flash

https://aabsi-my.sharepoint.com/:o:/g/personal/fruelda_am_acmotors_com_ph/Ep2Z7kLFoWFOpBcL8hR8FGgBHXksBwm1GIMZZGE28lbrnQ?e=lnJa6i

Status: finished
Submission Time: 15.09.2021 11:24:40
Malicious
Phishing
HTMLPhisher

Comments

Tags

Details

  • Analysis ID:
    483675
  • API (Web) ID:
    851250
  • Analysis Started:
    15.09.2021 11:24:41
  • Analysis Finished:
    15.09.2021 11:31:50
  • Technologies:
Full Report Management Report IOC Report Engine Info Verdict Score Reports

System: Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211

malicious
64/100

malicious

IPs

IP Country Detection
52.105.226.27
United States
172.217.168.65
United States
172.217.168.13
United States
Click to see the 5 hidden entries
172.217.168.78
United States
239.255.255.250
Reserved
192.185.177.233
United States
40.90.128.17
United States
216.58.212.163
United States

Domains

Name IP Detection
grudigital.com.br
192.185.177.233
gstaticadssl.l.google.com
216.58.212.163
i-dub01p-cor001.api.p001.1drv.com
40.90.128.17
Click to see the 13 hidden entries
accounts.google.com
172.217.168.13
196000-ipv4.farm.dprodmgd106.aa-rt.sharepoint.com
52.105.226.27
clients.l.google.com
172.217.168.78
googlehosted.l.googleusercontent.com
172.217.168.65
clients2.googleusercontent.com
0.0.0.0
clients2.google.com
0.0.0.0
onenoteonlinesync.onenote.com
0.0.0.0
messaging.office.com
0.0.0.0
amcdn.msftauth.net
0.0.0.0
www.onenote.com
0.0.0.0
aabsi-my.sharepoint.com
0.0.0.0
storage.live.com
0.0.0.0
ajax.aspnetcdn.com
0.0.0.0

URLs

Name Detection
https://aabsi-my.sharepoint.com/:o:/g/personal/fruelda_am_acmotors_com_ph/Ep2Z7kLFoWFOpBcL8hR8FGgBHXksBwm1GIMZZGE28lbrnQ?rtime=vzr5yip42Ug
https://grudigital.com.br/xil/vew/latest/one/?signin=d41d8cd98f00b204e9800998ecf8427e&auth=5633e9906f55d776262de17a41bb0b082352d38aff081b43d08a398ac99d49f1aa73287d
https://aabsi-my.sharepoint.com/personal/fruelda_am_acmotors_com_ph/_layouts/15/Doc.aspx?sourcedoc={42ee999d-a1c5-4e61-a417-0bf2147c1468}&action=view&wd=target%28Van%20Wijnen%20Groep.one%7Cb783389e-3e4b-4814-8143-833c15ff1f84%2FVan%20Wijnen%20Groep%7C871fc38f-fac1-41b4-912a-fc211c24c4f2%2F%29
Click to see the 73 hidden entries
https://grudigital.com.br/xil/vew/latest/one/?signin=d41d8cd98f00b204e9800998ecf8427e&auth=5633e9906f55d776262de17a41bb0b082352d38aff081b43d08a398ac99d49f1aa73287d
https://payments.google.com/payments/v4/js/integrator.js
https://amcdn.msftauth.net/me?partner=OneNoteOnline&version=10.21153.1&market=EN-US&wrapperId=suites
https://www.google.com;
https://apc01.safelinks.protection.outlook.com/GetUrlReputation
https://hangouts.google.com/
https://live.com/A
https://live.com/JF%
https://onenote.com/:
https://www.onenote.com
https://aabsi-my.sharepoint.com
https://grudigital.com.br/xil/vew/latest/one/files/css.css
https://grudigital.com.br/
https://www.onenote.com/
https://live.com/r
https://onenote.com/
https://grudigital.com.br/xil/vew/latest/one/?signin=d41d8cd98f00b204e9800998ecf8427e&auth=5633e9906
https://grudigital.com.br/xil/vew/latest/one/files/pdf.png
https://sharepoint.com/.
https://live.com/3Bd
https://grudigital.com.br/xil/vew/latest/one/#
https://live.com/~
https://support.google.com/chromecast/answer/2998456
https://aabsi-my.sharepoint.com/personal/fruelda_am_acmotors_com_ph/_layouts/15/Doc.aspx?sourcedoc=%7B42ee999d-a1c5-4e61-a417-0bf2147c1468%7D&action=default&slrid=39afef9f-a044-0000-bb8a-3a5fb92c10ce&originalPath=aHR0cHM6Ly9hYWJzaS1teS5zaGFyZXBvaW50LmNvbS86bzovZy9wZXJzb25hbC9mcnVlbGRhX2FtX2FjbW90b3JzX2NvbV9waC9FcDJaN2tMRm9XRk9wQmNMOGhSOEZHZ0JIWGtzQndtMUdJTVpaR0UyOGxicm5RP3J0aW1lPXZ6cjV5aXA0MlVn&cid=dee58779-8263-48d9-84ec-030f00145d89
https://live.com/a
https://clients2.googleusercontent.com
https://apc01.oscs.protection.outlook.com/api/SafeLinksApi/
https://live.com/e
https://aabsi-my.sharepoint.com/personal/fruelda_am_acmotors_com_ph/_layouts/15/Doc.aspx?sourcedoc=
https://live.com/&Hd
https://live.com/i
https://www.google.com/
https://feedback.googleusercontent.com
https://grudigital.com.br/xil/vew/latest/one/files/logo.png
https://clients2.google.com/service/update2/crx
https://grudigital.com.br/xil/vew/latest/
https://grudigital.com.br/xil/vew/latestOneDrive/
https://aabsi-my.sharepoint.com/
https://aabsi-my.sharepoint.com/personal/fruelda_am_acmotors_com_ph/_layouts/15/Doc.aspx?sourcedoc=%
https://live.com/%V
https://live.com/?&$
https://play.google.com
https://sharepoint.com/
https://spo.nel.measure.office.net/api/report?tenantId=b13af70b-cd66-4d49-98bd-a5233142e452&destinat
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-2.1.3.min.js
https://sandbox.google.com/payments/v4/js/integrator.js
https://onenote.com/v
https://grudigital.com.br/favicon.ico
https://clients2.googleusercontent.com/crx/blobs/Acy1k0bLIjHsvnKaKN_oRpVaYYvFs25d7GKYF1WXrT6yizCMksBO0c_ggE0B6tx6HPRHe6q1GOEe3_NcIbSiGG8kXeLMUY0sAKVvC6R89zvKM13s5VqoAMZSmuUgjQL5vlygJuArQghXXE_qTL7NlQ/extension_8520_615_0_5.crx
https://grudigital.com.br/xil/vew/latestOneDrive
https://www.google.com
https://www.onenote.com/officeaddins/learningtools/?et=
https://grudigital.com.br/xil/vew/latest
https://live.com/:
https://accounts.google.com
https://live.com/
https://aabsi-my.sharepoint.com/:o:/g/personal/fruelda_am_acmotors_com_ph/Ep2Z7kLFoWFOpBcL8hR8FGgBHX
https://live.com/Lp
https://apis.google.com
https://content.growth.office.net/mirrored/resources/programmablesurfaces/prod/officewebsurfaces.cor
https://clients2.google.com
https://dns.google
https://ogs.google.com
https://grudigital.com.br/xil/vew/latest/OneDrive/
https://live.com/LbV
https://support.google.com/chromecast/troubleshooter/2995236
https://aabsi-my.sharepoint.com/:o:/g/personal/fruelda_am_acmotors_com_ph/Ep2Z7kLFoWFOpBcL8hR8FGgBHXksBwm1GIMZZGE28lbrnQ?e=lnJa6i
https://grudigital.com.br/xil/vew/latest/OneDrive
https://live.com/f=
https://live.com/Y
https://live.com/Z
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard

Dropped files

Name File Type Hashes Detection
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\32f6406c-b1f3-4042-8c49-fae4567f89a5.tmp
SysEx File -
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\46a02d36-28f0-458e-84b5-033d791db3ff.tmp
ASCII text, with very long lines, with no line terminators
#
Click to see the 97 hidden entries
C:\Users\user\AppData\Local\Google\Chrome\User Data\604261d8-7d32-48f4-8c55-7395998e6393.tmp
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\9dd49299-13d7-4a14-82d3-93e485763911.tmp
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\32f58287-2d64-4526-90ec-bde30d70d7bb.tmp
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\48413a29-5c8a-4bc5-a70f-a1507c5c3ab4.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\572ad7e7-aefe-4527-a630-538e3e81399e.tmp
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\59540b27-c3cd-4fba-a91e-d713daf58a79.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\6f1caa90-217e-45f8-b3d2-5dbabf7eca45.tmp
very short file (no magic)
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\712b253f-24e9-483c-9ccd-4fdeb4d60a86.tmp
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\767113b0-fa79-4190-8639-732872c4e600.tmp
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\85731e52-2030-48ab-938d-a8ef359b73f5.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG.old+r (copy)
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG.old (copy)
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\02c7e165ebc7c9de_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\047447b274c22c54_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\089da834c75847e1_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1bc1b686e63f82ff_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1bcd0439134a3715_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1d5a541437e1e052_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\2310e2ec0ef84354_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\253ada26cb26b6aa_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\281a196a87838cee_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\2f093249a8f8bca4_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3341dc8ccaa38e24_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\37f28228f077dd16_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\387591b72ede2a53_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3da036a9ad3ac2b3_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\47a77da855f57cf8_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\49e154754a1b515c_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\4b94406e6b437b96_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\511f06892f5a721b_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5eb56a63fca89ad6_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\64ad52f359b9abdc_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6671f4ecda0f6e11_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6b1462b985c4cc1a_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\72c14961ecbda7e1_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7444ea2da1317cfb_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\74dda42491470d94_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7cd4eb7d184ef6b5_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7e3b21fda9937990_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\810e53cf61aed9ba_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\859faf000b5b27df_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\88d4628693712bea_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8c527f7c99a46d20_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8e1634acc9edb463_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8e8c910519af4dd5_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\90b75c1a333fbe5d_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9f4474a9eac49cfc_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a496b5ea39da3bad_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a4e4f981b679f738_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a7116b5a814c13d9_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a99544b9320222ee_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\aa4a263f93dfaac5_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ace05e7cac6c477f_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\af5c3b38004ce8f5_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b8d6903289bdf5e5_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b9a0c0163bb1d181_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\bb7b434ae64a8b31_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c81e6b4ad9136b7e_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d0654debbe0752ab_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d68c2e39091fecb5_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e11bcdafaaa75eb5_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e2fa7340d4950923_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e4f97bb7584c4d55_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e513ed8e4730e1c9_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e5fee07f85dd431e_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e78b87c38b36287e_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e96383cd4fdf8308_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e99eb54082532864_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ee2f7dc01c580763_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f7dd50aa7b62010a_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\fa1d01002fa990ce_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\fd818ce584f1de3a_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-indexle (copy)
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies
SQLite 3.x database, last written using SQLite version 3032001
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old (copy)
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old. (copy)
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons
SQLite 3.x database, last written using SQLite version 3032001
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.oldUM (copy)
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG.old (copy)
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG
ASCII text
#