Score: | 56 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Phishing: |
---|
Yara detected HtmlPhish_6 |
Source: |
File source: |
||
Source: |
File source: |
Phishing site detected (based on image similarity) |
Source: |
Matcher: |
Jump to dropped file |
HTML body contains low number of good links |
Source: |
HTTP Parser: |
||
Source: |
HTTP Parser: |
HTML title does not match URL |
Source: |
HTTP Parser: |
||
Source: |
HTTP Parser: |
Invalid T&C link found |
Source: |
HTTP Parser: |
||
Source: |
HTTP Parser: |
||
Source: |
HTTP Parser: |
||
Source: |
HTTP Parser: |
None HTTPS page querying sensitive user data (password, username or email) |
Source: |
HTTP Parser: |
||
Source: |
HTTP Parser: |
Suspicious form URL found |
Source: |
HTTP Parser: |
||
Source: |
HTTP Parser: |
Source: |
HTTP Parser: |
||
Source: |
HTTP Parser: |
Source: |
HTTP Parser: |
||
Source: |
HTTP Parser: |
Source: |
File opened: |
Jump to behavior |
Source: |
HTTPS traffic detected: |
||
Source: |
HTTPS traffic detected: |
||
Source: |
HTTPS traffic detected: |
||
Source: |
HTTPS traffic detected: |
||
Source: |
HTTPS traffic detected: |
||
Source: |
HTTPS traffic detected: |
||
Source: |
HTTPS traffic detected: |
||
Source: |
HTTPS traffic detected: |
||
Source: |
HTTPS traffic detected: |
Networking: |
---|
IP address seen in connection with other malware |
Source: |
IP Address: |
||
Source: |
IP Address: |
||
Source: |
IP Address: |
||
Source: |
IP Address: |
JA3 SSL client fingerprint seen in connection with other malware |
Source: |
JA3 fingerprint: |
Source: |
HTTP traffic detected: |