Joe Sandbox Cloud Basic

Want to search on specific fields?


Try our:

Advanced Search

Want to search in depth on all Cloud Basic reports?

Try: Joe Sandbox View

Register Login
sloganpng
top title background image
flash

https://bidproposalinvite.ucraft.site/

Status: finished
Submission Time: 2022-01-28 22:25:54 +01:00
Malicious
Phishing
HTMLPhisher

Comments

Tags

Details

  • Analysis ID:
    562468
  • API (Web) ID:
    929992
  • Analysis Started:
    2022-01-28 22:25:55 +01:00
  • Analysis Finished:
    2022-01-28 22:29:43 +01:00
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
Full Report Management Report IOC Report
malicious
Score: 60
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

IPs

IP Country Detection
239.255.255.250
 Reserved
142.250.203.99
 United States
104.16.18.94
 United States
Click to see the 15 hidden entries
104.18.22.52
 United States
216.58.212.161
 United States
69.16.175.10
 United States
161.97.110.227
 United States
172.217.168.10
 United States
172.217.168.74
 United States
142.250.203.106
 United States
142.250.185.237
 United States
142.250.203.110
 United States
104.21.81.131
 United States
216.58.215.227
 United States
104.21.45.175
 United States
35.205.94.174
 United States
104.18.10.207
 United States
34.104.35.123
 United States

Domains

Name IP Detection
gstaticadssl.l.google.com
 216.58.215.227
taeappliances.space
 161.97.110.227
bidproposalinvite.ucraft.site
 35.205.94.174
Click to see the 11 hidden entries
accounts.google.com
 142.250.185.237
cdnjs.cloudflare.com
 104.16.18.94
maxcdn.bootstrapcdn.com
 104.18.10.207
clients.l.google.com
 142.250.203.110
googlehosted.l.googleusercontent.com
 216.58.212.161
static.ucraft.net
 104.21.45.175
clients2.googleusercontent.com
 0.0.0.0
clients2.google.com
 0.0.0.0
ka-f.fontawesome.com
 0.0.0.0
code.jquery.com
 0.0.0.0
kit.fontawesome.com
 0.0.0.0

URLs

Name Detection
https://bidproposalinvite.ucraft.site/
https://taeappliances.space/schl/index.php

Dropped files

Name File Type Hashes Detection
C:\Users\alfredo\AppData\Local\Temp\ee010154-e4b4-46cc-b86b-455c5b59bba4.tmp
 gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
 #
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7612_2009907960\CRX_INSTALL\_locales\es\messages.json
 HTML document, ASCII text, with very long lines, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7612_2009907960\CRX_INSTALL\_locales\en\messages.json
 HTML document, ASCII text, with very long lines, with no line terminators
 #
Click to see the 97 hidden entries
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7612_2009907960\CRX_INSTALL\_locales\el\messages.json
 HTML document, ASCII text, with very long lines, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7612_2009907960\CRX_INSTALL\_locales\de\messages.json
 HTML document, ASCII text, with very long lines, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7612_2009907960\CRX_INSTALL\_locales\da\messages.json
 HTML document, ASCII text, with very long lines, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7612_2009907960\CRX_INSTALL\_locales\cs\messages.json
 HTML document, ASCII text, with very long lines, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7612_2009907960\CRX_INSTALL\_locales\ca\messages.json
 HTML document, ASCII text, with very long lines, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7612_2009907960\CRX_INSTALL\_locales\bn\messages.json
 HTML document, ASCII text, with very long lines, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7612_2009907960\CRX_INSTALL\_locales\bg\messages.json
 HTML document, ASCII text, with very long lines, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7612_2009907960\CRX_INSTALL\_locales\ar\messages.json
 HTML document, ASCII text, with very long lines, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7612_2009907960\CRX_INSTALL\_locales\am\messages.json
 HTML document, ASCII text, with very long lines, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Temp\fac369e9-fccf-40a2-910d-a6971692204e.tmp
 Google Chrome extension, version 3
 #
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7612_2009907960\CRX_INSTALL\_locales\et\messages.json
 HTML document, ASCII text, with very long lines, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Temp\e1088b87-1776-48c3-87e8-cc666eeefc03.tmp
 UTF-8 Unicode text, with very long lines, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Temp\d5ada7e0-51a6-45df-bad7-9590fbb9d791.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Temp\c84d928a-d60c-492a-a1af-65c9d2ed4b04.tmp
 gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
 #
C:\Users\alfredo\AppData\Local\Temp\b9f31c97-9497-4944-98c6-6ca189e6c519.tmp
 gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
 #
C:\Users\alfredo\AppData\Local\Temp\820039c0-38f3-43b6-86d0-13ea266c495e.tmp
 Google Chrome extension, version 3
 #
C:\Users\alfredo\AppData\Local\Temp\7612_2096733677\manifest.json
 ASCII text
 #
C:\Users\alfredo\AppData\Local\Temp\7612_2096733677\manifest.fingerprint
 ASCII text, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Temp\7612_2096733677\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_llc_nexe
 ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=309d6d3d463e6b1b0690f39eb226b1e4c469b2ce, stripped
 #
C:\Users\alfredo\AppData\Local\Temp\7612_2096733677\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_dummy_a
 current ar archive
 #
C:\Users\alfredo\AppData\Local\Temp\7612_2096733677\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_a
 current ar archive
 #
C:\Users\alfredo\AppData\Local\Temp\7612_2096733677\_platform_specific\x86_64\pnacl_public_x86_64_libgcc_a
 current ar archive
 #
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7612_2009907960\CRX_INSTALL\_locales\ja\messages.json
 HTML document, ASCII text, with very long lines, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7612_2009907960\CRX_INSTALL\_locales\ro\messages.json
 HTML document, ASCII text, with very long lines, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7612_2009907960\CRX_INSTALL\_locales\pt\messages.json
 HTML document, ASCII text, with very long lines, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7612_2009907960\CRX_INSTALL\_locales\pl\messages.json
 HTML document, ASCII text, with very long lines, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7612_2009907960\CRX_INSTALL\_locales\nl\messages.json
 HTML document, ASCII text, with very long lines, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7612_2009907960\CRX_INSTALL\_locales\nb\messages.json
 HTML document, ASCII text, with very long lines, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7612_2009907960\CRX_INSTALL\_locales\ms\messages.json
 HTML document, ASCII text, with very long lines, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7612_2009907960\CRX_INSTALL\_locales\mr\messages.json
 HTML document, ASCII text, with very long lines, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7612_2009907960\CRX_INSTALL\_locales\ml\messages.json
 HTML document, ASCII text, with very long lines, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7612_2009907960\CRX_INSTALL\_locales\lv\messages.json
 HTML document, ASCII text, with very long lines, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7612_2009907960\CRX_INSTALL\_locales\lt\messages.json
 HTML document, ASCII text, with very long lines, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7612_2009907960\CRX_INSTALL\_locales\ko\messages.json
 HTML document, ASCII text, with very long lines, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7612_2009907960\CRX_INSTALL\_locales\kn\messages.json
 HTML document, ASCII text, with very long lines, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Temp\7612_2096733677\_platform_specific\x86_64\pnacl_public_x86_64_libcrt_platform_a
 current ar archive
 #
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7612_2009907960\CRX_INSTALL\_locales\iw\messages.json
 HTML document, ASCII text, with very long lines, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7612_2009907960\CRX_INSTALL\_locales\it\messages.json
 HTML document, ASCII text, with very long lines, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7612_2009907960\CRX_INSTALL\_locales\id\messages.json
 HTML document, ASCII text, with very long lines, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7612_2009907960\CRX_INSTALL\_locales\hu\messages.json
 HTML document, ASCII text, with very long lines, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7612_2009907960\CRX_INSTALL\_locales\hr\messages.json
 HTML document, ASCII text, with very long lines, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7612_2009907960\CRX_INSTALL\_locales\hi\messages.json
 HTML document, ASCII text, with very long lines, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7612_2009907960\CRX_INSTALL\_locales\gu\messages.json
 HTML document, ASCII text, with very long lines, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7612_2009907960\CRX_INSTALL\_locales\fr\messages.json
 HTML document, ASCII text, with very long lines, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7612_2009907960\CRX_INSTALL\_locales\fil\messages.json
 HTML document, ASCII text, with very long lines, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7612_2009907960\CRX_INSTALL\_locales\fi\messages.json
 HTML document, ASCII text, with very long lines, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7612_2009907960\CRX_INSTALL\_locales\fa\messages.json
 HTML document, ASCII text, with very long lines, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\429e9052-89f2-4fc6-a4dd-26770a360ec6.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
 data
 #
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Secure Preferencesn (copy)
 UTF-8 Unicode text, with very long lines, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences9 (copy)
 UTF-8 Unicode text, with very long lines, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)
 UTF-8 Unicode text, with very long lines, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Preferences\ (copy)
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\PreferencesNT (copy)
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State (copy)
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Google Profile.ico.l (copy)
 MS Windows icon resource - 13 icons, 8x8, 32 bits/pixel, 10x10, 32 bits/pixel
 #
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\9221.427.0.1_0\_metadata\computed_hashes.json
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\790fda5f-f49a-4c17-9eee-852bff3de094.tmp
 MS Windows icon resource - 13 icons, 8x8, 32 bits/pixel, 10x10, 32 bits/pixel
 #
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\48fc6a52-bf72-4914-9fd0-0f7816e0de2a.tmp
 UTF-8 Unicode text, with very long lines, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000001.dbtmp
 ASCII text
 #
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\3791d3db-41dd-41fe-bdbf-a19bcef9c931.tmp
 UTF-8 Unicode text, with very long lines, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\371e6fe9-cf5a-4361-9104-71f3ee87cb17.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\2aa1ff7e-8a88-48b7-b7ac-0bdf226dc6c9.tmp
 very short file (no magic)
 #
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\2a3b55fa-9cc0-468f-a704-8b0691766de2.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\1f7e3420-4145-4aad-b7ce-15581de177cf.tmp
 UTF-8 Unicode text, with very long lines, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\0ab4fcd6-a321-4e03-ae13-db7d56eb0aca.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
 data
 #
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\9bdf8759-d7e0-4ca0-9bd6-0a4a6bae9709.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\49238e0f-3431-48dd-b242-07d709c8d031.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\366bac09-96ad-4fe1-986a-898c63bd6c69.tmp
 data
 #
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\170c4f52-03f6-436c-9884-3c21532452fc.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Module Info Cache\i (copy)
 data
 #
C:\Users\alfredo\AppData\Local\Temp\7612_2096733677\_platform_specific\x86_64\pnacl_public_x86_64_ld_nexe
 ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=7511538a3a6a0b862c772eace49075ed1bbe2377, stripped
 #
C:\Users\alfredo\AppData\Local\Temp\7612_2096733677\_platform_specific\x86_64\pnacl_public_x86_64_crtend_o
 ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
 #
C:\Users\alfredo\AppData\Local\Temp\7612_2096733677\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_o
 ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
 #
C:\Users\alfredo\AppData\Local\Temp\7612_2096733677\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_for_eh_o
 ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
 #
C:\Users\alfredo\AppData\Local\Temp\7612_2096733677\_platform_specific\x86_64\pnacl_public_pnacl_json
 ASCII text
 #
C:\Users\alfredo\AppData\Local\Temp\7612_2096733677\_metadata\verified_contents.json
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Temp\6979b419-e506-45e5-9dec-1c934e3b5149.tmp
 UTF-8 Unicode text, with very long lines, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Temp\488990eb-e4a9-46f3-8c0f-d23d3877f267.tmp
 ASCII text, with very long lines
 #
C:\Users\alfredo\AppData\Local\Temp\1fb7fa2c-e19c-410f-9829-940f6d493e59.tmp
 gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
 #
C:\Users\alfredo\AppData\Local\Temp\1ed06a14-9a3f-4db5-a7fc-29e7cca4b83e.tmp
 gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
 #
C:\Users\alfredo\AppData\Local\Temp\16125326-c92d-4d98-b37d-402ec8053a4a.tmp
 gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
 #
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\a91afdda-025c-4f01-af72-319a7226ac67.tmp
 data
 #
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\04801f5c-3ef2-456d-aa06-0bc636c0f42d.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Local State. (copy)
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Local State (copy)
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Last Version
 ASCII text, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Last Browser
 data
 #
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\e522abcb-6cfc-4b42-91dc-45514247a1bf.tmp
 UTF-8 Unicode text, with very long lines, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000006.dbtmp
 ASCII text
 #
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\d9e0040c-3299-4a5a-9d0f-7ab9938f6cc9.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\b7591223-a5f6-4329-94b2-6501dfc4af03.tmp
 UTF-8 Unicode text, with very long lines, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\a0c0019d-035e-47dc-ba49-5cddcf9729fd.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\MANIFEST-000001
 PGP\011Secret Key -
 #
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\CURRENT (copy)
 ASCII text
 #