Score: | 72 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Phishing: |
---|
Phishing site detected (based on favicon image match) |
Source: |
Matcher: |
Yara detected HtmlPhish_10 |
Source: |
File source: |
Yara detected obfuscated html page |
Source: |
File source: |
Phishing site detected (based on logo template match) |
Source: |
Matcher: |
HTML title does not match URL |
Source: |
HTTP Parser: |
||
Source: |
HTTP Parser: |
Invalid 'forgot password' link found |
Source: |
HTTP Parser: |
||
Source: |
HTTP Parser: |
None HTTPS page querying sensitive user data (password, username or email) |
Source: |
HTTP Parser: |
||
Source: |
HTTP Parser: |
Source: |
HTTP Parser: |
||
Source: |
HTTP Parser: |
Source: |
HTTP Parser: |
||
Source: |
HTTP Parser: |
Compliance: |
---|
Uses new MSVCR Dlls |
Source: |
File opened: |
Jump to behavior |
Uses secure TLS version for HTTPS connections |
Source: |
HTTPS traffic detected: |
||
Source: |
HTTPS traffic detected: |
||
Source: |
HTTPS traffic detected: |
||
Source: |
HTTPS traffic detected: |
||
Source: |
HTTPS traffic detected: |
||
Source: |
HTTPS traffic detected: |
||
Source: |
HTTPS traffic detected: |
||
Source: |
HTTPS traffic detected: |
||
Source: |
HTTPS traffic detected: |
Networking: |
---|
IP address seen in connection with other malware |
Source: |
IP Address: |
||
Source: |
IP Address: |
||
Source: |
IP Address: |
JA3 SSL client fingerprint seen in connection with other malware |
Source: |
JA3 fingerprint: |
||
Source: |
JA3 fingerprint: |
Source: |
String found in binary or memory: |