Analysis Report https://u.pcloud.com/track?url=aHR0cHM6Ly90cmFuc2Zlci5wY2xvdWQuY29tL2Rvd25sb2FkLmh0bWw/Y29kZT01WllLcjlYWmw1VXQwYWdrMWVIWjlTaHFaaWZtbDNwNFV2Y2thWTZmOTRYeTg2VkdwNUFtayM=&token=j7yZZ7ZFkZrwc0kENluc4wtObKMPkdF8xn5b07

Overview

General Information

Sample URL:	https://u.pcloud.com/track?url=aHR0cHM6Ly90cmFuc2Zlci5wY2xvdWQuY29tL2Rvd25sb2FkLmh0bWw/Y29kZT01WllLcjlYWmw1VXQwYWdrMWVIWjlTaHFaaWZtbDNwNFV2Y2thWTZmOTRYeTg2VkdwNUFtayM=&token=j7yZZ7ZFkZrwc0kENluc4wtObKMPkdF8xn5b07
Analysis ID:	431590
Infos:
Most interesting Screenshot:

Detection

Score:	21
Range:	0 - 100
Whitelisted:	false
Confidence:	80%

Signatures

Phishing site detected (based on logo template match)

Found iframes

HTML title does not match URL

Classification

Process Tree

System is w10x64

iexplore.exe (PID: 5892 cmdline: 'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding MD5: 6465CB92B25A7BC1DF8E01D8AC5E7596)

iexplore.exe (PID: 5936 cmdline: 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:5892 CREDAT:17410 /prefetch:2 MD5: 071277CC2E3DF41EEEA8013E2AB58D5A)

iexplore.exe (PID: 3508 cmdline: 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:5892 CREDAT:17424 /prefetch:2 MD5: 071277CC2E3DF41EEEA8013E2AB58D5A)

cleanup

Malware Configuration

No configs have been found

Yara Overview

No yara matches

Sigma Overview

No Sigma rule has matched

Signature Overview

Click to jump to signature section

Show All Signature Results

Phishing:

Phishing site detected (based on logo template match)

Show sources

Source: https://my.pcloud.com/#page=login

Matcher: Template: apple matched

Source: https://www.pcloud.com/terms_and_conditions.html	HTTP Parser: Iframe src: https://js.stripe.com/v2/channel.html?stripe_xdm_e=https%3A%2F%2Fwww.pcloud.com&stripe_xdm_c=default767656&stripe_xdm_p=1#__stripe_transport__
Source: https://www.pcloud.com/terms_and_conditions.html	HTTP Parser: Iframe src: https://js.stripe.com/v3/m-outer-ff599b5032b79ea1f89ba5416bea26e6.html#url=https%3A%2F%2Fwww.pcloud.com%2Fterms_and_conditions.html&title=pCloud%20-%20Terms%20and%20Conditions&referrer=&muid=NA&sid=NA&version=6&preview=false
Source: https://www.pcloud.com/terms_and_conditions.html	HTTP Parser: Iframe src: https://js.stripe.com/v2/channel.html?stripe_xdm_e=https%3A%2F%2Fwww.pcloud.com&stripe_xdm_c=default767656&stripe_xdm_p=1#__stripe_transport__
Source: https://www.pcloud.com/terms_and_conditions.html	HTTP Parser: Iframe src: https://js.stripe.com/v3/m-outer-ff599b5032b79ea1f89ba5416bea26e6.html#url=https%3A%2F%2Fwww.pcloud.com%2Fterms_and_conditions.html&title=pCloud%20-%20Terms%20and%20Conditions&referrer=&muid=NA&sid=NA&version=6&preview=false
Source: https://www.pcloud.com/privacy_policy.html	HTTP Parser: Iframe src: https://js.stripe.com/v2/channel.html?stripe_xdm_e=https%3A%2F%2Fwww.pcloud.com&stripe_xdm_c=default32644&stripe_xdm_p=1#__stripe_transport__
Source: https://www.pcloud.com/privacy_policy.html	HTTP Parser: Iframe src: https://js.stripe.com/v3/m-outer-ff599b5032b79ea1f89ba5416bea26e6.html#url=https%3A%2F%2Fwww.pcloud.com%2Fprivacy_policy.html&title=pCloud%20-%20Privacy%20Policy&referrer=&muid=NA&sid=NA&version=6&preview=false
Source: https://www.pcloud.com/privacy_policy.html	HTTP Parser: Iframe src: https://js.stripe.com/v2/channel.html?stripe_xdm_e=https%3A%2F%2Fwww.pcloud.com&stripe_xdm_c=default32644&stripe_xdm_p=1#__stripe_transport__
Source: https://www.pcloud.com/privacy_policy.html	HTTP Parser: Iframe src: https://js.stripe.com/v3/m-outer-ff599b5032b79ea1f89ba5416bea26e6.html#url=https%3A%2F%2Fwww.pcloud.com%2Fprivacy_policy.html&title=pCloud%20-%20Privacy%20Policy&referrer=&muid=NA&sid=NA&version=6&preview=false
Source: https://www.pcloud.com/cloud-storage-pricing-plans.html	HTTP Parser: Iframe src: https://js.stripe.com/v2/channel.html?stripe_xdm_e=https%3A%2F%2Fwww.pcloud.com&stripe_xdm_c=default346978&stripe_xdm_p=1#__stripe_transport__
Source: https://www.pcloud.com/cloud-storage-pricing-plans.html	HTTP Parser: Iframe src: https://js.stripe.com/v3/m-outer-ff599b5032b79ea1f89ba5416bea26e6.html#url=https%3A%2F%2Fwww.pcloud.com%2Fcloud-storage-pricing-plans.html%3Fperiod%3Dlifetime&title=pCloud%20-%20Best%20Cloud%20Storage%20Pricing%20%26%20Cost%20Plans&referrer=&muid=NA&sid=NA&version=6&preview=false
Source: https://www.pcloud.com/cloud-storage-pricing-plans.html	HTTP Parser: Iframe src: https://js.stripe.com/v3/m-outer-ff599b5032b79ea1f89ba5416bea26e6.html#url=https%3A%2F%2Fwww.pcloud.com%2Fcloud-storage-pricing-plans.html%3Fperiod%3Dlifetime&title=pCloud%20-%20Best%20Cloud%20Storage%20Pricing%20%26%20Cost%20Plans&referrer=&muid=NA&sid=NA&version=6&preview=false
Source: https://www.pcloud.com/cloud-storage-pricing-plans.html	HTTP Parser: Iframe src: https://js.stripe.com/v2/channel.html?stripe_xdm_e=https%3A%2F%2Fwww.pcloud.com&stripe_xdm_c=default346978&stripe_xdm_p=1#__stripe_transport__
Source: https://www.pcloud.com/cloud-storage-pricing-plans.html	HTTP Parser: Iframe src: https://js.stripe.com/v3/m-outer-ff599b5032b79ea1f89ba5416bea26e6.html#url=https%3A%2F%2Fwww.pcloud.com%2Fcloud-storage-pricing-plans.html%3Fperiod%3Dlifetime&title=pCloud%20-%20Best%20Cloud%20Storage%20Pricing%20%26%20Cost%20Plans&referrer=&muid=NA&sid=NA&version=6&preview=false
Source: https://www.pcloud.com/cloud-storage-pricing-plans.html	HTTP Parser: Iframe src: https://js.stripe.com/v3/m-outer-ff599b5032b79ea1f89ba5416bea26e6.html#url=https%3A%2F%2Fwww.pcloud.com%2Fcloud-storage-pricing-plans.html%3Fperiod%3Dlifetime&title=pCloud%20-%20Best%20Cloud%20Storage%20Pricing%20%26%20Cost%20Plans&referrer=&muid=NA&sid=NA&version=6&preview=false
Source: https://www.pcloud.com/int_pr_policy.html	HTTP Parser: Iframe src: https://js.stripe.com/v2/channel.html?stripe_xdm_e=https%3A%2F%2Fwww.pcloud.com&stripe_xdm_c=default274673&stripe_xdm_p=1#__stripe_transport__
Source: https://www.pcloud.com/int_pr_policy.html	HTTP Parser: Iframe src: https://js.stripe.com/v3/m-outer-ff599b5032b79ea1f89ba5416bea26e6.html#url=https%3A%2F%2Fwww.pcloud.com%2Fint_pr_policy.html&title=pCloud%20-%20Intellectual%20Property&referrer=&muid=NA&sid=NA&version=6&preview=false
Source: https://www.pcloud.com/int_pr_policy.html	HTTP Parser: Iframe src: https://js.stripe.com/v2/channel.html?stripe_xdm_e=https%3A%2F%2Fwww.pcloud.com&stripe_xdm_c=default274673&stripe_xdm_p=1#__stripe_transport__
Source: https://www.pcloud.com/int_pr_policy.html	HTTP Parser: Iframe src: https://js.stripe.com/v3/m-outer-ff599b5032b79ea1f89ba5416bea26e6.html#url=https%3A%2F%2Fwww.pcloud.com%2Fint_pr_policy.html&title=pCloud%20-%20Intellectual%20Property&referrer=&muid=NA&sid=NA&version=6&preview=false
Source: https://www.pcloud.com/cloud-storage-pricing-plans.html	HTTP Parser: Iframe src: https://js.stripe.com/v2/channel.html?stripe_xdm_e=https%3A%2F%2Fwww.pcloud.com&stripe_xdm_c=default228658&stripe_xdm_p=1#__stripe_transport__
Source: https://www.pcloud.com/cloud-storage-pricing-plans.html	HTTP Parser: Iframe src: https://js.stripe.com/v3/m-outer-ff599b5032b79ea1f89ba5416bea26e6.html#url=https%3A%2F%2Fwww.pcloud.com%2Fcloud-storage-pricing-plans.html&title=pCloud%20-%20Best%20Cloud%20Storage%20Pricing%20%26%20Cost%20Plans&referrer=&muid=NA&sid=NA&version=6&preview=false
Source: https://www.pcloud.com/cloud-storage-pricing-plans.html	HTTP Parser: Iframe src: https://js.stripe.com/v3/m-outer-ff599b5032b79ea1f89ba5416bea26e6.html#url=https%3A%2F%2Fwww.pcloud.com%2Fcloud-storage-pricing-plans.html&title=pCloud%20-%20Best%20Cloud%20Storage%20Pricing%20%26%20Cost%20Plans&referrer=&muid=NA&sid=NA&version=6&preview=false
Source: https://www.pcloud.com/cloud-storage-pricing-plans.html	HTTP Parser: Iframe src: https://js.stripe.com/v2/channel.html?stripe_xdm_e=https%3A%2F%2Fwww.pcloud.com&stripe_xdm_c=default228658&stripe_xdm_p=1#__stripe_transport__
Source: https://www.pcloud.com/cloud-storage-pricing-plans.html	HTTP Parser: Iframe src: https://js.stripe.com/v3/m-outer-ff599b5032b79ea1f89ba5416bea26e6.html#url=https%3A%2F%2Fwww.pcloud.com%2Fcloud-storage-pricing-plans.html&title=pCloud%20-%20Best%20Cloud%20Storage%20Pricing%20%26%20Cost%20Plans&referrer=&muid=NA&sid=NA&version=6&preview=false
Source: https://www.pcloud.com/cloud-storage-pricing-plans.html	HTTP Parser: Iframe src: https://js.stripe.com/v3/m-outer-ff599b5032b79ea1f89ba5416bea26e6.html#url=https%3A%2F%2Fwww.pcloud.com%2Fcloud-storage-pricing-plans.html&title=pCloud%20-%20Best%20Cloud%20Storage%20Pricing%20%26%20Cost%20Plans&referrer=&muid=NA&sid=NA&version=6&preview=false

Source: https://transfer.pcloud.com/	HTTP Parser: Title: Send large files up to 5GB for free does not match URL
Source: https://transfer.pcloud.com/	HTTP Parser: Title: Send large files up to 5GB for free does not match URL
Source: https://transfer.pcloud.com/download.html?code=5ZYKr9XZl5Ut0agk1eHZ9ShqZifml3p4UvckaY6f94Xy86VGp5Amk&label=Transfer%20-%20files%20sent%20%28to%20sender%29#	HTTP Parser: Title: Send large files up to 5GB for free does not match URL
Source: https://transfer.pcloud.com/download.html?code=5ZYKr9XZl5Ut0agk1eHZ9ShqZifml3p4UvckaY6f94Xy86VGp5Amk&label=Transfer%20-%20files%20sent%20%28to%20sender%29#	HTTP Parser: Title: Send large files u

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading ...

Warning!

Analysis Report https://u.pcloud.com/track?url=aHR0cHM6Ly90cmFuc2Zlci5wY2xvdWQuY29tL2Rvd25sb2FkLmh0bWw/Y29kZT01WllLcjlYWmw1VXQwYWdrMWVIWjlTaHFaaWZtbDNwNFV2Y2thWTZmOTRYeTg2VkdwNUFtayM=&token=j7yZZ7ZFkZrwc0kENluc4wtObKMPkdF8xn5b07

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Overview

Sigma Overview

Signature Overview

Phishing: