Joe Sandbox Cloud Basic

Want to search on specific fields?


Try our:

Advanced Search

Want to search in depth on all Cloud Basic reports?

Try: Joe Sandbox View

Register Login
sloganpng
top title background image
flash

https://es.sonicurlprotection-sjl.com/click?PV=1&MSGID=202105211549092505692&URLID=1&ESV=10.0.9.5707&IV=E883A8665494D69666E51654A2A39188&TT=1621612156493&ESN=z1jnIrTVkkYn09KxCUei6Eq2cavioNPQClHgLUOR8BA%3D&KV=1536961729279&ENCODED_URL=http%3A%2F%2Feviromentalachforcovid.org%2F&HK=E4B2C7C59B7CB793F04CB2C26C1B812F608F409CE43CADC4C3A0B63CE2F36A29

Status: finished
Submission Time: 2021-05-21 18:08:15 +02:00
Malicious
Phishing
HTMLPhisher

Comments

Tags

Details

  • Analysis ID:
    419819
  • API (Web) ID:
    787427
  • Analysis Started:
    2021-05-21 18:10:47 +02:00
  • Analysis Finished:
    2021-05-21 18:15:28 +02:00
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
Full Report Management Report IOC Report
malicious
Score: 68
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

malicious

IPs

IP Country Detection
4.16.47.153
 United States
199.34.228.73
 United States
151.101.1.46
 United States
Click to see the 5 hidden entries
163.68.118.49
 France
192.229.221.185
 United States
52.11.37.142
 United States
152.199.23.37
 United States
104.16.18.94
 United States

Domains

Name IP Detection
www.eviromentalachforcovid.org
 199.34.228.73
cs1100.wpc.omegacdn.net
 152.199.23.37
eviromentalachforcovid.org
 199.34.228.73
Click to see the 12 hidden entries
sp-2020021412301152490000000a-1069308460.us-west-2.elb.amazonaws.com
 52.11.37.142
cdnjs.cloudflare.com
 104.16.18.94
weebly.map.fastly.net
 151.101.1.46
cs1227.wpc.alphacdn.net
 192.229.221.185
s3.jp-osa.cloud-object-storage.appdomain.cloud
 163.68.118.49
es.sonicurlprotection-sjl.com
 4.16.47.153
logincdn.msauth.net
 0.0.0.0
ec.editmysite.com
 0.0.0.0
code.jquery.com
 0.0.0.0
cdn2.editmysite.com
 0.0.0.0
aadcdn.msftauth.net
 0.0.0.0
www0utl00koffice365comcginewloginapp.s3.jp-osa.cloud-object-storage.appdomain.cloud
 0.0.0.0

URLs

Name Detection
https://www0utl00koffice365comcginewloginapp.s3.jp-osa.cloud-object-storage.appdomain.cloud/______portlander_iwcbew29763869929_92727297_nunueun.html
https://www.eviromentalachforcovid.org/
http://eviromentalachforcovid.org/
Click to see the 23 hidden entries
https://www.eviromentalachforcovid.org/favicon.ico
https://www.eviromentalachforcovid.org/p
https://www.eviromentalachforcovid.org/"
http://blog.alexmaccaw.com/css-transitions
https://github.com/twbs/bootstrap/blob/master/LICENSE)
http://www.eviromentalachforcovid.org/
https://stats.g.doubleclick.net/j/collect?
https://www0utl00koffilachforcovid.org/p
https://www.eviromentalachforcovid.org/uploads/1/3/7/7/137716034/editor/po99839393-converted-1.jpg?1
https://www.google.%/ads/ga-audiences?
http://fontawesome.io
http://fontawesome.io/license
https://www.eviromentalachforcovid.org/Root
http://getbootstrap.com/javascript/#carousel
https://www.eviromentalachforcovid.org/
http://getbootstrap.com/javascript/#transitions
https://aadcdn.msftauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico~(
https://www0utl00koffice365comcginewloginapp.s3.jp-osa.cloud-object-storage.appdomain.cloud/______po
https://aadcdn.msftauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico~
http://hammerjs.github.io/
http://www.modernizr.com/)
https://aadcdn.msftauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
https://twitter.com/jacobrossi/status/480596438489890816

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\______portlander_iwcbew29763869929_92727297_nunueun[1].htm
 HTML document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\fancybox[1].css
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\53JLL48S.htm
 HTML document, ASCII text
 #
Click to see the 49 hidden entries
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\S6u8w4BMUTPHjxsAUi-s[1].woff
 Web Open Font Format, TrueType, length 32220, version 1.1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\S6u9w4BMUTPHh7USSwaPHw[1].woff
 Web Open Font Format, TrueType, length 32196, version 1.1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\S6uyw4BMUTPHjxAwWA[1].woff
 Web Open Font Format, TrueType, length 30924, version 1.1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410[1].svg
 SVG Scalable Vector Graphics image
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\documentation_bcb4d1dc4eae64f0b2b2538209d8435a[1].svg
 SVG Scalable Vector Graphics image
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\ellipsis_grey_2b5d393db04a5e6e1f739cb266e65b4c[1].svg
 SVG Scalable Vector Graphics image
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\main[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\picker_more_7568a43cf440757c55d2e7f51557ae1f[1].svg
 SVG Scalable Vector Graphics image
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\social-icons[1].css
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\stl[1].js
 HTML document, UTF-8 Unicode text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\custom[1].js
 ASCII text
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\theme-plugins[1].js
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\favicon[1].ico
 MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\favicon_a_eupayfgghqiai7k9sol6lg2[1].ico
 MS Windows icon resource - 6 icons, 128x128, 16 colors, 72x72, 16 colors
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\font-awesome[1].css
 troff or preprocessor input, ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd[1].svg
 SVG Scalable Vector Graphics image
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\picker_account_aad_9de70d1c5191d1852a0d5aac28b44a6c[1].svg
 SVG Scalable Vector Graphics image
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\plugins[1].js
 ASCII text
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\po99839393-converted-1[1].jpg
 JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 882x882, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\signin-options_4e48046ce74f4b89d45037c90576bfac[1].svg
 SVG Scalable Vector Graphics image
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\sites[1].css
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Temp\~DF133F3DCA620240FD.TMP
 data
 #
C:\Users\user\AppData\Local\Temp\~DF80F2FF650A7D1B50.TMP
 data
 #
C:\Users\user\AppData\Local\Temp\~DF9AA72A39F48EB3C9.TMP
 data
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\css[3].css
 ASCII text
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{A615DFFF-BA9A-11EB-90E6-ECF4BB82F7E0}.dat
 Microsoft Word Document
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{A615E001-BA9A-11EB-90E6-ECF4BB82F7E0}.dat
 Microsoft Word Document
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{AE3D0DAC-BA9A-11EB-90E6-ECF4BB82F7E0}.dat
 Microsoft Word Document
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\po60zt0\imagestore.dat
 data
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\JTURjIg1_i6t8kCHKm45_dJE3gfD-A[1].woff
 Web Open Font Format, TrueType, length 36596, version 1.1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\JTUSjIg1_i6t8kCHKm459WdhzQ[1].woff
 Web Open Font Format, TrueType, length 36476, version 1.1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\PIY6B33K.htm
 HTML document, ASCII text, with very long lines, with CRLF, LF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\S6u9w4BMUTPHh6UVSwaPHw[1].woff
 Web Open Font Format, TrueType, length 30356, version 1.1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\S6u_w4BMUTPHjxsI5wq_FQfr[1].woff
 Web Open Font Format, TrueType, length 32564, version 1.1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\S6u_w4BMUTPHjxsI9w2_FQfr[1].woff
 Web Open Font Format, TrueType, length 24056, version 1.1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\css[1].css
 ASCII text
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\css[2].css
 ASCII text
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\T8DRMTJ1\www.eviromentalachforcovid[1].xml
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\jquery.min[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\snowday262[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\2_bc3d32a696895f78c19df6c717586a5d[1].svg
 SVG Scalable Vector Graphics image
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\css[1].css
 ASCII text
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\ellipsis_635a63d500a92a0b8497cdc58d0f66b1[1].svg
 SVG Scalable Vector Graphics image
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\ga[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\jquery-3.1.1.min[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\main-customer-accounts-site[1].js
 UTF-8 Unicode text, with very long lines, with LF, NEL line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\main_style[1].css
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\picker_account_add_56e73414003cdb676008ff7857343074[1].svg
 SVG Scalable Vector Graphics image
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\templateArtifacts[1].js
 exported SGML document, ASCII text, with very long lines
 #