Loading ...

Play interactive tourEdit tour

Analysis Report http://www.ztzusl.vibz.co.uk./#jrschnell.com.br/site/z1/bGFtQHNwYXJub3JkLmRr

Overview

General Information

Sample URL:http://www.ztzusl.vibz.co.uk./#jrschnell.com.br/site/z1/bGFtQHNwYXJub3JkLmRr
Analysis ID:383856
Infos:

Most interesting Screenshot:

Detection

HTMLPhisher
Score:56
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Yara detected HtmlPhish10
Phishing site detected (based on image similarity)
Phishing site detected (based on logo template match)
HTML body contains low number of good links
HTML title does not match URL
Invalid 'forgot password' link found

Classification

Startup

  • System is w10x64
  • chrome.exe (PID: 3880 cmdline: 'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized 'http://www.ztzusl.vibz.co.uk./#jrschnell.com.br/site/z1/bGFtQHNwYXJub3JkLmRr' MD5: C139654B5C1438A95B321BB01AD63EF6)
    • chrome.exe (PID: 5856 cmdline: 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1540,11347640063778282216,12771895532885012560,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1688 /prefetch:8 MD5: C139654B5C1438A95B321BB01AD63EF6)
  • cleanup

Malware Configuration

No configs have been found

Yara Overview

No yara matches

Sigma Overview

No Sigma rule has matched

Signature Overview

Click to jump to signature section

Show All Signature Results

Phishing:

bar