Non_disclosure_agreement.lnk.download.lnk

Status: finished

Submission Time: 2024-12-12 12:20:15 +01:00

Malicious

Comments

Details

Analysis ID:
1573625
API (Web) ID:
1573625
Analysis Started:

2024-12-12 12:20:16 +01:00
Analysis Finished:

2024-12-12 12:26:35 +01:00
MD5:
413479ab667ffbd045129213cd9ad61c
SHA1:
484e52e4d48b647df85d65cb834c3f73fe24a682
SHA256:
91251635b5bec7882ada03980c0dcb33056687e70ad481234a3f16daf7276ee9
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
		malicious
	Full Report Management Report IOC Report	malicious Score: 68	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

Open Full Report

malicious

Score: 29/63

malicious

Score: 8/24

IPs

IP	Country	Detection
166.1.160.162	United States
104.18.27.193	United States
52.33.142.237	United States
Click to see the 50 hidden entries
239.255.255.250	Reserved
68.67.179.87	United States
104.18.66.57	United States
108.138.128.25	United States
52.87.141.1	United States
13.33.252.10	United States
142.250.72.100	United States
162.247.243.39	United States
142.250.181.65	United States
52.26.65.121	United States
172.64.41.3	United States
18.238.55.115	United States
64.207.217.225	United States
142.251.40.238	United States
13.226.94.10	United States
151.101.1.140	United States
104.117.182.33	United States
162.247.243.29	United States
23.44.133.182	United States
23.207.6.152	United States
13.226.94.121	United States
3.94.218.138	United States
104.18.86.42	United States
34.196.82.111	United States
107.22.241.123	United States
52.85.61.124	United States
18.164.116.38	United States
18.173.132.61	United States
35.244.154.8	United States
50.16.7.188	United States
172.253.63.155	United States
54.147.21.139	United States
157.240.241.35	United States
23.21.231.232	United States
162.159.61.3	United States
151.101.193.140	United States
151.101.44.157	United States
3.33.186.135	United States
34.49.241.189	United States
69.173.146.5	United States
23.203.177.224	United States
157.240.241.1	United States
68.67.153.60	United States
192.29.14.118	United States
162.159.140.229	United States
34.96.71.22	United States
104.244.42.131	United States
172.64.155.119	United States
142.250.80.34	United States
13.107.42.14	United States

Domains

Name	IP	Detection
chrome.cloudflare-dns.com	172.64.41.3
docusign-dxe.netlifyglobalcdn.com	3.33.186.135
ssl.bingadsedgeextension-prod-europe.azurewebsites.net	94.245.104.56
Click to see the 6 hidden entries
s-part-0035.t-0009.t-msedge.net	13.107.246.63
tags.srv.stackadapt.com	34.196.82.111
googlehosted.l.googleusercontent.com	142.250.181.65
clients2.googleusercontent.com	0.0.0.0
bzib.nelreports.net	0.0.0.0
www.docusign.com	0.0.0.0

URLs

Name	Detection
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fattr.ml-api.io%252f%253fdomain%253ddocusign.com%2526pId%253d%2524UID
https://tags.srv.stackadapt.com/events.js
https://www.docusign.com/static-c-assets/css/css_Eo_KRaKKA4zpFPftgDlENF1l3VIv5YqvpWDalXvwsUI.css
Click to see the 97 hidden entries
https://tidal.com/
https://s.ml-attr.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3ddocusign.com%26pId%3d%24UID
https://www.docusign.com/static-c-assets/js/js_fOvfVAgZMxUr_h9pZcHOyPofZcJBx_zmWnDkyIsxmp4.js
https://outlook.live.com/mail/0/
https://chat.docusign.net
https://www.office.com
https://log.api.drift.com/log
https://www.docusign.com/static-c-assets/js/js_f93E39Yv-2UcqqiinO2hO_LGgmHMR1ald0IFgmrVcto.js
https://www.facebook.com/tr/?id=357123711145934&ev=PageView&dl=https%3A%2F%2Fwww.docusign.com%2Fen-gb%2Flearn%2Fsign-PDF&rl=&if=false&ts=1734002536424&sw=1280&sh=1024&v=2.9.178&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4125&fbp=fb.1.1734002536422.64114258192187126&cs_est=true&ler=empty&it=1734002530344&coo=false&tm=1&rqm=GET
https://px.ads.linkedin.com/wa/
https://docusign.comaudit_pv10
https://docusign.comXANDR_PANIDv10
https://bard.google.com/
https://www.docusign.com/static-c-assets/themes/custom/docusign/favicons/favicon.ico
https://chrome.google.com/webstore/
https://js-agent.newrelic.com/290.2d6a2503-1220.js
https://attr.ml-api.io/?domain=docusign.com&pId=2808456382542541986
https://drive-preprod.corp.google.com/
https://docusign.comaudit_p/
https://chat.docusign.net/_next/static/chunks/webpack-a0deeec5c85c92d3.js
https://chromewebstore.google.com/
https://js.driftt.com/core/assets/css/1.fdc718c4.chunk.css
https://logx.optimizely.com/v1/events
https://js.driftt.com/core/assets/js/51.9c24f546.chunk.js
https://docusign.comXANDR_PANID/
https://drive-autopush.corp.google.com/
https://www.docusign.com/static-c-assets/js/js_56z4XFgzcYg9-5uBgNpTKKmLXckAcCmfVTLdo07Zrn0.js
https://js-agent.newrelic.com/775.2d6a2503-1220.js
https://mail.google.com/mail/mu/mp/266/#tl/Inbox
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
https://metrics.api.drift.com/monitoring/metrics/event3/bulk
https://word.new?from=EdgeM365Shoreline
https://a.nel.cloudflare.com/report/v4?s=OzXm7AKT2DEeD7TNplQithI4Cpqfi1Dpe6ptDHsH6eVhtXMxKDJ0m5xjxm3
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1734002528321
https://latest.web.skype.com/?browsername=edge_canary_shoreline
https://pixel.rubiconproject.com/tap.php?nid=5578&put=e8f0a593-d35c-4644-a0f7-24396625b58c&v=1181926
https://w3-reporting-csp.reddit.com/reports
https://chat.docusign.net/
https://outlook.office.com/calendar/view/agenda/quickcapture/moreDetails?isExtension=true
https://js.driftt.com/core/assets/css/8.6ac3976b.chunk.css
https://cdn.cookielaw.org/scripttemplates/202403.1.0/assets/v2/otPcCenter.json
https://www.docusign.com/assets/fonts/dsindigo-regular.woff2
https://outlook.live.com/mail/compose?isExtension=true
https://www.docusign.com/static-c-assets/libraries/modernizr/modernizr-min.js
https://telemetry.docusign.net/api/v1/TelemetryWrapper
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=46370&time=1734002535852&li_adsId=ad6335dd-7114-4853-b64d-d882e24a1be2&url=https%3A%2F%2Fwww.docusign.com%2Fen-gb%2Flearn%2Fsign-PDF&tm=gtmv2
https://gaana.com/
https://js.driftt.com/core/assets/js/15.855a9fa5.chunk.js
https://js.driftt.com/core/assets/js/main~493df0b3.ea2c1cb8.chunk.js
https://outlook.office.com/mail/compose?isExtension=true
https://www.docusign.com/static-c-assets/js/js_yd1bXZBitFHyvoYRklDglJgMKdm3gGjpMJltDULoASY.js
https://outlook.live.com/mail/inbox?isExtension=true&sharedHeader=1&nlp=1&client_flight=outlookedge
https://www.docusign.com/api/user-locale
https://js.driftt.com/core/assets/js/22.6b9a301a.chunk.js
https://www.docusign.com/static-c-assets/styles/banner_large__1x_desktop/public/sign-pdfs-using-docusign_0.png
https://www.instagram.com
https://segments.company-target.com/log?vendor=liveramp&user_id=
https://www.youtube.com
https://a.docusign.com/f
https://docs.google.com/
https://www.docusign.com/static-c-assets/cpn/312451.css
https://w3-reporting-nel.reddit.com/reports
https://deff.nelreports.net/api/report?cat=msn
https://images.ctfassets.net/0jnmtsdzg6p5/4WOSOeq00xri7k11Xb3kkF/5a2503a98c82d94aa387922221f3daea/badge-app-store.png
https://geo.docusign.com/country
https://tags.srv.stackadapt.com/js_tracking?url=https%3A%2F%2Fwww.docusign.com%2Fen-gb%2Flearn%2Fsign-PDF&uid=lfPdMw05TS1QTnyEaKtDBA&v=1&host=https%3A%2F%2Fwww.docusign.com&l_src=&l_src_d=&u_src=&u_src_d=&shop=false
https://js.driftt.com/core/assets/css/28.812d5a7c.chunk.css
https://www.redditstatic.com/ads/pixel.js
https://chat.docusign.net/_next/static/chunks/pages/drift-c05da47856129ad8.js
https://img.en25.com/i/elqCfg.min.js
https://duckduckgo.com/ac/?q=
https://www.docusign.com/static-c-assets/js/js_7-q4xx5FaXgFWWma9tMCS9Q__822jcg6rhczPisS8LQ.js
https://bootstrap.driftapi.com/widget_bootstrap
https://docusign.comkhaos_pv10$
https://bzib.nelreports.net/api/report?cat=bingbusiness
https://www.docusign.com/en-gb/learn/sign-PDF#
https://js.driftt.com/
https://drive-daily-5.corp.google.com/
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D46370%26time%3D1734002535852%26li_adsId%3Dad6335dd-7114-4853-b64d-d882e24a1be2%26url%3Dhttps%253A%252F%252Fwww.docusign.com%252Fen-gb%252Flearn%252Fsign-PDF%26tm%3Dgtmv2%26cookiesTest%3Dtrue%26liSync%3Dtrue
https://excel.new?from=EdgeM365Shoreline
https://drive-daily-1.corp.google.com/
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
https://unitedstates1.ss.wd.microsoft.us/
https://drive-daily-2.corp.google.com/
https://web.telegram.org/
https://duckduckgo.com/chrome_newtab
https://js.driftt.com/core/assets/js/44.e8a993f9.chunk.js
https://bam.nr-data.net/events/1/NRJS-f792da16f1ccfaee80c?a=594002902&v=1220.PROD&to=YgAEMUZXX0sAAhFaDFtKJwZAX15WThEEVAZqCAcLVVFUSj4PClcGahMPAENpQVkGBA%3D%3D&rst=38265&ck=0&s=9f56b0c26d5be08c&ref=https://www.docusign.com/en-gb/learn/sign-PDF
https://www.docusign.com/sites/all/modules/patched/demandbase/demandbase_getip.php
https://www.deezer.com/
https://i.y.qq.com/n2/m/index.html
https://js.driftt.com/core/assets/css/39.eeb001f3.chunk.css
https://track.docusign.com/visitor/v200/svrGP?pps=3&siteid=566810826&ref=https%3A%2F%2Fwww.docusign.com%2Fen-gb%2Flearn%2Fsign-PDF&ref2=elqNone&tzo=300&ms=930&optin=disabled&firstPartyCookieDomain=track.docusign.com
https://js.driftt.com/core/assets/js/28.e681be59.chunk.js
https://www.docusign.com/assets/json/footer-dataengb.json
https://tag-logger.demandbase.com/bg9s?x-amz-cf-id=tupXChyJkilmq8p_NMWjJPezlYGMpNnAiim3Sjj6PZoyDMypDgF-Rg==&api-version=v3
https://js.driftt.com/core/assets/css/27.b5e8f5e1.chunk.css

Dropped files

No malicious files found. See full and IOC report for all dropped files.

Deep Malware Analysis

Non_disclosure_agreement.lnk.download.lnk

Comments

Tags

Available tags:

Details

Joe Sandbox

Third Party Analysis Engines

IPs

Domains

URLs

Dropped files

Deep Malware Analysis

Non_disclosure_agreement.lnk.download.lnk Options

Comments

Tags

Available tags:

Details

Joe Sandbox

Third Party Analysis Engines

IPs

Domains

URLs

Dropped files

Search started

Non_disclosure_agreement.lnk.download.lnk