Loading ...

Play interactive tourEdit tour

Windows Analysis Report https://dn6orrtz.sibpages.com/

Overview

General Information

Sample URL:https://dn6orrtz.sibpages.com/
Analysis ID:553037
Infos:

Most interesting Screenshot:

Detection

HTMLPhisher
Score:68
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Yara detected HtmlPhish10
Antivirus detection for URL or domain
Phishing site detected (based on logo template match)
No HTML title found
HTML body contains low number of good links
Suspicious form URL found

Classification

Process Tree

  • System is w10x64
  • chrome.exe (PID: 3028 cmdline: C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation "https://dn6orrtz.sibpages.com/ MD5: C139654B5C1438A95B321BB01AD63EF6)
    • chrome.exe (PID: 1768 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1528,17591449162204269841,17934805484148476243,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1904 /prefetch:8 MD5: C139654B5C1438A95B321BB01AD63EF6)
  • cleanup

Malware Configuration

No configs have been found

Yara Overview

Dropped Files

SourceRuleDescriptionAuthorStrings
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3JoeSecurity_HtmlPhish_10Yara detected HtmlPhish_10Joe Security

    Sigma Overview

    No Sigma rule has matched

    Jbx Signature Overview

    Click to jump to signature section

    Show All Signature Results

    AV Detection:

    barindex
    Antivirus / Scanner detection for submitted sampleShow sources
    Source: https://dn6orrtz.sibpages.com/SlashNext: detection malicious, Label: Fake Login Page type: Phishing & Social Engineering
    Antivirus detection for URL or domainShow sources
    Source: https://garythegreatesthypnotist.com/CD/One-File/SlashNext: Label: Fake Login Page type: Phishing & Social Engineering

    Phishing: