Joe Sandbox Cloud Basic

Want to search on specific fields?


Try our:

Advanced Search

Want to search in depth on all Cloud Basic reports?

Try: Joe Sandbox View

Register Login
sloganpng
top title background image
flash

https://protect-au.mimecast.com/s/0cIYC2xZY3ho5XqGtgUIfa?domain=securemailcenter.citigroup.com

Status: finished
Submission Time: 2021-06-11 06:49:00 +02:00
Clean

Comments

Tags

Details

  • Analysis ID:
    433024
  • API (Web) ID:
    800628
  • Analysis Started:
    2021-06-11 06:49:01 +02:00
  • Analysis Finished:
    2021-06-11 06:52:57 +02:00
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
Full Report Management Report IOC Report
clean
Score: 0
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

IPs

IP Country Detection
124.47.150.19
 Australia
192.193.154.4
 United States
3.17.15.199
 United States

Domains

Name IP Detection
alb-echoworx-v00-907380543.us-east-2.elb.amazonaws.com
 3.17.15.199
securemailcenter.citigroup.com
 192.193.154.4
protect-au.mimecast.com
 124.47.150.19
Click to see the 1 hidden entries
pr.ssm.echoworx.net
 0.0.0.0

URLs

Name Detection
http://yui.yahooapis.com/2.7.0/build/button/assets/skins/sam/split-button-arrow-active.png);
https://securemailcenter.citigroup.com/branding/citi/en_US/images/favicon.ico
http://yui.yahooapis.com/2.7.0/build/button/assets/skins/sam/split-button-arrow-focus.png);
Click to see the 15 hidden entries
http://yui.yahooapis.com/2.7.0/build/button/assets/skins/sam/menu-button-arrow.png);
http://yui.yahooapis.com/2.7.0/build/assets/skins/sam/sprite.png)
https://fontawesome.com/license/free
https://pr.ssm.echoworx.net/brand?act=download&enRoot
https://pr.ssm.echowor
https://fontawesome.comhttps://fontawesome.comFont
https://fontawesome.com
http://yui.yahooapis.com/2.7.0/build/button/assets/skins/sam/menu-button-arrow-disabled.png);
http://yui.yahooapis.com/2.7.0/build/button/assets/skins/sam/split-button-arrow.png);
http://yui.yahooapis.com/2.7.0/build/button/assets/skins/sam/split-button-arrow-hover.png);
http://yui.yahooapis.com/2.7.0/build/button/assets/skins/sam/split-button-arrow-disabled.png);
http://jqueryui.com
https://securemailcenter.citigroup.com/login.hRoot
https://securemailcenter.citigroup.com/branding/citi/en_US/images/favicon.ico~
http://developer.yahoo.net/yui/license.txt

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\brand[1].gif
 GIF image data, version 89a, 150 x 68
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\style_blue-62aab9b147a532d65ecd3031f51671a2[1].css
 ASCII text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\brand[1].css
 ASCII text, with CRLF line terminators
 #
Click to see the 37 hidden entries
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\brand[1].js
 ASCII text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\button-f601f344cd1fe72eb18eb9d46d2eaeae[1].css
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\emx.min-2cf685886a94f456479db5fbbe946265[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\jquery-ui.min-c15b1008dec3c8967ea657a7bb4baaec[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\jquery.min-dc5e7f18c8d36ac1d3d4753a87c98d0a[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\web_logo-6e1cb94279f139aac29029f22288696d[1].gif
 GIF image data, version 89a, 225 x 88
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\autocomplete-86435ad2c45f02f39e1514f9ade336ae[1].css
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\login[1].htm
 HTML document, ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\brand[1].htm
 HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\brand[2].gif
 GIF image data, version 89a, 15 x 16
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\brand[2].htm
 HTML document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\custom-0c2e751c8b7e800ef063b8af7d7ab037[1].css
 ASCII text
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\enterprise-4ef20b6c3169ffa786832a9c1310290a[1].css
 ASCII text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\fa-regular-400-261d666b0147c6c5cda07265f98b8f8c[1].eot
 Embedded OpenType (EOT), Font Awesome 5 Free Regular family
 #
C:\Users\user\AppData\Local\Temp\~DF9D7E413ECA02EC73.TMP
 data
 #
C:\Users\user\AppData\Local\Temp\~DFA46A22FA4A4C0DF7.TMP
 data
 #
C:\Users\user\AppData\Local\Temp\~DFFD565B6E1FBCC1BC.TMP
 data
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\jquery-ui.min-0b5729a931d113be34b6fac13bcf5b29[1].css
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{E5BD9987-CABB-11EB-90E5-ECF4BB570DC9}.dat
 Microsoft Word Document
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{EFE6561E-CABB-11EB-90E5-ECF4BB570DC9}.dat
 Microsoft Word Document
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\dikxvqf\imagestore.dat
 data
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\all.min-76cb46c10b6c0293433b371bae2414b2[1].css
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\brand[1].txt
 ASCII text, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\brand[2].txt
 ASCII text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\citilogo_branding_60x35[1].png
 PNG image data, 60 x 35, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\container-ebcbb67d3e3830e928959eb68045e5c6[1].css
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\favicon[1].xml
 XML 1.0 document, ASCII text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{E5BD9985-CABB-11EB-90E5-ECF4BB570DC9}.dat
 Microsoft Word Document
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\jquery-ui.structure.min-5581d20aa5062ed5c0b6048f68e76055[1].css
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\bg[1].png
 PNG image data, 1 x 1207, 8-bit/color RGB, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\brand[1].css
 ASCII text
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\brand[1].txt
 HTML document, ASCII text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\emx-617aee75668310c75d23aee0c3b39470[1].css
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\fa-solid-900-a0369ea57eb6d3843d6474c035111f29[1].eot
 Embedded OpenType (EOT), Font Awesome 5 Free Solid family
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\favicon[1].ico
 MS Windows icon resource - 5 icons, 16x16, 8 bits/pixel, 32x32, 8 bits/pixel
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\favicon[1].xml
 XML 1.0 document, ASCII text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\jquery-ui.theme.min-c12cac44216cf877fd0c6903f3794407[1].css
 ASCII text, with very long lines
 #