Loading ...

Play interactive tourEdit tour

Windows Analysis Report https://gios.co.in/dalube

Overview

General Information

Sample URL:https://gios.co.in/dalube
Analysis ID:452574
Infos:

Most interesting Screenshot:

Detection

HTMLPhisher
Score:68
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Antivirus detection for URL or domain
Yara detected HtmlPhish10
Phishing site detected (based on logo template match)
HTML body contains low number of good links
HTML title does not match URL
Suspicious form URL found

Classification

Process Tree

  • System is w10x64
  • chrome.exe (PID: 5512 cmdline: 'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation 'https://gios.co.in/dalube' MD5: C139654B5C1438A95B321BB01AD63EF6)
    • chrome.exe (PID: 984 cmdline: 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1504,162524958323097783,14263672154630043900,131072 --lang=en-GB --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1832 /prefetch:8 MD5: C139654B5C1438A95B321BB01AD63EF6)
  • cleanup

Malware Configuration

No configs have been found

Yara Overview

No yara matches

Sigma Overview

No Sigma rule has matched

Jbx Signature Overview

Click to jump to signature section

Show All Signature Results

AV Detection:

barindex
Antivirus / Scanner detection for submitted sampleShow sources
Source: https://gios.co.in/dalubeSlashNext: detection malicious, Label: Fake Login Page type: Phishing & Social Engineering
Antivirus detection for URL or domainShow sources
Source: https://gios.co.in/dalube/Client/?sslchannel=true&sessionid=PLUyBh6GTtCpKF53GmWD1TES726ndjpHyq0xnEM1Eq5B6Rl1vAteD2XLcZ1aB67F3mcRTLSXXMDf4RFkSlashNext: Label: Fake Login Page type: Phishing & Social Engineering

Phishing:

barindex
Yara detected HtmlPhish10Show sources
Source: Yara matchFile source: 25855.pages.csv, type: HTML
Phishing site detected (based on logo template match)Show sources
Source: https://gios.co.in/dalube/Client/?sslchannel=true&sessionid=PLUyBh6GTtCpKF53GmWD1TES726ndjpHyq0xnEM1Eq5B6Rl1vAteD2XLcZ1aB67F3mcRTLSXXMDf4RFk