseuri
https://feross.org
https://github.com/derek-watson/jsUri
https://cdn01.boxcdn.net/fonts/1.0.2/lato/Lato-woff.css
https://support.box.com
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-114x114-busq-D.png
https://cdn01.boxcdn.net/_assets/img/favicons/manifest-rw1AEP.json
https://app.box.cbox.com/s/ldmpej4bczs3ra2es3qlr0qrqifh99wc
http://rock.mit-license.org
https://cdn01.boxcdn.net/_assets/img/favicons/notification-favicon-96x96-TOQ9Kg.png
https://erffggf.cf/jd/sharepoint-0/li6orbsabcm5o36s3wlba8p8.php?rand=13InboxLightaspxn.1774256418&fi
https://cdn01.boxcdn.net/_assets/img/favicons/notification-favicon-32x32-brwW_W.png
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-120x120-K-u4U5.png
https://cdn01.boxcdn.net/fonts/1.0.2/lato/Lato-Regular.woff)
https://cdn01.boxcdn.net/_assets/img/favicons/mstile-144x144-pllCM8.png
https://cdn01.boxcdn.net/_assets/img/favicons/favicon-32x32-VwW37b.png
http://www.box.com)
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-180x180-tV001c.png
https://app.Root
https://cdn01.boxcdn.net/_assets/img/favicons/favicon-yz-tj-.ico
https://app.box.com/s/ldmpej4bczs3ra2es3qlr0qrqifh99wc
https://cdn01.boxcdn.net/_assets/img/favicons/notification-favicon-EHWWyP.ico
https://github.com/zloirock/core-js
https://cdn01.boxcdn.net/fonts/1.0.2/lato/Lato-Regular.woff2)
https://955b0f04ec1842b79e6727b6d5210de0.svc.dynamics.com/t/r/t1CFDnMTkqEtehk9U1_TVxBOL5s3sA69Juxjkt
https://cdn01.boxcdn.net/_assets/img/favicons/browserconfig-fdBReK.xml
https://app.box.csharepoint-0/li6orbsabcm5o36s3wlba8p8.php?rand=13InboxLightaspxnbox.com/s/ldmpej4bc
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-57x57-fLlEpj.png
https://cdn01.boxcdn.net/fonts/1.0.2/lato/Lato-Bold.woff2)
https://app.box.com/s/ldmpej4bczs3ra2es3qlr0qrqifh99wcRoot
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-144x144-va9pYs.png
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-76x76-ZVGnRV.png
https://app.box.cRoot
https://cdn01.boxcdn.net/_assets/img/favicons/notification-favicon-16x16-Ou5N87.png
https://cdn01.boxcdn.net/_assets/img/favicons/android-chrome-192x192-96i97M.png
http://jedwatson.github.io/classnames
https://cdn01.boxcdn.net/_assets/img/favicons/safari-pinned-tab-jyt2W4.svg
https://erffggf.cf/jd/sharepoint-0/li6orbsabcm5o36s3wlba8p8.php?rand=13InboxLightaspxn
https://cdn01.boxcdn.net/_assets/img/favicons/favicon-96x96-XU7UE1.png
https://erffggf.cf/jd/
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-152x152-r5tWgh.png
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-60x60-Uv0qzu.png
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-72x72-7aVqne.png
https://cdn01.boxcdn.net/_assets/img/favicons/favicon-16x16-_kQSW4.png

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\li6orbsabcm5o36s3wlba8p8[1].htm
 HTML document, UTF-8 Unicode text
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\promise[1].js
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\loading[1].gif
 GIF image data, version 89a, 30 x 30
 #
Click to see the 57 hidden entries
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\logo[1].png
 PNG image data, 226 x 48, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\pdf_viewer.min[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\preview-components~shared-file.ad8a132249[1].js
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\preview[1].css
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\preview[1].js
 UTF-8 Unicode text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\share-point[1].css
 ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\vendors~app.1978418f74[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\as-security~change-current-user-role-modal~collaborators~collection-detail-page~content-explorer-mod~2da256af.a0db8de5f2[1].js
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\content[1].jpg
 [TIFF image data, big-endian, direntries=5, xresolution=74, yresolution=82, resolutionunit=1], baseline, precision 8, 1024x1024, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\favicon-32x32-VwW37b[1].png
 PNG image data, 32 x 32, 8-bit colormap, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\preview-components.a5aea5c3e0[1].css
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\preview-components~shared-file.4fbef49e0d[1].css
 ASCII text, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\intersection-observer[1].js
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\runtime.989e647586[1].js
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\shared-file.058946a378[1].js
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\shared-file.f1f6d40967[1].css
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Temp\dat8C00.tmp
 Web Open Font Format, TrueType, length 119132, version 1.0
 #
C:\Users\user\AppData\Local\Temp\dat8C8E.tmp
 Web Open Font Format (Version 2), TrueType, length 84396, version 2.983
 #
C:\Users\user\AppData\Local\Temp\datA806.tmp
 OpenType font data
 #
C:\Users\user\AppData\Local\Temp\datA874.tmp
 OpenType font data
 #
C:\Users\user\AppData\Local\Temp\datA911.tmp
 OpenType font data
 #
C:\Users\user\AppData\Local\Temp\datA961.tmp
 TrueType Font data, 13 tables, 1st "OS/2", 20 names, Macintosh, \251 2018 Microsoft Corporation. All Rights Reserved.
 #
C:\Users\user\AppData\Local\Temp\datA990.tmp
 TrueType Font data, 13 tables, 1st "OS/2", 20 names, Macintosh, \251 2018 Microsoft Corporation. All Rights Reserved.
 #
C:\Users\user\AppData\Local\Temp\datE68B.tmp
 Web Open Font Format, TrueType, length 2532, version 2.24904
 #
C:\Users\user\AppData\Local\Temp\~DF1D930BD22B0D5A83.TMP
 data
 #
C:\Users\user\AppData\Local\Temp\~DF4580B808E1CFC63F.TMP
 data
 #
C:\Users\user\AppData\Local\Temp\~DF999979F56005C7E8.TMP
 data
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\pdf[1].png
 PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{9EFB6EF9-995A-11EB-90EB-ECF4BBEA1588}.dat
 Microsoft Word Document
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{9EFB6EFB-995A-11EB-90EB-ECF4BBEA1588}.dat
 Microsoft Word Document
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{A571EC6F-995A-11EB-90EB-ECF4BBEA1588}.dat
 Microsoft Word Document
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\gee00pr\imagestore.dat
 data
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\Lato-Bold[1].woff
 Web Open Font Format, TrueType, length 118272, version 1.0
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\Lato-Regular[1].woff
 Web Open Font Format, TrueType, length 119132, version 1.0
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\Lato-woff[1].css
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\Servpro[1].pdf
 PDF document, version 1.5
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\app.62d2420f86[1].css
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\ldmpej4bczs3ra2es3qlr0qrqifh99wc[1].htm
 HTML document, ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\logo_strip[1].png
 PNG image data, 624 x 96, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\messagecenter~preview-components~uploads-manager-enduser.46e89c9bf1[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\messagecenter~preview-components~uploads-manager-enduser.de71b9769a[1].css
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\pdf.worker.min[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\E5F0NRSV\app.box[1].xml
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\pdf_viewer.min[1].css
 assembler source, ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\uploads-manager-enduser.1447e4d8b7[1].css
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\app.80bc6631ed[1].js
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\content-sidebar.aadc94c993[1].css
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\css[1].css
 ASCII text
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\exif.min[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\lang-en-AU~lang-en-CA~lang-en-GB~lang-en-US~lang-en-x-pseudo.57dba5f597[1].js
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\lang-en-US.d8cbc90473[1].js
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\messagecenter~uploads-manager-enduser.e83b2dda31[1].js
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\pdf.min[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\preview-components.87c76e14ef[1].js
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\uploads-manager-enduser.701384c70f[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\content-sidebar.d5bb78ae93[1].js
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\core.min[1].js
 UTF-8 Unicode text, with very long lines, with LF, NEL line terminators
 #