Joe Sandbox Cloud Basic

Want to search on specific fields?


Try our:

Advanced Search

Want to search in depth on all Cloud Basic reports?

Try: Joe Sandbox View

Register Login
Deep Malware Analysis
top title background image
flash

Number IA0015533.docx

Status: finished
Submission Time: 2023-09-15 00:30:07 +02:00
Clean

Comments

Tags

Details

  • Analysis ID:
    1308596
  • API (Web) ID:
    1308596
  • Analysis Started:
    2023-09-15 00:33:55 +02:00
  • Analysis Finished:
    2023-09-15 00:47:26 +02:00
  • MD5:
    4d2472c5d7a4b4a3cb5e28137900ea8b
  • SHA1:
    68627ad0ff6ff6a7d1077d72014e49f2746b7f4c
  • SHA256:
    7b9244c91dbee5e88fa4dd7056b8805f08f406fea5d811108ea2c8ed42701bb8
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
Full Report Management Report IOC Report
clean
Score: 3
System: Windows 7 x64 SP1 with Office 2010 SP1 (IE 11, FF52, Chrome 57, Adobe Reader DC 15, Flash 25.0.0.127, Java 8 Update 121, .NET 4.6.2)
Full Report Management Report IOC Report
clean
Score: 3
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Run Condition: Potential for more IOCs and behavior

IPs

IP Country Detection
142.251.32.78
 United States
99.83.233.105
 United States
172.217.1.4
 United States
Click to see the 7 hidden entries
149.96.250.232
 United States
18.165.25.56
 United States
75.2.37.199
 United States
239.255.255.250
 Reserved
142.251.41.77
 United States
18.165.9.63
 United States
18.165.25.115
 United States

Domains

Name IP Detection
a1c0075a909445e0e.awsglobalaccelerator.com
 99.83.233.105
dswil7paq6w0k.cloudfront.net
 18.165.25.56
accounts.google.com
 142.251.41.77
Click to see the 8 hidden entries
sephora.service-now.com
 149.96.250.232
www.google.com
 172.217.1.4
clients.l.google.com
 142.251.32.78
d37qf8t9pe6csu.cloudfront.net
 18.165.9.63
clients2.google.com
 0.0.0.0
sephoraus.okta.com
 0.0.0.0
ok12static.oktacdn.com
 0.0.0.0
login.okta.com
 0.0.0.0

URLs

Name Detection
https://sephora.service-now.com/scripts/dist/sp_min.jsx?v=08-20-2023_0545
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=109.0.5414.120&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
https://sephora.service-now.com/scripts/ui_page_footer.jsx?v=08-20-2023_0545
Click to see the 97 hidden entries
https://sephora.service-now.com/scripts/js_includes_sp_libs_min.jsx?v=08-20-2023_0545&lp=Thu_Aug_31_23_18_45_PDT_2023&c=12_210
https://sephora.service-now.com/login_with_sso.do?glide_sso_id=1649d7a987dd0d50414686ae8bbb3532
https://ok12static.oktacdn.com/assets/js/mvc/loginpage/initLoginPage.pack.d05a8c2e6bdf6d212b92af4d6b9cfefe.js
http://www.webcolors.freeserve.co.uk/names140.htm
https://github.com/Eonasdan/bootstrap-datetimepicker/
http://angularjs.org
https://api.typingdna.com/scripts/typingdna.js
https://sephora.service-now.com/ssp
https://sephoraus.okta.com/api/internal/brand/theme/style-sheet?touch-point=SIGN_IN_PAGE&v=abc4780733b2999dc5536ea4bf18a7237d32beafe91e2f7611b8af3ecb8ae0d0dfb208992a3b1ecefd0c0f9333f4b59d
https://sephora.service-now.com/scripts/js_includes_customer.jsx?v=08-20-2023_0545&lp=Thu_Aug_31_23_18_45_PDT_2023&c=12_210
https://sephora.service-now.com/styles/css_includes_$sp_later.css?v=9b05809d471db1103ecf7134846d4302
https://ok12static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.9.1/js/okta-sign-in.min.js
http://www.opensource.org/licenses/mit-license.html
https://sephora.service-now.com/styles/fonts/source-sans-pro/source-sans-pro-v11-latin-regular.woff2
https://sephoraus.okta.com/api/v1/authn/introspect
https://sephora.service-now.com/app_com.jsdbx?c=21
https://ok12static.oktacdn.com/assets/loginpage/css/loginpage-theme.c1227d73b70be13e51aae80fe238b0ae.css
https://sephora.service-now.com/styles/fonts/source-sans-pro/source-sans-pro-latin.css?v=9b05809d471db1103ecf7134846d4302
https://sephora.service-now.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Fsephoraus.okta.com%2Fapp%2Fsephoraus_servicenowprod_1%2Fexk3pd3u541xacHCr5d7%2Fsso%2Fsaml%3FSAMLRequest%3DnVPRjtowEPyVyO9JSALhsACJBlWHdL0i4PrQl5OxN4d1ie16HaB%252FXydwB1J7VO2rd3Z2ZnY9RlZXqaGzxu3UCn40gC441pVCeqpMSGMV1QwlUsVqQOo4Xc%252B%252BPNA06lFjtdNcVySYIYJ1UqtCK2xqsGuwe8nhafUwITvnDNI4RjA7bVmEp1qo9CHiuo4V2xv2ApHQJJh7BVKxluq3xgYj%252FepY18OMuTw%252Fnxk9oZcknpMYjq%252BZEVkz6CdHxu8LOxDDGFHHrS0SfNaWQ2d6QkpWIZBgMZ%252BQ9WOxzfO7Xl6KbNgb3fH%252BEFjGEhiNRjkvGS%252B3HohLhij3cGlFbGCh0DHlJiTtpVnYG4VJf5OmNBvQJI%252FyfvqdBMtzXJ%252BkElK93M52ewIhvd9sluHy63rTEeylAPvo0f8W6zew2EXqqcl03C2Xdrrt9b5vS2JvSybTv8wex9cTzvMMbXUv5ktdSf4zmFWVPhQWmPNenG2gW0vN3McikijpXqQIyw5KoWaymglhAZHE74POpwyi27G%252FSQdHFxS6NsxKbHMAfxbuPYlrWFF5nyso%252FyuXmzBOecvtn9sLOmgr2osA7nVuLFNotHVvyf1J0fRc%252FMDfpXz9nae%252FAA%253D%253D%26RelayState%3Dhttps%253A%252F%252Fsephora.service-now.com%252Fssp
https://sephora.service-now.com/styles/fonts/source-sans-pro/source-sans-pro-v11-latin-700.woff2
https://sephora.service-now.com/uxasset/externals/managed-service-workers/polaris-sw-cache-uxf-rest.jsdbx
https://sephora.service-now.com/api/now/sp/announcement
https://sephora.service-now.com/ssp
http://mths.be/placeholder
https://sephora.service-now.com/scripts/heisenberg/heisenberg_all.jsx?v=08-20-2023_0545
http://errors.angularjs.xlts.dev/1.5.16/
https://sephora.service-now.com/styles/heisenberg/heisenberg_all.cssx?v=08-20-2023_0545&c=ff40aa78479531103ecf7134846d4325&theme=system
https://login.okta.com/lib/discoveryIframe-88dc7396afa19c320b05.min.js
https://sephora.service-now.com/styles/css_includes_$sp.css?v=9b05809d471db1103ecf7134846d4302
https://sephora.service-now.com/styles/fonts/source-sans-pro/SourceSansPro-Regular.otf.woff
https://sephora.service-now.com/api/now/sp/page?time=1694730913211&portal_id=ed95c2521b199c50c2880d87cc4bcb57&request_uri=%2Fssp
https://sephora.service-now.com/uxasset/externals/managed-service-workers/polaris-sw-prefetch-iframe.jsdbx
https://jquery.org/license
http://fontawesome.io/license
http://github.com/kriskowal/q/raw/master/LICENSE
https://mzl.la/2XDhn1e
https://www.chromestatus.com/feature/4609574738853888
http://www.apache.org/licenses/LICENSE-2.0.
https://sephoraus.okta.com/favicon.ico
https://ok12static.oktacdn.com/fs/bco/1/fs0nzvqfjhS8YpFoE5d6
https://sephora.service-now.com/scripts/doctype/history_across_tabs.jsx?v=08-20-2023_0545
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
https://bugs.chromium.org/p/chromium/issues/detail?id=824647
https://sephora.service-now.com/app_com.cxs.contextual_search.jsdbx?c=56
https://ok12static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.9.1/font/montserrat-okta-light-webfont.woff
https://developers.google.com/open-source/licenses/bsd
http://www.apache.org/licenses/LICENSE-2.0
https://docs.oracle.com/javase/8/docs/api/java/time/ZoneId.html#SHORT_IDS
http://dabblet.com)
http://www.quirksmode.org/css/box.html
https://demonightlypolaris.service-now.com/now
https://ok12static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.9.1/font/montserrat-okta-regular-webfont.woff
https://sephora.service-now.com/scripts/js_includes_list_edit_doctype.jsx?v=08-20-2023_0545&lp=Thu_Aug_31_23_18_45_PDT_2023&c=12_210
https://sephora.service-now.com/scripts/doctype/z_last_include.jsx?v=08-20-2023_0545
https://sephora.service-now.com/legacy_date_time_choices_processor.do?lang=en
https://sephora.service-now.com/styles/scss/sp-bootstrap-basic.scss?portal_id=ed95c2521b199c50c2880d87cc4bcb57&theme_id=16e88ed21b199c50c2880d87cc4bcb41&v=9b05809d471db1103ecf7134846d4302
https://sephora.service-now.com/uxasset/externals/managed-service-workers/polaris-sw-prefetch-form-gql.jsdbx
https://ok12static.oktacdn.com/fs/bco/7/fs01gaca0csq9fmES5d7
https://xlts.dev/angularjs
http://prismjs.com/download.html?themes=prism&languages=markup
https://sephora.service-now.com/NS%20-%20GlobalCatalogItemFunctions.jsdbx?c=2
https://sephora.service-now.com/styles/css_includes_doctype.cssx?v=08-20-2023_0545&c=ff40aa78479531103ecf7134846d4325&theme=system
https://ok12static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.9.1/img/ui/forms/checkbox-sign-in-widget.png
http://jqueryui.com
https://sephora.service-now.com/scripts/doctype/js_includes_last_doctype.jsx?v=08-20-2023_0545&lp=Thu_Aug_31_23_18_45_PDT_2023&c=12_210
https://sephora.service-now.com/styles/retina_icons/retina_icons.woff?037a100526e74aad9b386cc936c21f93
https://sephora.service-now.com/api/now/sp/rectangle/33e464401b1074504abaa6c1604bcb7d
https://login.okta.com/discovery/iframe.html
https://ok12static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.9.1/css/okta-sign-in.min.css
https://sephora.service-now.com/ConditionalFocus.jsdbx?v=08-20-2023_0545&c=12_210
https://sephora.service-now.com/angular.do?sysparm_type=get_partial&name=sn_banner.xml
http://fontawesome.io
https://typingdna.com/scripts/typingdna.js
https://developers.google.com/web/updates/2019/09/fresher-sw#updateviacache
http://jquery.org/license
https://sephora.service-now.com/angular.do?sysparm_type=message
https://login.okta.com/discovery/iframe.html
https://sephora.service-now.com/uxasset/externals/managed-service-workers/fetch-fallback.jsdbx
https://npms.io/search?q=ponyfill.
https://js.foundation/
https://sizzlejs.com/
https://sephora.service-now.com/scripts/transaction_scope_includes.jsx?v=08-20-2023_0545
https://sephora.service-now.com/scripts/doctype/js_includes_doctype.jsx?v=08-20-2023_0545&lp=Thu_Aug_31_23_18_45_PDT_2023&c=12_210
https://ok12static.oktacdn.com/fs/bcg/4/gfs3pd8kpomSHgyub5d7
https://github.com/js-cookie/js-cookie
http://typingdna.com
http://qtip2.com
https://sephoraus.okta.com/login/login.htm?fromURI=%2Fapp%2Fsephoraus_servicenowprod_1%2Fexk3pd3u541xacHCr5d7%2Fsso%2Fsaml%3FSAMLRequest%3DnVPRjtowEPyVyO9JSALhsACJBlWHdL0i4PrQl5OxN4d1ie16HaB%252FXydwB1J7VO2rd3Z2ZnY9RlZXqaGzxu3UCn40gC441pVCeqpMSGMV1QwlUsVqQOo4Xc%252B%252BPNA06lFjtdNcVySYIYJ1UqtCK2xqsGuwe8nhafUwITvnDNI4RjA7bVmEp1qo9CHiuo4V2xv2ApHQJJh7BVKxluq3xgYj%252FepY18OMuTw%252Fnxk9oZcknpMYjq%252BZEVkz6CdHxu8LOxDDGFHHrS0SfNaWQ2d6QkpWIZBgMZ%252BQ9WOxzfO7Xl6KbNgb3fH%252BEFjGEhiNRjkvGS%252B3HohLhij3cGlFbGCh0DHlJiTtpVnYG4VJf5OmNBvQJI%252FyfvqdBMtzXJ%252BkElK93M52ewIhvd9sluHy63rTEeylAPvo0f8W6zew2EXqqcl03C2Xdrrt9b5vS2JvSybTv8wex9cTzvMMbXUv5ktdSf4zmFWVPhQWmPNenG2gW0vN3McikijpXqQIyw5KoWaymglhAZHE74POpwyi27G%252FSQdHFxS6NsxKbHMAfxbuPYlrWFF5nyso%252FyuXmzBOecvtn9sLOmgr2osA7nVuLFNotHVvyf1J0fRc%252FMDfpXz9nae%252FAA%253D%253D%26RelayState%3Dhttps%253A%252F%252Fsephora.service-now.com%252Fssp
https://sephora.service-now.com/scripts/app.guided_tours/js_guided_tours_includes.jsx?v=08-20-2023_0545
https://sephora.service-now.com/styles/heisenberg/source_sans_pro.cssx?v=08-20-2023_0545&c=ff40aa78479531103ecf7134846d4325&theme=system
https://jquery.com/
https://sephora.service-now.com/styles/retina_icons/retina_icons.css?v=08-20-2023_0545
https://sephoraus.okta.com/
https://sephoraus.okta.com/app/sephoraus_servicenowprod_1/exk3pd3u541xacHCr5d7/sso/saml?SAMLRequest=nVPRjtowEPyVyO9JSALhsACJBlWHdL0i4PrQl5OxN4d1ie16HaB%2FXydwB1J7VO2rd3Z2ZnY9RlZXqaGzxu3UCn40gC441pVCeqpMSGMV1QwlUsVqQOo4Xc%2B%2BPNA06lFjtdNcVySYIYJ1UqtCK2xqsGuwe8nhafUwITvnDNI4RjA7bVmEp1qo9CHiuo4V2xv2ApHQJJh7BVKxluq3xgYj%2FepY18OMuTw%2Fnxk9oZcknpMYjq%2BZEVkz6CdHxu8LOxDDGFHHrS0SfNaWQ2d6QkpWIZBgMZ%2BQ9WOxzfO7Xl6KbNgb3fH%2BEFjGEhiNRjkvGS%2B3HohLhij3cGlFbGCh0DHlJiTtpVnYG4VJf5OmNBvQJI%2FyfvqdBMtzXJ%2BkElK93M52ewIhvd9sluHy63rTEeylAPvo0f8W6zew2EXqqcl03C2Xdrrt9b5vS2JvSybTv8wex9cTzvMMbXUv5ktdSf4zmFWVPhQWmPNenG2gW0vN3McikijpXqQIyw5KoWaymglhAZHE74POpwyi27G%2FSQdHFxS6NsxKbHMAfxbuPYlrWFF5nyso%2FyuXmzBOecvtn9sLOmgr2osA7nVuLFNotHVvyf1J0fRc%2FMDfpXz9nae%2FAA%3D%3D&RelayState=https%3A%2F%2Fsephora.service-now.com%2Fssp
https://sephora.service-now.com/uxsw/scope/root.js
https://sephora.service-now.com/scripts/doctype/js_includes_legacy.jsx?v=08-20-2023_0545&lp=Thu_Aug_31_23_18_45_PDT_2023&c=12_210
https://sephora.service-now.com/sp-landing-back.jpg

Dropped files

No malicious files found. See full and IOC report for all dropped files.