Edit tour
Windows
Analysis Report
http://cubes.concordia.ca/track?type=click&enid=bWFpbGluZ2lkPTM2MjMmbWVzc2FnZWlkPTQxMjEmZGF0YWJhc2VpZD05MDEmc2VyaWFsPTEyNzU1MDM1NzUmZW1haWxpZD13YXJpZXN0NTkzMzgud2Vla2x5bWFpbEBibG9nZ2VyLmNvbSZ1c2VyaWQ9NDcxJmZsPSZleHRyYT1NdWx0aXZhcmlhdGVJZD0mJiY=&&&2028&&&http://gbmaucstans.com/?ddg5B=ZnJhbmNvaXMuYm91
Overview
General Information
Detection
Score: | 68 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Antivirus / Scanner detection for submitted sample
Multi AV Scanner detection for domain / URL
Phishing site detected (based on favicon image match)
Phishing site detected (based on image similarity)
HTML body contains low number of good links
HTML body contains password input but no form action
HTML page contains hidden URLs or javascript code
HTML title does not match URL
None HTTPS page querying sensitive user data (password, username or email)
Phishing site detected (based on OCR NLP Model)
Stores files to the Windows start menu directory
Uses insecure TLS / SSL version for HTTPS connection
Classification
- System is w10x64
- chrome.exe (PID: 6980 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed "about :blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 5528 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2568 --fi eld-trial- handle=254 0,i,105526 3093010733 8584,18205 4515401203 61499,2621 44 --disab le-feature s=Optimiza tionGuideM odelDownlo ading,Opti mizationHi nts,Optimi zationHint sFetching, Optimizati onTargetPr ediction / prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- chrome.exe (PID: 5856 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" "htt p://cubes. concordia. ca/track?t ype=click& enid=bWFpb GluZ2lkPTM 2MjMmbWVzc 2FnZWlkPTQ xMjEmZGF0Y WJhc2VpZD0 5MDEmc2Vya WFsPTEyNzU 1MDM1NzUmZ W1haWxpZD1 3YXJpZXN0N TkzMzgud2V la2x5bWFpb EBibG9nZ2V yLmNvbSZ1c 2VyaWQ9NDc xJmZsPSZle HRyYT1NdWx 0aXZhcmlhd GVJZD0mJiY =&&&2028&& &http://gb maucstans. com/?ddg5B =ZnJhbmNva XMuYm91bGF uZ2VyQGNna S5jb20=" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- cleanup
⊘No configs have been found
⊘No yara matches
⊘No Sigma rule has matched
⊘No Snort rule has matched
Click to jump to signature section
Show All Signature Results
AV Detection |
---|
Source: | SlashNext: |
Source: | Virustotal: | Perma Link |
Phishing |
---|
Source: | Matcher: | ||
Source: |