Loading ...

Play interactive tourEdit tour

Windows Analysis Report https://technogenius.net/o365/access.php?cliente=277

Overview

General Information

Sample URL:https://technogenius.net/o365/access.php?cliente=277
Analysis ID:528522
Infos:

Most interesting Screenshot:

Detection

HTMLPhisher
Score:92
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Phishing site detected (based on favicon image match)
Yara detected HtmlPhish10
Multi AV Scanner detection for submitted file
Antivirus detection for URL or domain
Multi AV Scanner detection for domain / URL
Phishing site detected (based on logo template match)
No HTML title found
HTML body contains low number of good links
Suspicious form URL found

Classification

Process Tree

  • System is w10x64
  • chrome.exe (PID: 6764 cmdline: C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation "https://technogenius.net/o365/access.php?cliente=277 MD5: C139654B5C1438A95B321BB01AD63EF6)
    • chrome.exe (PID: 6968 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1540,18345374331447883427,8225487869075105273,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1912 /prefetch:8 MD5: C139654B5C1438A95B321BB01AD63EF6)
  • cleanup

Malware Configuration

No configs have been found

Yara Overview

No yara matches

Sigma Overview

No Sigma rule has matched

Jbx Signature Overview

Click to jump to signature section

Show All Signature Results

AV Detection:

barindex
Antivirus / Scanner detection for submitted sampleShow sources
Source: https://technogenius.net/o365/access.php?cliente=277Avira URL Cloud: detection malicious, Label: phishing
Source: https://technogenius.net/o365/access.php?cliente=277SlashNext: detection malicious, Label: Fake Login Page type: Phishing & Social Engineering
Multi AV Scanner detection for submitted fileShow sources
Source: https://technogenius.net/o365/access.php?cliente=277Virustotal: Detection: 15%Perma Link
Antivirus detection for URL or domainShow sources
Source: https://technogenius.net/o365/main.jsAvira URL Cloud: Label: phishing
Source: https://technogenius.net/o365/4H5AlEw.png/Avira URL Cloud: Label: phishing
Source: https://technogenius.net/o365/access.php?cliente=277#8Avira URL Cloud: Label: phishing
Source: https://technogenius.net/o365/4H5AlEw.pngAvira URL Cloud: Label: phishing
Source: https://technogenius.net/o365/access.php?cliente=277#SignAvira URL Cloud: Label: phishing
Source: https://technogenius.net/o365/main.jsNAvira URL Cloud: Label: phishing
Source: https://technogenius.net/o365/access.php?cliente=2772Avira URL Cloud: Label: phishing
Source: https://technogenius.net/o365/favicon.icoAvira URL Cloud: Label: phishing
Source: https://technogenius.net/o365/a.svgAvira URL Cloud: Label: phishing
Source: https://technogenius.net/o365/access.php?cliente=277#Avira URL Cloud: Label: phishing
Source: https://technogenius.net/o365/access.php?cliente=277SignAvira URL Cloud: Label: phishing
Multi AV Scanner detection for domain / URLShow sources
Source: https://technogenius.net/o365/access.php?cliente=277#8Virustotal: Detection: 15%Perma Link

Phishing:

barindex
Phishing site detected (based on favicon image match)Show sources
Source: https://technogenius.net/o365/access.php?cliente=277Matcher: Template: microsoft matched with high similarity
Yara detected HtmlPhish10Show sources
Source: Yara matchFile source: 30509.0.pages.csv, type: HTML
Source: Yara matchFile source: 07755.1.pages.csv, type: HTML
Phishing site detected (based on logo template match)Show sources
Source: https://technogenius.net/o365/access.php?cliente=277Matcher: Template: microsoft matched
Source: https://technogenius.net/o365/access.php?cliente=277HTTP Parser: HTML title missing
Source: https://technogenius.net/o365/access.php?cliente=277HTTP Parser: HTML title missing
Source: https://technogenius.net/o365/access.php?cliente=277HTTP Parser: Number of links: 0
Source: https://technogenius.net/o365/access.php?cliente=277HTTP Parser: Number of links: 0
Source: https://technogenius.net/o365/access.php