IOC Report
http://www.joesandbox.com

loading gif

Files

File Path
Type
Category
Malicious
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 29 13:28:47 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 29 13:28:47 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 5 07:00:51 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 29 13:28:47 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 29 13:28:47 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 29 13:28:47 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
Chrome Cache Entry: 179
ASCII text, with very long lines (19802)
downloaded
Chrome Cache Entry: 180
ASCII text, with very long lines (1896)
downloaded
Chrome Cache Entry: 181
GIF image data, version 89a, 1066 x 200
dropped
Chrome Cache Entry: 182
PNG image data, 299 x 122, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 183
Unicode text, UTF-8 text, with very long lines (57231)
downloaded
Chrome Cache Entry: 184
ASCII text
downloaded
Chrome Cache Entry: 185
PNG image data, 19 x 11, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 186
ASCII text, with very long lines (3835)
dropped
Chrome Cache Entry: 187
PNG image data, 127 x 34, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 188
ASCII text, with very long lines (32049)
downloaded
Chrome Cache Entry: 189
ASCII text, with CRLF line terminators
downloaded
Chrome Cache Entry: 190
PNG image data, 209 x 499, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 191
ASCII text
downloaded
Chrome Cache Entry: 192
ASCII text
dropped
Chrome Cache Entry: 193
ASCII text, with very long lines (19948), with no line terminators
dropped
Chrome Cache Entry: 194
PNG image data, 410 x 36, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 195
PNG image data, 75 x 10, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 196
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
downloaded
Chrome Cache Entry: 197
PNG image data, 260 x 19, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 198
ASCII text
downloaded
Chrome Cache Entry: 199
PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 200
Unicode text, UTF-8 text, with very long lines (65128)
dropped
Chrome Cache Entry: 201
ASCII text, with very long lines (5945)
dropped
Chrome Cache Entry: 202
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 203
ASCII text
dropped
Chrome Cache Entry: 204
GIF image data, version 89a, 220 x 19
dropped
Chrome Cache Entry: 205
ASCII text, with very long lines (490), with CRLF line terminators
downloaded
Chrome Cache Entry: 206
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 207
Unicode text, UTF-8 text, with very long lines (22687)
downloaded
Chrome Cache Entry: 208
ASCII text, with very long lines (19948), with no line terminators
downloaded
Chrome Cache Entry: 209
PNG image data, 24 x 20, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 210
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 789x74, components 3
dropped
Chrome Cache Entry: 211
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
dropped
Chrome Cache Entry: 212
PNG image data, 75 x 10, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 213
PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 214
ASCII text
dropped
Chrome Cache Entry: 215
ASCII text, with very long lines (28514)
dropped
Chrome Cache Entry: 216
GIF image data, version 89a, 220 x 19
downloaded
Chrome Cache Entry: 217
ASCII text, with very long lines (2343)
dropped
Chrome Cache Entry: 218
ASCII text, with very long lines (3835)
dropped
Chrome Cache Entry: 219
ASCII text, with very long lines (3835)
downloaded
Chrome Cache Entry: 220
ASCII text
downloaded
Chrome Cache Entry: 221
ASCII text, with very long lines (1323)
downloaded
Chrome Cache Entry: 222
PNG image data, 410 x 36, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 223
ASCII text, with very long lines (65307)
downloaded
Chrome Cache Entry: 224
Unicode text, UTF-8 text, with very long lines (65128)
downloaded
Chrome Cache Entry: 225
PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 226
ASCII text, with very long lines (3835)
downloaded
Chrome Cache Entry: 227
ASCII text, with very long lines (5945)
downloaded
Chrome Cache Entry: 228
ASCII text
dropped
Chrome Cache Entry: 229
ASCII text, with very long lines (10277)
downloaded
Chrome Cache Entry: 230
PNG image data, 610 x 59, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 231
PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 232
ASCII text, with very long lines (694), with no line terminators
downloaded
Chrome Cache Entry: 233
PNG image data, 209 x 499, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 234
ASCII text
dropped
Chrome Cache Entry: 235
ASCII text
dropped
Chrome Cache Entry: 236
PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 237
ASCII text
downloaded
Chrome Cache Entry: 238
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 239
ASCII text, with very long lines (28514)
downloaded
Chrome Cache Entry: 240
PNG image data, 260 x 19, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 241
Unicode text, UTF-8 text, with very long lines (57231)
dropped
Chrome Cache Entry: 242
ASCII text, with very long lines (55886)
downloaded
Chrome Cache Entry: 243
ASCII text
downloaded
Chrome Cache Entry: 244
ASCII text, with very long lines (19802)
dropped
Chrome Cache Entry: 245
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 789x74, components 3
downloaded
Chrome Cache Entry: 246
ASCII text
dropped
Chrome Cache Entry: 247
PNG image data, 299 x 122, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 248
PNG image data, 24 x 20, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 249
ASCII text, with very long lines (604), with no line terminators
downloaded
Chrome Cache Entry: 250
ASCII text, with very long lines (1896)
dropped
Chrome Cache Entry: 251
ASCII text, with very long lines (21268)
downloaded
Chrome Cache Entry: 252
GIF image data, version 89a, 1066 x 200
downloaded
Chrome Cache Entry: 253
ASCII text, with very long lines (32049)
dropped
Chrome Cache Entry: 254
ASCII text, with very long lines (21268)
dropped
Chrome Cache Entry: 255
PNG image data, 127 x 34, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 256
ASCII text, with CRLF line terminators
downloaded
Chrome Cache Entry: 257
ASCII text, with very long lines (2343)
downloaded
Chrome Cache Entry: 258
PNG image data, 19 x 11, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 259
ASCII text, with very long lines (3835)
downloaded
Chrome Cache Entry: 260
ASCII text
dropped
Chrome Cache Entry: 261
ASCII text, with very long lines (3835)
dropped
Chrome Cache Entry: 262
ASCII text
downloaded
Chrome Cache Entry: 263
PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 264
PNG image data, 610 x 59, 8-bit/color RGBA, non-interlaced
dropped
There are 83 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 --field-trial-handle=1920,i,10191489446075265916,1833503612157975875,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "http://www.joesandbox.com"

URLs

Name
IP
Malicious
http://www.joesandbox.com
https://www.joesandbox.com/js/autoviewport.js?v=2688
104.26.11.56
 malicious
https://www.joesandbox.com/js/js.cookie.js?v=2688
104.26.11.56
 malicious
https://www.joesandbox.com/css/datatables.min.css?v=2688
104.26.11.56
 malicious
https://www.joesandbox.com/favicon.ico
104.26.11.56
 malicious
https://www.joesandbox.com/img/top-title.jpg
104.26.11.56
 malicious
https://www.joesandbox.com/img/joe%20sandbox%20cloud%20basic.png
104.26.11.56
 malicious
https://www.joesandbox.com/css/selection.css?v=2688
104.26.11.56
 malicious
https://www.joesandbox.com/img/facebook.png
104.26.11.56
 malicious
https://www.joesandbox.com/css/style.css?v=2688
104.26.11.56
 malicious
https://www.joesandbox.com/login
malicious
https://www.joesandbox.com/js/bootstrap.min.js?v=2688
104.26.11.56
 malicious
https://www.joesandbox.com/js/DOMPurify/purify.min.js?v=2688
104.26.11.56
 malicious
https://www.joesandbox.com/
malicious
https://www.joesandbox.com/img/only-for-cloud-pro.png
104.26.11.56
 malicious
https://www.joesandbox.com/js/cookieconsent.min.js?v=2688
104.26.11.56
 malicious
https://www.joesandbox.com/css/cloudbasic.css?v=2688
104.26.11.56
 malicious
https://www.joesandbox.com/img/loading.png
104.26.11.56
 malicious
https://www.joesandbox.com/js/svg-pan-zoom.js?v=2688
104.26.11.56
 malicious
https://www.joesandbox.com/img/only-available-for-cloud-pro-big.png
104.26.11.56
 malicious
https://www.joesandbox.com/cdn-cgi/rum?
104.26.11.56
 malicious
https://www.joesandbox.com/css/bootstrap-responsive.min.css?v=2688
104.26.11.56
 malicious
https://www.joesandbox.com/log?csrf_token=f1d4dca7e248557854d64176b223ea38
104.26.11.56
 malicious
https://www.joesandbox.com/img/linkedin.png
104.26.11.56
 malicious
https://www.joesandbox.com/img/footer/bg.gif
104.26.11.56
 malicious
https://www.joesandbox.com/js/webpush.js?v=2688
104.26.11.56
 malicious
https://www.joesandbox.com/css/cookieconsent.min.css?v=2688
104.26.11.56
 malicious
https://www.joesandbox.com/js/flow.js?v=2688
104.26.11.56
 malicious
https://www.joesandbox.com/css/exo2.css?v=2688
104.26.11.56
 malicious
https://www.joesandbox.com/img/only-available-in-cloudpro.png
104.26.11.56
 malicious
https://www.joesandbox.com/js/script.js?v=2688
104.26.11.56
 malicious
https://www.joesandbox.com/js/datetime-moment.js
104.26.11.56
 malicious
https://www.joesandbox.com/js/datatables.min.js
104.26.11.56
 malicious
https://www.joesandbox.com/img/ajax-loader.gif?v=2688
104.26.11.56
 malicious
https://www.joesandbox.com/img/submission-page-architectures-sprite-1.png
104.26.11.56
 malicious
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
104.16.80.73
https://stats.g.doubleclick.net/g/collect
unknown
http://stackoverflow.com/questions/21419404/setting-the-viewport-to-scale-to-fit-both-width-and-heig
unknown
http://www.apache.org/licenses/LICENSE-2.0.txt
unknown
https://github.com/flowjs/flow.js/issues/55
unknown
https://ampcid.google.com/v1/publisher:getClientId
unknown
https://promisesaplus.com/#point-75
unknown
https://html.spec.whatwg.org/multipage/forms.html#concept-fe-disabled
unknown
https://ga.getresponse.com/script/ga.js?grid=sBDcDWkVZdH4IBg%3D%3D
178.16.117.14
https://bugs.webkit.org/show_bug.cgi?id=29084
unknown
https://infra.spec.whatwg.org/#strip-and-collapse-ascii-whitespace
unknown
https://www.google.com
unknown
https://html.spec.whatwg.org/multipage/forms.html#concept-option-disabled
unknown
https://ga2.getresponse.com/index.php?ver=3&urlRef=https%3A%2F%2Fwww.joesandbox.com%2F&url=https%3A%2F%2Fwww.joesandbox.com%2Flogin&uid=%7B%22uuid%22%3A%22dff9788b-32c8-4ba1-96b8-9e7b76d00c17%22%2C%22email%22%3A%22%22%2C%22xsid%22%3A%22%22%2C%22list_token%22%3A%22%22%2C%22gr_x%22%3A%22%22%2C%22gr_s%22%3A%22%22%2C%22gr_m%22%3A%22%22%2C%22valuable%22%3A0%2C%22domain%22%3A%22joesandbox.com%22%7D&_cvar=%7B%221%22%3A%5B%22grid%22%2C%22sBDcDWkVZdH4IBg%3D%3D%22%5D%2C%222%22%3A%5B%22aid%22%2C%22bbe70657-5dac-4396-b75d-146e67858b78%22%5D%7D&h=10&m=29&s=40&res=1280x1024&gt_ms=655
178.16.117.14
https://github.com/jrburke/requirejs/wiki/Updating-existing-libraries#wiki-anon
unknown
https://a.nel.cloudflare.com/report/v4?s=YTSpN%2BBU8do3Wxc0rAPwUHbXHJjLg3nPSJxI9MPFitt47VkNyxUL%2Bdeeh8xqqf6iGNkvvo95ho6OV29u6RKwFILamnPCdeS451pS9WEsWDPT%2F%2BNCuYOolFJWB9qPRp5gtxDxhg%3D%3D
35.190.80.1
https://bugzilla.mozilla.org/show_bug.cgi?id=687787
unknown
http://stackoverflow.com/questions/17654578/svg-marker-does-not-work-in-ie9-10
unknown
https://stats.g.doubleclick.net/j/collect
unknown
https://bugs.chromium.org/p/chromium/issues/detail?id=470258
unknown
http://momentjs.com)
unknown
https://bugs.jquery.com/ticket/13378
unknown
https://datatables.net/download
unknown
https://promisesaplus.com/#point-64
unknown
https://promisesaplus.com/#point-61
unknown
https://github.com/flowjs/ng-flow/issues/236#
unknown
https://html.spec.whatwg.org/#nonce-attributes
unknown
https://ga2.getresponse.com/index.php?ver=3&url=https%3A%2F%2Fwww.joesandbox.com%2F&uid=%7B%22uuid%22%3A%22dff9788b-32c8-4ba1-96b8-9e7b76d00c17%22%2C%22email%22%3A%22%22%2C%22xsid%22%3A%22%22%2C%22list_token%22%3A%22%22%2C%22gr_x%22%3A%22%22%2C%22gr_s%22%3A%22%22%2C%22gr_m%22%3A%22%22%2C%22valuable%22%3A0%2C%22domain%22%3A%22joesandbox.com%22%7D&_cvar=%7B%221%22%3A%5B%22grid%22%2C%22sBDcDWkVZdH4IBg%3D%3D%22%5D%2C%222%22%3A%5B%22aid%22%2C%22bbe70657-5dac-4396-b75d-146e67858b78%22%5D%7D&h=10&m=28&s=53&res=1280x1024&gt_ms=1377
178.16.117.14
https://jsperf.com/getall-vs-sizzle/2
unknown
https://cct.google/taggy/agent.js
unknown
https://github.com/teemualap/uniwheel
unknown
https://developer.mozilla.org/en-US/docs/CSS/display
unknown
https://jquery.com/
unknown
https://www.google.%/ads/ga-audiences
unknown
https://github.com/js-cookie/js-cookie
unknown
https://github.com/jquery/sizzle/pull/225
unknown
https://bugs.jquery.com/ticket/4833
unknown
https://sizzlejs.com/
unknown
https://bugs.chromium.org/p/chromium/issues/detail?id=449857
unknown
https://js.foundation/
unknown
https://bugs.jquery.com/ticket/13393
unknown
https://developer.mozilla.org/en-US/docs/Web/Reference/Events/wheel
unknown
https://bugs.webkit.org/show_bug.cgi?id=136851
unknown
https://jsperf.com/thor-indexof-vs-for/5
unknown
https://bugs.jquery.com/ticket/12359
unknown
http://stackoverflow.com/questions/2779600/how-to-estimate-download-time-remaining-accurately
unknown
https://github.com/ariutta/svg-pan-zoom/issues/62
unknown
https://html.spec.whatwg.org/#strip-and-collapse-whitespace
unknown
https://www.joesecurity.org/contact
unknown
https://drafts.csswg.org/cssom/#common-serializing-idioms
unknown
https://us-an.gr-cdn.com/
unknown
https://github.com/jquery/jquery/pull/557)
unknown
https://bugs.chromium.org/p/chromium/issues/detail?id=378607
unknown
https://ga2.getresponse.com/script/ga.js?grid=sBDcDWkVZdH4IBg%3D%3D
unknown
https://datatables.net/download/#dt/dt-1.13.6
unknown
https://developer.mozilla.org/en/using_files_from_web_applications)
unknown
http://www.apache.org/licenses/LICENSE-2.0
unknown
https://drafts.csswg.org/cssom/#resolved-values
unknown
http://stackoverflow.com/questions/9847580/how-to-detect-safari-chrome-ie-firefox-and-opera-browser
unknown
https://bugs.chromium.org/p/chromium/issues/detail?id=589347
unknown
https://github.com/ariutta/svg-pan-zoom
unknown
https://html.spec.whatwg.org/multipage/syntax.html#attributes-2
unknown
https://tagassistant.google.com/
unknown
https://a.nel.cloudflare.com/report/v4?s=%2BsFfUMm0o0lcKEuKbrrdQY%2BlxcmeZRbnAgu7R9aP1kNHkxeV%2BYEmPzB7ciQzeLgu%2BbTBNfmZAPCmtpvf8kbIM%2FjKhwoOmtw7CoeBgf7miOMEf9yXdDcDSA2%2FIevJkyc%2Buj1Elw%3D%3D
35.190.80.1
https://promisesaplus.com/#point-59
unknown
https://promisesaplus.com/#point-57
unknown
There are 90 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
ga2.getresponse.com
178.16.117.14
cl-glbce66526.gcdn.co
92.223.124.62
a.nel.cloudflare.com
35.190.80.1
static.cloudflareinsights.com
104.16.80.73
ga.getresponse.com
178.16.117.14
www.joesandbox.com
172.67.73.202
www.google.com
216.58.206.36
fp2e7a.wpc.phicdn.net
192.229.221.95
us-an.gr-cdn.com
unknown

IPs

IP
Domain
Country
Malicious
172.67.73.202
www.joesandbox.com
United States
192.168.2.8
unknown
unknown
216.58.206.36
www.google.com
United States
104.16.80.73
static.cloudflareinsights.com
United States
104.26.11.56
unknown
United States
239.255.255.250
unknown
Reserved
92.223.124.62
cl-glbce66526.gcdn.co
Austria
35.190.80.1
a.nel.cloudflare.com
United States
178.16.117.14
ga2.getresponse.com
Poland

DOM / HTML

URL
Malicious
https://www.joesandbox.com/
https://www.joesandbox.com/
https://www.joesandbox.com/
https://www.joesandbox.com/login
https://www.joesandbox.com/login