Loading ...

Play interactive tourEdit tour

Analysis Report https://urldefense.com/jblocked?u=https:/covid19n5nc50cq0w5nfc500wrcdfdn.nyc3.cdn.digitaloceanspaces.com/index.html*RossLogistics.Procurement@ros.com&c=rossstores_2_hosted&sig=xNz2wqSyfC7BuocSXhbPxEY94BKVH5LRt084W97v3_g=

Overview

General Information

Sample URL:https://urldefense.com/jblocked?u=https:/covid19n5nc50cq0w5nfc500wrcdfdn.nyc3.cdn.digitaloceanspaces.com/index.html*RossLogistics.Procurement@ros.com&c=rossstores_2_hosted&sig=xNz2wqSyfC7BuocSXhbPxEY94BKVH5LRt084W97v3_g=
Analysis ID:338019

Most interesting Screenshot:

Detection

Score:0
Range:0 - 100
Whitelisted:false
Confidence:80%

Signatures

URL contains potential PII (phishing indication)

Classification

Startup

  • System is w10x64
  • iexplore.exe (PID: 2432 cmdline: 'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding MD5: 6465CB92B25A7BC1DF8E01D8AC5E7596)
    • iexplore.exe (PID: 5436 cmdline: 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:2432 CREDAT:17410 /prefetch:2 MD5: 071277CC2E3DF41EEEA8013E2AB58D5A)
  • cleanup

Malware Configuration

No configs have been found

Yara Overview

No yara matches

Sigma Overview

No Sigma rule has matched

Signature Overview

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.