Edit tour
Windows
Analysis Report
http://document--1111011111.company.com/
Overview
General Information
| Sample URL: | http://document--1111011111.company.com/ |
| Analysis ID: | 635117 |
| Infos: | |
 | |
Detection
HTMLPhisher
| Score: | 56 |
| Range: | 0 - 100 |
| Whitelisted: | false |
| Confidence: | 100% |
Signatures
Antivirus / Scanner detection for submitted sample
Yara detected HtmlPhish20
Classification
- System is start
chrome.exe (PID: 7668 cmdline: "C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed --enab le-automat ion --sin gle-argume nt http:// document-- 1111011111 .company.c om/ MD5: 74859601FB4BEEA84B40D874CCB56CAB) - chrome.exe (PID: 7404 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -field-tri al-handle= 1740,10588 1109855357 76619,1648 8514565616 499681,131 072 --lang =en-US --s ervice-san dbox-type= none --moj o-platform -channel-h andle=2108 /prefetch :8 MD5: 74859601FB4BEEA84B40D874CCB56CAB)
- cleanup
⊘No configs have been found
| Source | Rule | Description | Author | Strings |
|---|---|---|---|---|
| JoeSecurity_HtmlPhish_20 | Yara detected HtmlPhish_20 | Joe Security |
⊘No Sigma rule has matched
⊘No Snort rule has matched
Click to jump to signature section
Show All Signature Results
AV Detection |   |
|---|
| Source: | SlashNext: | ||
Phishing | |
|---|
| Source: | File source: | ||
| Source: | DNS traffic detected: | ||
| Source: | HTTP traffic detected: | ||