https://aabsi-my.sharepoint.com/:o:/g/personal/fruelda_am_acmotors_com_ph/Ep2Z7kLFoWFOpBcL8hR8FGgBHXksBwm1GIMZZGE28lbrnQ?e=lnJa6i

Status: finished

Submission Time: 2021-09-15 11:24:40 +02:00

Malicious

Phishing

HTMLPhisher

Comments

Details

Analysis ID:
483675
API (Web) ID:
851250
Analysis Started:

2021-09-15 11:24:41 +02:00
Analysis Finished:

2021-09-15 11:31:50 +02:00
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
	Full Report Management Report IOC Report	malicious Score: 64	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

malicious

IPs

IP	Country	Detection
52.105.226.27	United States
172.217.168.65	United States
172.217.168.13	United States
Click to see the 5 hidden entries
172.217.168.78	United States
239.255.255.250	Reserved
192.185.177.233	United States
40.90.128.17	United States
216.58.212.163	United States

Domains

Name	IP	Detection
grudigital.com.br	192.185.177.233
gstaticadssl.l.google.com	216.58.212.163
i-dub01p-cor001.api.p001.1drv.com	40.90.128.17
Click to see the 13 hidden entries
accounts.google.com	172.217.168.13
196000-ipv4.farm.dprodmgd106.aa-rt.sharepoint.com	52.105.226.27
clients.l.google.com	172.217.168.78
googlehosted.l.googleusercontent.com	172.217.168.65
clients2.googleusercontent.com	0.0.0.0
clients2.google.com	0.0.0.0
onenoteonlinesync.onenote.com	0.0.0.0
messaging.office.com	0.0.0.0
amcdn.msftauth.net	0.0.0.0
www.onenote.com	0.0.0.0
aabsi-my.sharepoint.com	0.0.0.0
storage.live.com	0.0.0.0
ajax.aspnetcdn.com	0.0.0.0

URLs

Name	Detection
https://aabsi-my.sharepoint.com/personal/fruelda_am_acmotors_com_ph/_layouts/15/Doc.aspx?sourcedoc={42ee999d-a1c5-4e61-a417-0bf2147c1468}&action=view&wd=target%28Van%20Wijnen%20Groep.one%7Cb783389e-3e4b-4814-8143-833c15ff1f84%2FVan%20Wijnen%20Groep%7C871fc38f-fac1-41b4-912a-fc211c24c4f2%2F%29
https://grudigital.com.br/xil/vew/latest/one/?signin=d41d8cd98f00b204e9800998ecf8427e&auth=5633e9906f55d776262de17a41bb0b082352d38aff081b43d08a398ac99d49f1aa73287d
https://aabsi-my.sharepoint.com/:o:/g/personal/fruelda_am_acmotors_com_ph/Ep2Z7kLFoWFOpBcL8hR8FGgBHXksBwm1GIMZZGE28lbrnQ?rtime=vzr5yip42Ug
Click to see the 73 hidden entries
https://grudigital.com.br/xil/vew/latest/one/?signin=d41d8cd98f00b204e9800998ecf8427e&auth=5633e9906f55d776262de17a41bb0b082352d38aff081b43d08a398ac99d49f1aa73287d
https://www.onenote.com
https://grudigital.com.br/xil/vew/latest/one/?signin=d41d8cd98f00b204e9800998ecf8427e&auth=5633e9906
https://onenote.com/
https://live.com/r
https://www.onenote.com/
https://grudigital.com.br/
https://grudigital.com.br/xil/vew/latest/one/files/css.css
https://aabsi-my.sharepoint.com
https://grudigital.com.br/xil/vew/latest/one/files/pdf.png
https://onenote.com/:
https://live.com/JF%
https://live.com/A
https://hangouts.google.com/
https://apc01.safelinks.protection.outlook.com/GetUrlReputation
https://www.google.com;
https://amcdn.msftauth.net/me?partner=OneNoteOnline&version=10.21153.1&market=EN-US&wrapperId=suites
https://payments.google.com/payments/v4/js/integrator.js
https://apc01.oscs.protection.outlook.com/api/SafeLinksApi/
https://grudigital.com.br/xil/vew/latest/
https://clients2.google.com/service/update2/crx
https://grudigital.com.br/xil/vew/latest/one/files/logo.png
https://feedback.googleusercontent.com
https://www.google.com/
https://live.com/i
https://live.com/&Hd
https://aabsi-my.sharepoint.com/personal/fruelda_am_acmotors_com_ph/_layouts/15/Doc.aspx?sourcedoc=
https://live.com/e
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
https://clients2.googleusercontent.com
https://live.com/a
https://aabsi-my.sharepoint.com/personal/fruelda_am_acmotors_com_ph/_layouts/15/Doc.aspx?sourcedoc=%7B42ee999d-a1c5-4e61-a417-0bf2147c1468%7D&action=default&slrid=39afef9f-a044-0000-bb8a-3a5fb92c10ce&originalPath=aHR0cHM6Ly9hYWJzaS1teS5zaGFyZXBvaW50LmNvbS86bzovZy9wZXJzb25hbC9mcnVlbGRhX2FtX2FjbW90b3JzX2NvbV9waC9FcDJaN2tMRm9XRk9wQmNMOGhSOEZHZ0JIWGtzQndtMUdJTVpaR0UyOGxicm5RP3J0aW1lPXZ6cjV5aXA0MlVn&cid=dee58779-8263-48d9-84ec-030f00145d89
https://support.google.com/chromecast/answer/2998456
https://live.com/~
https://grudigital.com.br/xil/vew/latest/one/#
https://live.com/3Bd
https://sharepoint.com/.
https://sandbox.google.com/payments/v4/js/integrator.js
https://live.com/:
https://grudigital.com.br/xil/vew/latest
https://www.onenote.com/officeaddins/learningtools/?et=
https://www.google.com
https://grudigital.com.br/xil/vew/latestOneDrive
https://clients2.googleusercontent.com/crx/blobs/Acy1k0bLIjHsvnKaKN_oRpVaYYvFs25d7GKYF1WXrT6yizCMksBO0c_ggE0B6tx6HPRHe6q1GOEe3_NcIbSiGG8kXeLMUY0sAKVvC6R89zvKM13s5VqoAMZSmuUgjQL5vlygJuArQghXXE_qTL7NlQ/extension_8520_615_0_5.crx
https://grudigital.com.br/favicon.ico
https://onenote.com/v
https://accounts.google.com
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-2.1.3.min.js
https://spo.nel.measure.office.net/api/report?tenantId=b13af70b-cd66-4d49-98bd-a5233142e452&destinat
https://sharepoint.com/
https://play.google.com
https://live.com/?&$
https://live.com/%V
https://aabsi-my.sharepoint.com/personal/fruelda_am_acmotors_com_ph/_layouts/15/Doc.aspx?sourcedoc=%
https://aabsi-my.sharepoint.com/
https://grudigital.com.br/xil/vew/latest/OneDrive/
https://grudigital.com.br/xil/vew/latestOneDrive/
https://live.com/Z
https://live.com/Y
https://live.com/f=
https://grudigital.com.br/xil/vew/latest/OneDrive
https://aabsi-my.sharepoint.com/:o:/g/personal/fruelda_am_acmotors_com_ph/Ep2Z7kLFoWFOpBcL8hR8FGgBHXksBwm1GIMZZGE28lbrnQ?e=lnJa6i
https://support.google.com/chromecast/troubleshooter/2995236
https://live.com/LbV
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
https://ogs.google.com
https://dns.google
https://clients2.google.com
https://content.growth.office.net/mirrored/resources/programmablesurfaces/prod/officewebsurfaces.cor
https://apis.google.com
https://live.com/Lp
https://aabsi-my.sharepoint.com/:o:/g/personal/fruelda_am_acmotors_com_ph/Ep2Z7kLFoWFOpBcL8hR8FGgBHX
https://live.com/

Dropped files

Name	File Type	Hashes
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\bb7b434ae64a8b31_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ee2f7dc01c580763_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e99eb54082532864_0	data	#
Click to see the 97 hidden entries
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e96383cd4fdf8308_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e78b87c38b36287e_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e5fee07f85dd431e_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e513ed8e4730e1c9_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e4f97bb7584c4d55_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e2fa7340d4950923_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e11bcdafaaa75eb5_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d68c2e39091fecb5_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d0654debbe0752ab_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c81e6b4ad9136b7e_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f7dd50aa7b62010a_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b9a0c0163bb1d181_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b8d6903289bdf5e5_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\af5c3b38004ce8f5_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ace05e7cac6c477f_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\aa4a263f93dfaac5_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a99544b9320222ee_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a7116b5a814c13d9_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a4e4f981b679f738_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a496b5ea39da3bad_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9f4474a9eac49cfc_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\90b75c1a333fbe5d_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG.old (copy)	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.oldUM (copy)	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons	SQLite 3.x database, last written using SQLite version 3032001	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old. (copy)	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8e8c910519af4dd5_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old (copy)	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies	SQLite 3.x database, last written using SQLite version 3032001	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-indexle (copy)	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\fd818ce584f1de3a_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\fa1d01002fa990ce_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\767113b0-fa79-4190-8639-732872c4e600.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\2310e2ec0ef84354_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1d5a541437e1e052_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1bcd0439134a3715_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1bc1b686e63f82ff_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\089da834c75847e1_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\047447b274c22c54_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\02c7e165ebc7c9de_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG.old (copy)	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG.old+r (copy)	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\85731e52-2030-48ab-938d-a8ef359b73f5.tmp	UTF-8 Unicode text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\253ada26cb26b6aa_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\712b253f-24e9-483c-9ccd-4fdeb4d60a86.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\6f1caa90-217e-45f8-b3d2-5dbabf7eca45.tmp	very short file (no magic)	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\59540b27-c3cd-4fba-a91e-d713daf58a79.tmp	UTF-8 Unicode text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\572ad7e7-aefe-4527-a630-538e3e81399e.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\48413a29-5c8a-4bc5-a70f-a1507c5c3ab4.tmp	UTF-8 Unicode text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\32f58287-2d64-4526-90ec-bde30d70d7bb.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\9dd49299-13d7-4a14-82d3-93e485763911.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\604261d8-7d32-48f4-8c55-7395998e6393.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\46a02d36-28f0-458e-84b5-033d791db3ff.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\32f6406c-b1f3-4042-8c49-fae4567f89a5.tmp	SysEx File -	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\64ad52f359b9abdc_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8e1634acc9edb463_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8c527f7c99a46d20_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\88d4628693712bea_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\859faf000b5b27df_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\810e53cf61aed9ba_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7e3b21fda9937990_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7cd4eb7d184ef6b5_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\74dda42491470d94_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7444ea2da1317cfb_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\72c14961ecbda7e1_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6b1462b985c4cc1a_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6671f4ecda0f6e11_0	data	#
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5eb56a63fca89ad6_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\511f06892f5a721b_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\4b94406e6b437b96_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\49e154754a1b515c_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\47a77da855f57cf8_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3da036a9ad3ac2b3_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\387591b72ede2a53_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\37f28228f077dd16_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3341dc8ccaa38e24_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\2f093249a8f8bca4_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\281a196a87838cee_0	data	#

https://aabsi-my.sharepoint.com/:o:/g/personal/fruelda_am_acmotors_com_ph/Ep2Z7kLFoWFOpBcL8hR8FGgBHXksBwm1GIMZZGE28lbrnQ?e=lnJa6i

Comments

Tags

Available tags:

Details

Joe Sandbox

Third Party Analysis Engines

IPs

Domains

URLs

Dropped files

https://aabsi-my.sharepoint.com/:o:/g/personal/fruelda_am_acmotors_com_ph/Ep2Z7kLFoWFOpBcL8hR8FGgBHXksBwm1GIMZZGE28lbrnQ?e=lnJa6i Options

Comments

Tags

Available tags:

Details

Joe Sandbox

Third Party Analysis Engines

IPs

Domains

URLs

Dropped files

Search started

https://aabsi-my.sharepoint.com/:o:/g/personal/fruelda_am_acmotors_com_ph/Ep2Z7kLFoWFOpBcL8hR8FGgBHXksBwm1GIMZZGE28lbrnQ?e=lnJa6i