top title background image
flash

$108,459.00.html

Status: finished
Submission Time: 2021-04-10 13:01:26 +02:00
Malicious
Phishing
HTMLPhisher

Comments

Tags

Details

  • Analysis ID:
    384937
  • API (Web) ID:
    671980
  • Analysis Started:
    2021-04-10 13:01:26 +02:00
  • Analysis Finished:
    2021-04-10 13:07:11 +02:00
  • MD5:
    244f3030958bcfe1db9bb77edd6ecaf3
  • SHA1:
    95ebb217144ec973ce3b9c0ebaa9b4fde83be41d
  • SHA256:
    fb2b7bf2039d05913895b5ec2ef8ea20ba02ebbc00e1596d7468074410525b2b
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
malicious
Score: 64
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

malicious
Score: 9/85
malicious

IPs

IP Country Detection
146.59.152.166
Norway
103.221.222.30
Viet Nam

Domains

Name IP Detection
mayhutsuahanoi.com
103.221.222.30
i.ibb.co
146.59.152.166

URLs

Name Detection
file:///C:/Users/user/Desktop/$108,459.00.html
https://cdshgvjs.ygto.com/leo/action.php
https://mayhutsuahanoi.com/wp-admin/images/bg.png
Click to see the 8 hidden entries
http://www.wikipedia.com/
http://www.amazon.com/
http://www.nytimes.com/
http://www.live.com/
http://www.reddit.com/
http://www.twitter.com/
http://www.youtube.com/
https://i.ibb.co/9nnrtWy/login02-popup.png

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\JTURjIg1_i6t8kCHKm45_aZA3gnD-A[1].woff
Web Open Font Format, TrueType, length 23276, version 1.1
#
C:\Users\user\AppData\Local\Temp\~DFC8580DDF3DAC5A07.TMP
data
#
C:\Users\user\AppData\Local\Temp\~DF7636CA86B2B9822B.TMP
data
#
Click to see the 22 hidden entries
C:\Users\user\AppData\Local\Temp\~DF5FEE7CA98A774557.TMP
data
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\css[1].css
ASCII text
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\JTURjIg1_i6t8kCHKm45_dJE3gnD-A[1].woff
Web Open Font Format, TrueType, length 23836, version 1.1
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\JTURjIg1_i6t8kCHKm45_ZpC3gnD-A[1].woff
Web Open Font Format, TrueType, length 23576, version 1.1
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\JTURjIg1_i6t8kCHKm45_bZF3gnD-A[1].woff
Web Open Font Format, TrueType, length 23628, version 1.1
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\JTUQjIg1_i6t8kCHKm45_QpRyS7g[1].woff
Web Open Font Format, TrueType, length 22500, version 1.1
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\login02-popup[1].png
PNG image data, 85 x 91, 8-bit/color RGBA, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\JTURjIg1_i6t8kCHKm45_cJD3gnD-A[1].woff
Web Open Font Format, TrueType, length 23256, version 1.1
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\JTURjIg1_i6t8kCHKm45_c5H3gnD-A[1].woff
Web Open Font Format, TrueType, length 23872, version 1.1
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\JTUSjIg1_i6t8kCHKm459WlhzQ[1].woff
Web Open Font Format, TrueType, length 23480, version 1.1
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{A0169C33-9A37-11EB-90E4-ECF4BB862DED}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin8215062560\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20332743330\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20259167780\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-8760897390\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-6757900\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-4759708130\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-21706820\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-18270793970\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-17529550060\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{AA46E742-9A37-11EB-90E4-ECF4BB862DED}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{A0169C35-9A37-11EB-90E4-ECF4BB862DED}.dat
Microsoft Word Document
#