Windows Analysis Report
https://eu.account.docusign.com/managed_token/v1/redeem?mtid=db9d9ffc-d63a-488f-8755-a07b4078bb91&mtsec=22EZat1_VkAhloqMhTXTfzYCUqX2_krS4bYncgapZv4

Overview

General Information

Sample URL:	https://eu.account.docusign.com/managed_token/v1/redeem?mtid=db9d9ffc-d63a-488f-8755-a07b4078bb91&mtsec=22EZat1_VkAhloqMhTXTfzYCUqX2_krS4bYncgapZv4
Analysis ID:	1578631
Infos:

Detection

Score:	1
Range:	0 - 100
Whitelisted:	false
Confidence:	80%

Signatures

Detected hidden input values containing email addresses (often used in phishing pages)

HTML body contains low number of good links

HTML page contains hidden javascript code

Classification

Signatures

Detected hidden input values containing email addresses (often used in phishing pages)

Source: https://account.docusign.com/username	HTTP Parser: {"settings":{"traceToken":"abc8eecd-2621-4a24-b14c-ab9e2a7724a8","siteRoot":"https://account.docusign.com/","forgotPasswordUri":"https://account.docusign.com/forgotpassword","flowSubmissionUris":{"oAuth":"/oauth/auth","sso":"/saml2/login/sp","username":"/username","password":"/password","web":"/web/login","signUp":"/signup","securityKeyLogin":"/securitykeylogin","resourceCredentialSecurityKeyCreation":"/resources/v1/manage/security-key/create","resourceCredentialSecurityKeyLogin":"/resources/v1/manage/security-key/login"},"allowGetBrowserFingerprint":true,"allowNewI18Library":true,"renderInkLoginApp":true,"assetPreloaderUrl":null,"pseudoLocalizationEnabled":false,"rebrandingEnabled":true},"stateData":{"state":"password","oAuthLoginHintQS":null,"oAuthLoginHintCookie":null,"usernamePostAction":null,"logoBytes":null,"data":{"username":"pw2w41@gkhmlr.net","can_login_via_sso":false,"can_login_via_security_key":false,"hide_other_login_options":true,"enable_webauthn_autofill":false&#125;&#125;,"error":null}
Source: https://account.docusign.com/password	HTTP Parser: {"settings":{"traceToken":"92c3376e-a4e1-4ca6-af3d-278393bc9051","siteRoot":"https://account.docusign.com/","forgotPasswordUri":"https://account.docusign.com/forgotpassword","flowSubmissionUris":{"oAuth":"/oauth/auth","sso":"/saml2/login/sp","username":"/username","password":"/password","web":"/web/login","signUp":"/signup","securityKeyLogin":"/securitykeylogin","resourceCredentialSecurityKeyCreation":"/resources/v1/manage/security-key/create","resourceCredentialSecurityKeyLogin":"/resources/v1/manage/security-key/login"},"allowGetBrowserFingerprint":true,"allowNewI18Library":true,"renderInkLoginApp":true,"assetPreloaderUrl":null,"pseudoLocalizationEnabled":false,"rebrandingEnabled":true},"stateData":{"state":"password","oAuthLoginHintQS":null,"oAuthLoginHintCookie":null,"usernamePostAction":null,"logoBytes":null,"data":{"username":"pw2w41@gkhmlr.net","can_login_via_sso":false,"can_login_via_security_key":false,"hide_other_login_options":true,"enable_webauthn_autofill":false&#125;&#125;,"error":{"ResourceKey":"invalid_password_attempt","MessageType":1,"Data":null&#125;&#125;
Source: https://account.docusign.com/password	HTTP Parser: {"settings":{"traceToken":"b89bf941-91cd-445b-a0b8-70a79b1398ac","siteRoot":"https://account.docusign.com/","forgotPasswordUri":"https://account.docusign.com/forgotpassword","flowSubmissionUris":{"oAuth":"/oauth/auth","sso":"/saml2/login/sp","username":"/username","password":"/password","web":"/web/login","signUp":"/signup","securityKeyLogin":"/securitykeylogin","resourceCredentialSecurityKeyCreation":"/resources/v1/manage/security-key/create","resourceCredentialSecurityKeyLogin":"/resources/v1/manage/security-key/login"},"allowGetBrowserFingerprint":true,"allowNewI18Library":true,"renderInkLoginApp":true,"assetPreloaderUrl":null,"pseudoLocalizationEnabled":false,"rebrandingEnabled":true},"stateData":{"state":"password","oAuthLoginHintQS":null,"oAuthLoginHintCookie":null,"usernamePostAction":null,"logoBytes":null,"data":{"username":"pw2w41@gkhmlr.net","can_login_via_sso":false,"can_login_via_security_key":false,"hide_other_login_options":true,"enable_webauthn_autofill":false&#125;&#125;,"error":{"ResourceKey":"invalid_password_attempt","MessageType":1,"Data":null&#125;&#125;
Source: https://account.docusign.com/password	HTTP Parser: {"settings":{"traceToken":"60a99c69-8654-48a8-be7e-891ee12b1d66","siteRoot":"https://account.docusign.com/","forgotPasswordUri":"https://account.docusign.com/forgotpassword","flowSubmissionUris":{"oAuth":"/oauth/auth","sso":"/saml2/login/sp","username":"/username","password":"/password","web":"/web/login","signUp":"/signup","securityKeyLogin":"/securitykeylogin","resourceCredentialSecurityKeyCreation":"/resources/v1/manage/security-key/create","resourceCredentialSecurityKeyLogin":"/resources/v1/manage/security-key/login"},"allowGetBrowserFingerprint":true,"allowNewI18Library":true,"renderInkLoginApp":true,"assetPreloaderUrl":null,"pseudoLocalizationEnabled":false,"rebrandingEnabled":true},"stateData":{"state":"password","oAuthLoginHintQS":null,"oAuthLoginHintCookie":null,"usernamePostAction":null,"logoBytes":null,"data":{"username":"pw2w41@gkhmlr.net","can_login_via_sso":false,"can_login_via_security_key":false,"hide_other_login_options":true,"enable_webauthn_autofill":false&#125;&#125;,"error":{"ResourceKey":"invalid_password_attempt","MessageType":1,"Data":null&#125;&#125;
Source: https://account.docusign.com/password	HTTP Parser: {"settings":{"traceToken":"71088a1b-595d-4a3b-8ae0-5fd2ab868ebf","siteRoot":"https://account.docusign.com/","forgotPasswordUri":"https://account.docusign.com/forgotpassword","flowSubmissionUris":{"oAuth":"/oauth/auth","sso":"/saml2/login/sp","username":"/username","password":"/password","web":"/web/login","signUp":"/signup","securityKeyLogin":"/securitykeylogin","resourceCredentialSecurityKeyCreation":"/resources/v1/manage/security-key/create","resourceCredentialSecurityKeyLogin":"/resources/v1/manage/security-key/login"},"allowGetBrowserFingerprint":true,"allowNewI18Library":true,"renderInkLoginApp":true,"assetPreloaderUrl":null,"pseudoLocalizationEnabled":false,"rebrandingEnabled":true},"stateData":{"state":"password","oAuthLoginHintQS":null,"oAuthLoginHintCookie":null,"usernamePostAction":null,"logoBytes":null,"data":{"username":"pw2w41@gkhmlr.net","can_login_via_sso":false,"can_login_via_security_key":false,"hide_other_login_options":true,"enable_webauthn_autofill":false&#125;&#125;,"error":{"ResourceKey":"invalid_password_attempt","MessageType":1,"Data":null&#125;&#125;

HTML body contains low number of good links

Source: https://account.docusign.com/userinvite/login/redirect?error=token_reissue_required&error_description=db9d9ffc-d63a-488f-8755-a07b4078bb91	HTTP Parser: Number of links: 0
Source: https://account.docusign.com/	HTTP Parser: Number of links: 1
Source: https://account.docusign.com/username	HTTP Parser: Number of links: 1
Source: https://account.docusign.com/password	HTTP Parser: Number of links: 1

HTML page contains hidden javascript code

Source: https://account.docusign.com/userinvite/login/redirect?error=token_reissue_required&error_description=db9d9ffc-d63a-488f-8755-a07b4078bb91

HTTP Parser: Base64 decoded: {"version":3,"sources":["C:\\D:\\W\\Account\\src\\Account.Web\\ReactApp\\src\\styles\\app.scss"],"names":[],"mappings":"AAAA,gBACI,WAAA,CAGJ,oCAGI,cAAA,CAGJ,8BACI,qBAAA,CAGJ,YACI,gBAAA,CAGJ,gCAEI,eAAA,CAGJ,UACI,WAAA,CACA,mBAAA,CAGJ,YACI,kBAAA,CAGJ,8BAEI,c...

Source: https://account.docusign.com/username	HTTP Parser: <input type="password" .../> found
Source: https://account.docusign.com/password	HTTP Parser: <input type="password" .../> found

Source: https://account.docusign.com/userinvite/login/redirect?error=token_reissue_required&error_description=db9d9ffc-d63a-488f-8755-a07b4078bb91	HTTP Parser: No <meta name="author".. found
Source: https://account.docusign.com/	HTTP Parser: No <meta name="author".. found
Source: https://account.docusign.com/username	HTTP Parser: No <meta name="author".. found
Source: https://account.docusign.com/username	HTTP Parser: No <meta name="author".. found
Source: https://account.docusign.com/password	HTTP Parser: No <meta name="author".. found
Source: https://account.docusign.com/password	HTTP Parser: No <meta name="author".. found
Source: https://account.docusign.com/password	HTTP Parser: No <meta name="author".. found
Source: https://account.docusign.com/password	HTTP Parser: No <meta name="author".. found

Source: https://account.docusign.com/userinvite/login/redirect?error=token_reissue_required&error_description=db9d9ffc-d63a-488f-8755-a07b4078bb91	HTTP Parser: No <meta name="copyright".. found
Source: https://account.docusign.com/	HTTP Parser: No <meta name="copyright".. found
Source: https://account.docusign.com/username	HTTP Parser: No <meta name="copyright".. found
Source: https://account.docusign.com/username	HTTP Parser: No <meta name="copyright".. found
Source: https://account.docusign.com/password	HTTP Parser: No <meta name="copyright".. found
Source: https://account.docusign.com/password	HTTP Parser: No <meta name="copyright".. found
Source: https://account.docusign.com/password	HTTP Parser: No <meta name="copyright".. found
Source: https://account.docusign.com/password	HTTP Parser: No <meta name="copyright".. found

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: eu.account.docusign.com
Source: global traffic	DNS traffic detected: DNS query: account.docusign.com
Source: global traffic	DNS traffic detected: DNS query: docucdn-a.akamaihd.net
Source: global traffic	DNS traffic detected: DNS query: telemetry.docusign.net

Source: chromecache_68.1.dr, chromecache_56.1.dr	String found in binary or memory: http://eligrey.com
Source: chromecache_68.1.dr, chromecache_56.1.dr	String found in binary or memory: https://gist.github.com/1129031
Source: chromecache_61.1.dr	String found in binary or memory: https://github.com/zloirock/core-js
Source: chromecache_61.1.dr	String found in binary or memory: https://github.com/zloirock/core-js/blob/v3.25.0/LICENSE
Source: chromecache_61.1.dr	String found in binary or memory: https://github.com/zloirock/core-js/blob/v3.36.1/LICENSE
Source: chromecache_57.1.dr, chromecache_61.1.dr	String found in binary or memory: https://www.docusign.ca/company/privacy-policy
Source: chromecache_57.1.dr, chromecache_61.1.dr	String found in binary or memory: https://www.docusign.ca/company/terms-and-conditions/web
Source: chromecache_57.1.dr, chromecache_61.1.dr	String found in binary or memory: https://www.docusign.co.uk/company/privacy-policy
Source: chromecache_57.1.dr, chromecache_61.1.dr	String found in binary or memory: https://www.docusign.co.uk/company/terms-and-conditions/web
Source: chromecache_57.1.dr, chromecache_61.1.dr	String found in binary or memory: https://www.docusign.com.au/company/privacy-policy
Source: chromecache_57.1.dr, chromecache_61.1.dr	String found in binary or memory: https://www.docusign.com.au/company/terms-and-conditions/web
Source: chromecache_57.1.dr, chromecache_61.1.dr	String found in binary or memory: https://www.docusign.com.br/politica-de-privacidade
Source: chromecache_57.1.dr, chromecache_61.1.dr	String found in binary or memory: https://www.docusign.com.br/termos-uso
Source: chromecache_61.1.dr	String found in binary or memory: https://www.docusign.com/company/privacy-policy
Source: chromecache_61.1.dr	String found in binary or memory: https://www.docusign.com/company/terms-and-conditions/web
Source: chromecache_57.1.dr, chromecache_61.1.dr	String found in binary or memory: https://www.docusign.de/unternehmen/agb
Source: chromecache_57.1.dr, chromecache_61.1.dr	String found in binary or memory: https://www.docusign.de/unternehmen/datenschutz
Source: chromecache_57.1.dr, chromecache_61.1.dr	String found in binary or memory: https://www.docusign.es/empresa/condiciones-de-uso/web
Source: chromecache_57.1.dr, chromecache_61.1.dr	String found in binary or memory: https://www.docusign.es/empresa/politica-de-privacidad
Source: chromecache_57.1.dr, chromecache_61.1.dr	String found in binary or memory: https://www.docusign.fr/conditions-generales-d-utilisation
Source: chromecache_57.1.dr, chromecache_61.1.dr	String found in binary or memory: https://www.docusign.fr/societe/politique-de-confidentialite
Source: chromecache_57.1.dr, chromecache_61.1.dr	String found in binary or memory: https://www.docusign.jp/company/privacy-policy
Source: chromecache_57.1.dr, chromecache_61.1.dr	String found in binary or memory: https://www.docusign.jp/company/terms-and-conditions/web
Source: chromecache_57.1.dr, chromecache_61.1.dr	String found in binary or memory: https://www.docusign.mx/compania/condiciones-de-uso/web
Source: chromecache_57.1.dr, chromecache_61.1.dr	String found in binary or memory: https://www.docusign.mx/compania/politica-de-privacidad

Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443

Source: classification engine

Classification label: clean1.win@16/25@18/3

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2208 --field-trial-handle=1944,i,7245119961045114520,3936773746584597016,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://eu.account.docusign.com/managed_token/v1/redeem?mtid=db9d9ffc-d63a-488f-8755-a07b4078bb91&mtsec=22EZat1_VkAhloqMhTXTfzYCUqX2_krS4bYncgapZv4"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2208 --field-trial-handle=1944,i,7245119961045114520,3936773746584597016,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Screenshots

Behavior

Click here to start
Slideshow Behavior Animation

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	Flag	ASN	ASN Name	Malicious
142.250.181.132	www.google.com	United States		15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved		unknown	unknown	false

Private

IP
192.168.2.4

Contacted Domains

Name	IP	Active
www.google.com	142.250.181.132	true
account.docusign.com	unknown	unknown
eu.account.docusign.com	unknown	unknown
telemetry.docusign.net	unknown	unknown
docucdn-a.akamaihd.net	unknown	unknown

Contacted URLs

Name	Malicious	Reputation
https://account.docusign.com/	false	high
https://account.docusign.com/password	false	high
https://account.docusign.com/userinvite/login/redirect?error=token_reissue_required&error_description=db9d9ffc-d63a-488f-8755-a07b4078bb91	false	high
https://account.docusign.com/username	false	high

ID:	1578631
Product:	CloudBasic
Start time:	00:26:51
Start date:	20.12.2024
Cookbook:	browseurl.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Name	Type	MD5	SHA1	SHA256
Chrome Cache Entry: 54	ASCII text, with no line terminators	034382B161C0E0D57F4551AB2A364633	CA82E7949B7450871C11B6924A0307D6FFE51CB0	8D8802B33957424700F5386511BD85B1745219E05162A333C4BDBEEC083CE3E6
Chrome Cache Entry: 55	ASCII text, with no line terminators	BD4BFB30D64B52E53CA5581DE828514A	A6DB52F25ECD8932BEE5B9D577131533CBEDE6E0	905DBD1EFC9CE6454FBEC106753042DC3D9B4BEDDB3FA3B6AE4C536050C3421E
Chrome Cache Entry: 56	ASCII text, with CRLF line terminators	3DF93052C874FAB3C7D48B4E25B927A2	D71DB5B307735280048C30D2B693B2FDF20D647E	8A062190DACEF122BE3BDC0411D765F75C1C9CE63CD5A3E51AD53857A1FFEBAD
Chrome Cache Entry: 57	Unicode text, UTF-8 text, with very long lines (42039), with LF, NEL line terminators	31C4AA9CAE6645087327880A00EC599C	531C3CEA5E9CF991A3E1DD50AB58E2B61794464F	8F59F3AC8B9F87A9A88F28238E34526F37831C1B356E26FEC28C6CB868D1C710
Chrome Cache Entry: 58	Web Open Font Format (Version 2), TrueType, length 29516, version 1.0	5D66C3D97D4F69A2B3527E3997CBB66B	94EF4F31C1A1CD780A172EDFBF9E3DE61697EF5A	1BF53B33743C5C45D6C944815F74CBF58B228806858FB6E3A0B86C1204F4BE06
Chrome Cache Entry: 59	SVG Scalable Vector Graphics image	9F90075964D1CB74CADEE5F070FB4321	3B2F4231ACDD5805CDADC95B0D5FDD61AC16C953	A8988E1F007375A5E0007FF9AADD201BC96C314122F87F6C980D213CA39974DB
Chrome Cache Entry: 60	SVG Scalable Vector Graphics image	55ACF27E6B517AF140D1C9FB147E31E8	FD74318612D950AE56B82776D4507A703E2745EF	769113EED5ABF2BB8E472A29D439CC73CA6BCCFA82E3D8F0B36D6F7D9FD740B6
Chrome Cache Entry: 61	Unicode text, UTF-8 text, with very long lines (42039), with LF, NEL line terminators	31C4AA9CAE6645087327880A00EC599C	531C3CEA5E9CF991A3E1DD50AB58E2B61794464F	8F59F3AC8B9F87A9A88F28238E34526F37831C1B356E26FEC28C6CB868D1C710
Chrome Cache Entry: 62	Web Open Font Format (Version 2), TrueType, length 31436, version 1.0	BA0E987E564CD3409E9D6F690D641F55	1C2684BD20C775B7497796C2FA66AD4943F6B824	346CFD3DF3DBB80D08655AE396A413F66CBCCFCF201EAE36A6403DCF7ED372BC
Chrome Cache Entry: 63	SVG Scalable Vector Graphics image	17A782F04369CC79F490A976243511F6	84622E41838BDCD204EE2CFAD064B4BA58D0B5D5	500168AD65BAE9FC7D865A3A98704346E4313BEDFA401F50EBB24AFFBFFB71CB
Chrome Cache Entry: 64	SVG Scalable Vector Graphics image	55ACF27E6B517AF140D1C9FB147E31E8	FD74318612D950AE56B82776D4507A703E2745EF	769113EED5ABF2BB8E472A29D439CC73CA6BCCFA82E3D8F0B36D6F7D9FD740B6
Chrome Cache Entry: 65	SVG Scalable Vector Graphics image	17A782F04369CC79F490A976243511F6	84622E41838BDCD204EE2CFAD064B4BA58D0B5D5	500168AD65BAE9FC7D865A3A98704346E4313BEDFA401F50EBB24AFFBFFB71CB
Chrome Cache Entry: 66	Web Open Font Format (Version 2), TrueType, length 31644, version 1.0	89C979CFF1EBCBD06171DCD15927EB3A	DDFB17DA64F896EA2682BEC12499ED9D8F65F69D	F2C05D1D723BD31646C2C5ADB65C29F317FEAB778A02511FBDCBC180853CA042
Chrome Cache Entry: 67	SVG Scalable Vector Graphics image	9F90075964D1CB74CADEE5F070FB4321	3B2F4231ACDD5805CDADC95B0D5FDD61AC16C953	A8988E1F007375A5E0007FF9AADD201BC96C314122F87F6C980D213CA39974DB
Chrome Cache Entry: 68	ASCII text, with CRLF line terminators	3DF93052C874FAB3C7D48B4E25B927A2	D71DB5B307735280048C30D2B693B2FDF20D647E	8A062190DACEF122BE3BDC0411D765F75C1C9CE63CD5A3E51AD53857A1FFEBAD

Windows Analysis Report
https://eu.account.docusign.com/managed_token/v1/redeem?mtid=db9d9ffc-d63a-488f-8755-a07b4078bb91&mtsec=22EZat1_VkAhloqMhTXTfzYCUqX2_krS4bYncgapZv4

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report https://eu.account.docusign.com/managed_token/v1/redeem?mtid=db9d9ffc-d63a-488f-8755-a07b4078bb91&mtsec=22EZat1_VkAhloqMhTXTfzYCUqX2_krS4bYncgapZv4

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
https://eu.account.docusign.com/managed_token/v1/redeem?mtid=db9d9ffc-d63a-488f-8755-a07b4078bb91&mtsec=22EZat1_VkAhloqMhTXTfzYCUqX2_krS4bYncgapZv4