flash

BCJOphish040520219700.html

Status: finished
Submission Time: 04.05.2021 17:15:26
Malicious
Phishing
Evader
HTMLPhisher

Comments

Tags

Details

  • Analysis ID:
    404066
  • API (Web) ID:
    710291
  • Analysis Started:
    04.05.2021 17:16:40
  • Analysis Finished:
    04.05.2021 17:23:28
  • MD5:
    724cbfa451d94bd57998a09c9956fcab
  • SHA1:
    d39571159adc5da02c99350b21a843a80b57233b
  • SHA256:
    713e7b41006aea09ddf4786a43d386b8e6338555d47e97b4a2726af59956e167
  • Technologies:
Full Report Management Report IOC Report Engine Info Verdict Score Reports

System: Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211

malicious
76/100

IPs

IP Country Detection
104.18.11.207
United States
23.111.9.35
United States
104.16.18.94
United States

Domains

Name IP Detection
cs1100.wpc.omegacdn.net
152.199.23.37
cdnjs.cloudflare.com
104.16.18.94
maxcdn.bootstrapcdn.com
104.18.11.207
Click to see the 4 hidden entries
fontawesome-cdn.fonticons.netdna-cdn.com
23.111.9.35
use.fontawesome.com
0.0.0.0
code.jquery.com
0.0.0.0
aadcdn.msftauth.net
0.0.0.0

URLs

Name Detection
file:///C:/Users/user/Desktop/BCJOphish040520219700.html
https://bugs.webkit.org/show_bug.cgi?id=136851
http://jquery.org/license
Click to see the 52 hidden entries
https://jsperf.com/thor-indexof-vs-for/5
https://bugs.jquery.com/ticket/12359
https://web.archive.org/web/20100324014747/http://blindsignals.com/index.php/2009/07/jquery-delay/
http://www.amazon.com/
https://html.spec.whatwg.org/#strip-and-collapse-whitespace
https://promisesaplus.com/#point-75
https://web.archive.org/web/20141116233347/http://fluidproject.org/blog/2008/01/09/getting-setting-a
http://www.twitter.com/
https://drafts.csswg.org/cssom/#common-serializing-idioms
https://html.spec.whatwg.org/multipage/forms.html#concept-fe-disabled
https://bugs.webkit.org/show_bug.cgi?id=29084
https://fontawesome.com/license/free
https://infra.spec.whatwg.org/#strip-and-collapse-ascii-whitespace
https://fontawesome.com
https://github.com/eslint/eslint/issues/6125
https://html.spec.whatwg.org/multipage/forms.html#concept-option-disabled
https://github.com/jquery/jquery/pull/557)
https://github.com/twbs/bootstrap/graphs/contributors)
https://bugs.chromium.org/p/chromium/issues/detail?id=378607
https://github.com/jrburke/requirejs/wiki/Updating-existing-libraries#wiki-anon
https://bugzilla.mozilla.org/show_bug.cgi?id=687787
https://bugs.chromium.org/p/chromium/issues/detail?id=470258
http://opensource.org/licenses/MIT).
https://bugs.jquery.com/ticket/13378
https://promisesaplus.com/#point-64
http://www.reddit.com/
https://promisesaplus.com/#point-61
http://www.nytimes.com/
https://drafts.csswg.org/cssom/#resolved-values
https://bugs.chromium.org/p/chromium/issues/detail?id=589347
https://html.spec.whatwg.org/multipage/syntax.html#attributes-2
https://promisesaplus.com/#point-59
https://jsperf.com/getall-vs-sizzle/2
https://promisesaplus.com/#point-57
https://github.com/eslint/eslint/issues/3229
https://promisesaplus.com/#point-54
https://html.spec.whatwg.org/multipage/forms.html#category-listed
https://html.spec.whatwg.org/multipage/scripting.html#selector-disabled
https://developer.mozilla.org/en-US/docs/CSS/display
https://jquery.org/license
https://jquery.com/
https://getbootstrap.com)
http://www.youtube.com/
https://bugs.webkit.org/show_bug.cgi?id=137337
https://html.spec.whatwg.org/multipage/scripting.html#selector-enabled
https://github.com/twbs/bootstrap/blob/master/LICENSE)
http://www.wikipedia.com/
https://promisesaplus.com/#point-48
http://www.live.com/
https://github.com/jquery/sizzle/pull/225
https://sizzlejs.com/
https://bugs.chromium.org/p/chromium/issues/detail?id=449857

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{46CC5D3F-AD37-11EB-90E5-ECF4BB570DC9}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{46CC5D41-AD37-11EB-90E5-ECF4BB570DC9}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{4D6DE73B-AD37-11EB-90E5-ECF4BB570DC9}.dat
Microsoft Word Document
#
Click to see the 21 hidden entries
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-17529550060\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-18270793970\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-21706820\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-4759708130\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-6757900\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-8760897390\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20259167780\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20332743330\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin8215062560\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\jquery-3.2.1.slim.min[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\jquery-3.3.1[1].js
ASCII text
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\bootstrap.min[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\css[1].css
ASCII text
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\jquery.min[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\bootstrap.min[1].css
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\popper.min[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\all[1].css
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\jquery-3.1.1.min[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Temp\~DF5CF08E3835D7EFC4.TMP
data
#
C:\Users\user\AppData\Local\Temp\~DFDB291DF1B61879C7.TMP
data
#
C:\Users\user\AppData\Local\Temp\~DFFAFD318CFED77F8E.TMP
data
#