Edit tour
Windows
Analysis Report
http://document--1111011111.company.com/
Overview
Detection
HTMLPhisher
Score: | 56 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Antivirus / Scanner detection for submitted sample
Yara detected HtmlPhish20
Classification
- System is start
- chrome.exe (PID: 7668 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed --enab le-automat ion --sin gle-argume nt http:// document-- 1111011111 .company.c om/ MD5: 74859601FB4BEEA84B40D874CCB56CAB) - chrome.exe (PID: 7404 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -field-tri al-handle= 1740,10588 1109855357 76619,1648 8514565616 499681,131 072 --lang =en-US --s ervice-san dbox-type= none --moj o-platform -channel-h andle=2108 /prefetch :8 MD5: 74859601FB4BEEA84B40D874CCB56CAB)
- cleanup
⊘No configs have been found
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_HtmlPhish_20 | Yara detected HtmlPhish_20 | Joe Security |
⊘No Sigma rule has matched
⊘No Snort rule has matched
Click to jump to signature section
Show All Signature Results
AV Detection |
---|
Source: | SlashNext: |
Phishing |
---|
Source: | File source: |
Source: | DNS traffic detected: |
Source: | HTTP traffic detected: |