Joe Sandbox Cloud Basic

Want to search on specific fields?


Try our:

Advanced Search

Want to search in depth on all Cloud Basic reports?

Try: Joe Sandbox View

Register Login
sloganpng
top title background image
flash

https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fwww.ptcul.org%2fQUICKENLOANPayoffST.html&c=E,1,cZ4it7vUwwU40xP49hVIDZK5zOpWEgKMytxlbf_fzHhDG3IqiFWUNMvV6eqmKn6vwO6xqwRYpRL0NHQwJYVrLrUcxE9Wn2XjCcsSWt4750g-TU3V0KQw&typo=1

Status: finished
Submission Time: 2021-06-11 16:50:10 +02:00
Malicious
Phishing
HTMLPhisher

Comments

Tags

Details

  • Analysis ID:
    433337
  • API (Web) ID:
    800942
  • Analysis Started:
    2021-06-11 16:50:38 +02:00
  • Analysis Finished:
    2021-06-11 16:54:56 +02:00
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
Full Report Management Report IOC Report
malicious
Score: 56
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

IPs

IP Country Detection
52.58.148.216
 United States
103.205.64.138
 India

Domains

Name IP Detection
itmddn.com
 103.205.64.138
linkprotect.cudasvc.com
 52.58.148.216
ptcul.org
 103.205.64.138
Click to see the 1 hidden entries
www.ptcul.org
 0.0.0.0

URLs

Name Detection
https://itmddn.com/QUICKENFILE/wap.php?wap=4UY432
https://www.ptcul.org/QUICKENLOANPayoffST.html
http://itmddn.com/itm-prospectus-2021-final.pdf
Click to see the 24 hidden entries
https://www.ptcul.org/QUICKENLOANPayoffST.html~
https://itmddn.com/QUI
http://www.ptcul.org.
http://mail.ptcul.org/
https://www.itmddn.com/itm-prospectus-2020-final.pdf
http://www.governoruk.gov.in/
http://cm.uk.gov.in/
https://forms.eduqfix.com/insttechmgt/add
http://www.ptcul.org/noc/
http://hitwebcounter.com/counter/counter.php?page=7055334&style=0007&nbdigits=9&type=ip&initCount=10
https://www.tenderwizard.com/ROOTAPP/PTCUL.jsp?enc%3DkphSKaWwsq080wYCvjz4XVKhb65%2B2glBBqQTdlDr%2BwA
https://outlook.live.com/owa/
https://www.ptcul.org/QUICKENLOANPayoffST.html
http://webline.co.in/itm/document/application-form-itm.pdf
https://www.ptcul.org/QUICKENLOANPayoffST.html.Quicken
https://www.itmddn.online
http://uktenders.gov.in/nicgep/app
https://itmddn.com/QUIQUICKENLOANPayoffST.htmlCKENFILE/wap.php?wap=4UY432Root
https://itmddn.com/QUICKENFILE/wap.php?wap=4UY432
https://webline.in/
http://www.hitwebcounter.com
https://code.jquery.com/ui/1.12.1/jquery-ui.js
https://noc.uksldc.in/
https://www.ptcul.org/QUICKENLOANPayoffST.htmlRoot

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\wap[1].htm
 PHP script, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{F25EFFC0-CB0F-11EB-90E5-ECF4BB570DC9}.dat
 Microsoft Word Document
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{F25EFFC2-CB0F-11EB-90E5-ECF4BB570DC9}.dat
 Microsoft Word Document
 #
Click to see the 11 hidden entries
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{FA426710-CB0F-11EB-90E5-ECF4BB570DC9}.dat
 Microsoft Word Document
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\favicon[1].htm
 HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\QUICKENLOANPayoffST[1].htm
 HTML document, ASCII text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\data[1].js
 ASCII text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\jquery-2.2.3.min[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\micro[1].svg
 SVG Scalable Vector Graphics image
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\background[1].png
 PNG image data, 1366 x 768, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\images[1].png
 PNG image data, 498 x 101, 8-bit colormap, non-interlaced
 #
C:\Users\user\AppData\Local\Temp\~DF25C900E5007E33CB.TMP
 data
 #
C:\Users\user\AppData\Local\Temp\~DF74B79FAF2663A557.TMP
 data
 #
C:\Users\user\AppData\Local\Temp\~DFF88A7FA4C5DF9108.TMP
 data
 #