https://1drv.ms:443/o/s!BH0KAtIoTvDMgQINIwbDDmuQjxkp?e=tej6OVmcREW9hZcUcQddjw&at=9

Status: finished

Submission Time: 2021-09-27 20:32:45 +02:00

Malicious

Phishing

HTMLPhisher

Comments

Details

Analysis ID:
491714
API (Web) ID:
859287
Analysis Started:

2021-09-27 20:32:46 +02:00
Analysis Finished:

2021-09-27 20:37:22 +02:00
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
	Full Report Management Report IOC Report	malicious Score: 72	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

malicious

IPs

IP	Country	Detection
40.90.142.226	United States
13.107.42.12	United States
239.255.255.250	Reserved
Click to see the 11 hidden entries
169.254.68.153	Reserved
142.250.185.78	United States
145.239.131.51	France
104.18.10.207	United States
142.250.74.193	United States
142.250.184.205	United States
142.250.186.99	United States
18.210.105.246	United States
162.241.149.153	United States
40.90.128.17	United States
104.16.19.94	United States

Domains

Name	IP	Detection
kit.fontawesome.com	0.0.0.0
www.onenote.com	0.0.0.0
spoprod-a.akamaihd.net	0.0.0.0
Click to see the 25 hidden entries
amcdn.msftauth.net	0.0.0.0
p.sfx.ms	0.0.0.0
onedrive.live.com	0.0.0.0
code.jquery.com	0.0.0.0
clients2.google.com	0.0.0.0
clients2.googleusercontent.com	0.0.0.0
skyapi.onedrive.live.com	0.0.0.0
ajax.aspnetcdn.com	0.0.0.0
storage.live.com	0.0.0.0
c.live.com	0.0.0.0
messaging.office.com	0.0.0.0
gstaticadssl.l.google.com	142.250.186.99
ka-f.fontawesome.com	0.0.0.0
onenoteonlinesync.onenote.com	0.0.0.0
i.ibb.co	145.239.131.51
1drv.ms	13.107.42.12
utfl.us	162.241.149.153
googlehosted.l.googleusercontent.com	142.250.74.193
i-am3p-cor002.api.p001.1drv.com	40.90.142.226
clients.l.google.com	142.250.185.78
maxcdn.bootstrapcdn.com	104.18.10.207
great-efficacious-libra.glitch.me	18.210.105.246
cdnjs.cloudflare.com	104.16.19.94
accounts.google.com	142.250.184.205
i-dub01p-cor001.api.p001.1drv.com	40.90.128.17

URLs

Name	Detection
https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers
https://amcdn.msftauth.net/me?partner=OneNoteOnline&version=10.21153.1&market=EN-US&wrapperId=suites
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
Click to see the 97 hidden entries
https://code.jquery.com/jquery-3.1.1.min.js
https://live.com/Z
https://onedrive.live.com
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=92.0.4515.107&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
https://onedrive.live.com/redir?resid=CCF04E28D2020A7D%21130&authkey=%21Ag0jBsMOa5CPGSk&page=View&wd=target%28Quick%20Notes.one%7C93d3533d-5f38-4277-8b03-bbccb389355c%2FBurkett%20Restaurant%20Equipment%20%20Supplies%7Ce83b5133-7b0d-4fe6-8f9d-ba805b8e2eef%2F%29
https://ogs.google.com
https://live.com/Q
https://onedrive.live.com/view.aspx?resid=CCF04E28D2020A7D
https://clients2.google.com
https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210729.001/wac2-bf8b3319
https://code.jquery.com/
https://utfl.us//ue908/a/next.php
https://great-efficacious-libra.glitch.me/F
https://p.sfx.ms//storage/aria-2.5.0.min.js
https://onenote.com/b
https://great-efficacious-libra.glitch.me/G
https://apis.google.com
https://live.com/$
https://ka-f.fontawesome.com/
https://great-efficacious-libra.glitch.me/ue908.html
https://1drv.ms/o/s
https://1drv.ms/o/s!BH0KAtIoTvDMgQINIwbDDmuQjxkp?e=tej6OVmcREW9hZcUcQddjw&at=9
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
https://live.com/e
https://live.com/h
https://csp.withgoogle.com/csp/report-to/IdentityListAccountsHttp/external
https://live.com/g
https://clients2.googleusercontent.com
https://live.com/b
https://live.com/a
https://support.google.com/chromecast/answer/2998456
https://i.ibb.co/vZXCdtH/outlook.png
https://onenote.com/(
https://live.com/y
https://onenote.com/
https://live.com/?
https://live.com/x
https://skyapi.onedrive.live.com/api/proxy?v=3
https://onenote.com/-
https://live.com/M
https://a.nel.cloudflare.com/report/v3?s=5U%2FkU%2BjFeOKRc1nOWWsjAOd%2BgExs5Erq0pNBD0rlRsbmWcgrcyjk0
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
https://live.com/E
https://live.com/H
https://hangouts.google.com/
https://great-efficacious-libra.glitch.me/.
https://live.com/C
https://i.ibb.co/6rZqcnD/office365.png
https://live.com/s)
https://live.com/fT
https://onenote.com/WRe)
https://great-efficacious-libra.glitch.me/ue908.html
https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210729.001/jquery-1.7.2-
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
https://kit.fontawesome.com/585b051251.js
https://cdnjs.cloudflare.com
https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushersu
https://a.nel.cloudflare.com/report/v3?s=gbp5iRzxkFD5bhKdG2wq%2Bc1cH1RkcFxLNQmF1R8TtAsFeFWa3oyJOZItm
https://live.com/
https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210729.001/wac1-cdc297b4
https://support.google.com/chromecast/troubleshooter/2995236
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.7.2.min.js
https://www.google.com
https://onedrive.live.com/
https://onedrive.live.com/redir?resid=CCF04E28D2020A7D%21130&authkey=%21Ag0jBsMOa5CPGSk&page=View&wd
https://great-efficacious-libra.glitch.me/ue908.htmlShare
https://onedrive.live.com/handlers/clientstring.mvc?mkt=en-US&group=GroupFolders&v=19.725.0719.2003&
https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210729.001/wac_s_office-
https://live.com/_C
https://i.ibb.co/1Rvzzk8/gmail1.png
https://code.jquery.com/jquery-3.2.1.slim.min.js
https://onedrive.live.com/redir?resid=CCF04E28D2020A7D
https://feedback.googleusercontent.com
https://accounts.google.com
https://live.com/6
https://great-efficacious-libra.glitch.me/favicon.ico
https://www.onenote.com/officeaddins/learningtools/?et=
https://great-efficacious-libra.glitch.me/1P
https://sandbox.google.com/payments/v4/js/integrator.js
https://onedrive.live.com:443
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-2.1.3.min.js
https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210729.001/wac0-efa56458
https://ka-f.fontawesome.com
https://csp.withgoogle.com/csp/report-to/OneGoogleWidgetUi/external
https://onedrive.live.com/handlers/clientstring.mvc?mkt=en-US&group=Office&v=19.725.0719.2003&useReq
https://i.ibb.co/qNj7bsz/other1.png
https://www.google.com/
https://spoprod-a.akamaihd.net
https://maxcdn.bootstrapcdn.com
https://live.com/qC
https://onedrive.live.com/view.aspx?resid=CCF04E28D2020A7D!130&ithint=onenote&authkey=!Ag0jBsMOa5CPGSk
https://great-efficacious-libra.glitch.me/css/hover.css
https://great-efficacious-libra.glitch.me/
https://kit.fontawesome.com/
https://www.google.com;
https://payments.google.com/payments/v4/js/integrator.js
https://maxcdn.bootstrapcdn.com/

Dropped files

Name	File Type	Hashes
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a4e4f981b679f738_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\dc791ca3e3d643d6_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d83685a8009852e3_0	data	#
Click to see the 97 hidden entries
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\cbc4c2abcb8aa92a_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c589c410046f7db0_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c2a8b1231073fa2a_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ba859982ea35aebb_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b67b6a74d56845ce_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\af5c3b38004ce8f5_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\af47f16bd7610af9_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ae91f4d35288cc27_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a63ea7b972ca7cfa_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a5534787ec2d07e5_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e2fa7340d4950923_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a29dc5bca0d7f772_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9ef530ac8e11a4d2_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9ed2fcd8165ac8a3_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9e03917aff818da1_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9bee922fc98a1fe8_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9b678471d0290a69_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9a25d4617c36f111_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\97f512e7491a7456_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\941b06fb8478e48f_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\93a3fa42e61c139b_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9353779ee6ffff87_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Google Profile.ico7 (copy)	MS Windows icon resource - 13 icons, 8x8, 32 bits/pixel, 10x10, 32 bits/pixel	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG.oldCK (copy)	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons	SQLite 3.x database, last written using SQLite version 3035005	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\9221.427.0.1_0\_metadata\computed_hashes.json	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_1\_metadata\computed_hashes.json	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old (copy)	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.oldK (copy)	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\92ac6bcd4238ab45_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies	SQLite 3.x database, last written using SQLite version 3035005	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-indexge (copy)	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\faa473b89c4cb6d5_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\fa1d01002fa990ce_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f8454b9b69153474_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f7dd50aa7b62010a_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f3d7599b2ef11517_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ea8fc1980a2c60c0_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e96383cd4fdf8308_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\54ade329-ab1e-4f2e-bd25-0a92bcce7065.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\2e60a340af51fb52_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\253ada26cb26b6aa_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1fd1d25d46212c70_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1bff270e32b0ba8c_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1bc1b686e63f82ff_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1ab14149c9b37915_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\12609919983ee517_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\0e9db8ca960fef70_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\09f2c706fbeaa761_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\089da834c75847e1_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\047447b274c22c54_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\02d4aaf953a2f242_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\2f093249a8f8bca4_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\5088c76e-6987-41f5-b0e1-e19c5cf8f54d.tmp	UTF-8 Unicode text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\41e8bd9c-59c6-4634-b965-9997033c976e.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\410350c4-690d-4b53-b19a-2aabc2ab46ac.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\264c8541-ea61-499f-8f3b-3b1316c263bd.tmp	very short file (no magic)	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1514d93a-59e1-4f89-863d-d3ec0714f445.tmp	UTF-8 Unicode text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\784376f7-689b-4347-ae6c-c33034cfa0aa.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\47bfeafa-3570-473e-989e-1b3ed5f56b10.tmp	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\3beaec9a-dc45-4c48-8efe-fed5428a6284.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\38bb355d-6818-4b6d-8c63-c4d94f3d568a.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\261e3fd0-b4bd-43f1-9a9f-5e26dbd287da.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\526dece192072100_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8e1634acc9edb463_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8db287ed550f8594_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8a281a193daaab2f_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\810e53cf61aed9ba_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7cd4eb7d184ef6b5_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7627f51e9323d3c1_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7444ea2da1317cfb_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6c5096a78a4a9b6d_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\65947caaf1db9298_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6307df8c1ac7f419_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\621b14f10032e8ca_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5bde89341a061de0_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\0a669ba1-4ffb-4fda-b405-fdc0b4afe851.tmp	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5266d9eec5c58a3c_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\511f06892f5a721b_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\4faa0455d4039afa_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\4a5863ccb129da6d_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\4a0fdcbc7d76ecf2_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\494f0b1321cc8f5a_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\41925020bae877cf_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3da036a9ad3ac2b3_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3cea4a09fd476ccb_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3a0931e6eb23e5a7_0	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\387591b72ede2a53_0	data	#

https://1drv.ms:443/o/s!BH0KAtIoTvDMgQINIwbDDmuQjxkp?e=tej6OVmcREW9hZcUcQddjw&at=9

Comments

Tags

Available tags:

Details

Joe Sandbox

Third Party Analysis Engines

IPs

Domains

URLs

Dropped files

https://1drv.ms:443/o/s!BH0KAtIoTvDMgQINIwbDDmuQjxkp?e=tej6OVmcREW9hZcUcQddjw&at=9 Options

Comments

Tags

Available tags:

Details

Joe Sandbox

Third Party Analysis Engines

IPs

Domains

URLs

Dropped files

Search started

https://1drv.ms:443/o/s!BH0KAtIoTvDMgQINIwbDDmuQjxkp?e=tej6OVmcREW9hZcUcQddjw&at=9