Joe Sandbox Cloud Basic

Want to search on specific fields?


Try our:

Advanced Search

Want to search in depth on all Cloud Basic reports?

Try: Joe Sandbox View

Register Login
sloganpng
top title background image
flash

FaxGUO65DE.391343-Faa.html

Status: finished
Submission Time: 2021-09-15 08:54:48 +02:00
Malicious
Phishing
HTMLPhisher

Comments

Tags

Details

  • Analysis ID:
    483553
  • API (Web) ID:
    851127
  • Analysis Started:
    2021-09-15 08:58:01 +02:00
  • Analysis Finished:
    2021-09-15 09:07:22 +02:00
  • MD5:
    e74427d75f8195d70ef9d05eea45dd0b
  • SHA1:
    15469949833a848f8a7e7129e821c2b6d9012988
  • SHA256:
    e224b02876690367e3a5116e03831c1cdd61d7dc16710ed830db0792477863d1
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
Full Report Management Report IOC Report
malicious
Score: 72
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

IPs

IP Country Detection
172.217.168.13
 United States
172.217.168.78
 United States
239.255.255.250
 Reserved
Click to see the 3 hidden entries
172.217.168.65
 United States
3.139.50.24
 United States
152.199.23.37
 United States

Domains

Name IP Detection
cs1100.wpc.omegacdn.net
 152.199.23.37
accounts.google.com
 172.217.168.13
clients.l.google.com
 172.217.168.78
Click to see the 10 hidden entries
googlehosted.l.googleusercontent.com
 172.217.168.65
clients2.googleusercontent.com
 0.0.0.0
passwordreset.microsoftonline.com
 0.0.0.0
clients2.google.com
 0.0.0.0
code.jquery.com
 0.0.0.0
aadcdn.msftauth.net
 0.0.0.0
aadcdn.msauth.net
 0.0.0.0
ajax.aspnetcdn.com
 0.0.0.0
wus.client.hip.live.com
 0.0.0.0
client.hip.live.com
 0.0.0.0

URLs

Name Detection
file:///C:/Users/user/Desktop/FaxGUO65DE.391343-Faa.html
https://passwordreset.microsoftonline.com/ScriptResource.axd?d=OUH-1awPDbalk0VCLValPdS0n633hJORT180q
https://passwordreset.microsoftonline.com/favicon.ico?v=1342177280
Click to see the 40 hidden entries
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.5.0.min.js
https://aadcdn.msauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
https://accounts.google.com
https://passwordreset.microsoftonline.com/
https://passwordreset.microsoftonline.com/WebResource.axd?d=K8SG-wKQphiVYLlIdWNflHCKk9laM7b9jg1MsaXM
https://support.google.com/chromecast/answer/2998456
https://aadcdn.msftauth.net/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
https://clients2.googleusercontent.com
https://passwordreset.microsoftonline.com/?ru=https%3a%2f%2flogin.microsoftonline.com%2fcommon%2frep
https://microsoftonline.com/
https://apis.google.com
https://microsoftonline.com/s
https://passwordreset.microsoftonline.com/js/Webtrends.js
https://passwordreset.microsoftonline.com/WebResource.axd?d=HAV6PjMKiAmtAvxBgE9JDGqR1xYgZB9pt2QBI2F1
https://www.google.com/
https://feedback.googleusercontent.com
https://passwordreset.microsoftonline.com/js/Captcha.js?v=1342177280
https://clients2.google.com
https://clients2.google.com/service/update2/crx
https://hangouts.google.com/
https://ogs.google.com
https://support.google.com/chromecast/troubleshooter/2995236
https://client.hip.live.com/GetHIP/GetWLSPHIP0/WLSPHIP0?fid=5af29bb735124016b144a3108fba72b2&id=2825
https://passwordreset.microsoftonline.com/js/Button.js?v=1342177280
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
https://payments.google.com/payments/v4/js/integrator.js
https://aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg
https://www.google.com;
https://passwordreset.microsoftonline.com/ScriptResource.axd?d=q5w5thCcfM-puGUfx2IvVvou0xwZRExIT95KU
https://ajax.aspnetcdn.com/
https://microsoftonline.com/J
https://aadcdn.msauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.icoy64
https://passwordreset.microsoftonline.com/ScriptResource.axd?d=dKkdrB5w_YByjM1hzQdaPGMZwL6KMOpdrP-i7
https://sandbox.google.com/payments/v4/js/integrator.js
http://3.139.50.24/prv.php?id=christina.young@faa.gov
https://passwordreset.microsoftonline.com/js/Common.js
https://clients2.googleusercontent.com/crx/blobs/Acy1k0bLIjHsvnKaKN_oRpVaYYvFs25d7GKYF1WXrT6yizCMksBO0c_ggE0B6tx6HPRHe6q1GOEe3_NcIbSiGG8kXeLMUY0sAKVvC6R89zvKM13s5VqoAMZSmuUgjQL5vlygJuArQghXXE_qTL7NlQ/extension_8520_615_0_5.crx
https://www.google.com
https://dns.google

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG.old (copy)
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor-journal
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor
 SQLite 3.x database, last written using SQLite version 3032001
 #
Click to see the 97 hidden entries
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.oldp (copy)
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Tabs (copy)
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Session( (copy)
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
 SQLite 3.x database, last written using SQLite version 3032001
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG.oldtm (copy)
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State (copy)
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old (copy)
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons
 SQLite 3.x database, last written using SQLite version 3032001
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.oldTM (copy)
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG.old (copy)
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent State (copy)
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG.old (copy)
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG.old (copy)
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old (copy)
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.oldx (copy)
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure PreferencesTM (copy)
 UTF-8 Unicode text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)
 UTF-8 Unicode text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences\* (copy)
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\PreferencesTM (copy)
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences.. (copy)
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences. (copy)
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences* (copy)
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG.olddc (copy)
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State.. (copy)
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\7c348050-2d5c-437e-a914-415767510c6e.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\90da9488-e67e-4eb7-861b-65f48eca1632.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\870c2d24-ae9f-4ebd-854a-0cba05b5dedd.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\53b15c1c-7171-40c7-a3fe-a8467e72c90b.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\51990ca1-7be6-400c-87c2-c482ebd79466.tmp
 UTF-8 Unicode text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\483b1d9b-da85-4d82-9ae6-e25f8be99284.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\3f2aa66c-e283-43d2-830c-417921071345.tmp
 UTF-8 Unicode text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\3448b131-1585-4bc5-acaf-e8f62fe85f6c.tmp
 very short file (no magic)
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\26ce1681-ac9d-4432-9f1b-c42a72d588ef.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\10535be4-215d-47cc-aea7-eb6653744a40.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\10487ee7-cb7e-4fda-a384-83e2bcf7e1f6.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\02230984-5b6d-46e7-aed0-0721f0fc197e.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\98abdd6c-8710-4220-b40c-9f5c55c2ab34.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\778dd0ac-bb12-470c-99f8-b7d671cbb905.tmp
 SysEx File -
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\6d6bb912-37f1-453e-b15c-4d274e234a89.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\6694995c-6a4b-447b-901f-a6d426d6beb3.tmp
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\618a14dc-1c30-474d-a655-b5784b44a2ab.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\5fbbffa2-c2e2-49b3-a90f-2f62dd009fe1.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\5d9b2c53-2541-48a1-9929-11239b2b42ec.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\38fef74a-64a2-4d7f-97d9-26348dacf9ac.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\32eb4732-7836-4268-9f1b-d53716bc3b7d.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\2f0173ec-c10c-45e6-a794-dd0eaa4e8f7b.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\2a341b4a-c8f3-4c2b-83aa-cb37ca5848f0.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\0ed2b603-f1e2-4a9f-b177-4467f8128c91.tmp
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\803cf0699cd0ec28_0
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies
 SQLite 3.x database, last written using SQLite version 3032001
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-indexZ (copy)
 MIPSEB-LE ECOFF executable not stripped - version 0.0
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index
 MIPSEB-LE ECOFF executable not stripped - version 0.0
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f12d30eb3faa08de_0
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e95e6990d8e3994c_0
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a64bbd896a35b6e4_0
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\949d2b57c43cbcd6_0
 data
 #
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\73f1d653d4203c94_0
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3a73391f8ed26ca1_0
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\308e7fc8113abdbe_0
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\146d391f20a30dc6_0
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\0dc5eef33ad111af_0
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\05711a550dadec40_0
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG.old (copy)
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG.oldB (copy)
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\9ae44842-f48f-4eaa-b892-6e51c6caa6d1.tmp
 ASCII text, with very long lines, with no line terminators
 #