Windows Analysis Report
test@barclays.com.html

Overview

General Information

Sample Name: test@barclays.com.html
Analysis ID: 655625
MD5: 3ff5b2d36016905e595efd4a6793c17e
SHA1: ee9774db8ab8b5b156c7ea7933031825d930071e
SHA256: c786576470e647e9d098001c6a748c17277cc4cf6c2209ce7e4712baff2490dd
Infos:

Detection

HTMLPhisher
Score: 48
Range: 0 - 100
Whitelisted: false
Confidence: 100%

Signatures

Yara detected HtmlPhish44
HTML body contains low number of good links
None HTTPS page querying sensitive user data (password, username or email)
No HTML title found

Classification

Phishing

barindex
Source: Yara match File source: test@barclays.com.html, type: SAMPLE
Source: file:///C:/Users/alfredo/Desktop/test@barclays.com.html HTTP Parser: Number of links: 0
Source: file:///C:/Users/alfredo/Desktop/test@barclays.com.html HTTP Parser: Number of links: 0
Source: file:///C:/Users/alfredo/Desktop/test@barclays.com.html HTTP Parser: Has password / email / username input fields
Source: file:///C:/Users/alfredo/Desktop/test@barclays.com.html HTTP Parser: Has password / email / username input fields
Source: file:///C:/Users/alfredo/Desktop/test@barclays.com.html HTTP Parser: HTML title missing
Source: file:///C:/Users/alfredo/Desktop/test@barclays.com.html HTTP Parser: HTML title missing
Source: file:///C:/Users/alfredo/Desktop/test@barclays.com.html HTTP Parser: No <meta name="author".. found
Source: file:///C:/Users/alfredo/Desktop/test@barclays.com.html HTTP Parser: No <meta name="author".. found
Source: file:///C:/Users/alfredo/Desktop/test@barclays.com.html HTTP Parser: No <meta name="copyright".. found
Source: file:///C:/Users/alfredo/Desktop/test@barclays.com.html HTTP Parser: No <meta name="copyright".. found
Source: chrome.exe Memory has grown: Private usage: 6MB later: 22MB
Source: unknown DNS traffic detected: queries for: code.jquery.com
Source: unknown Network traffic detected: HTTP traffic on port 52163 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 58013 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 65224 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 53161 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 53161
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 58013
Source: unknown Network traffic detected: HTTP traffic on port 63576 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57586
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 52163
Source: unknown Network traffic detected: HTTP traffic on port 57586 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 65224
Source: unknown Network traffic detected: HTTP traffic on port 65069 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 65069
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63576
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown TCP traffic detected without corresponding DNS query: 172.217.23.99
Source: unknown TCP traffic detected without corresponding DNS query: 172.217.23.99
Source: unknown TCP traffic detected without corresponding DNS query: 172.217.23.99
Source: unknown TCP traffic detected without corresponding DNS query: 216.58.212.131
Source: unknown TCP traffic detected without corresponding DNS query: 216.58.212.131
Source: unknown TCP traffic detected without corresponding DNS query: 216.58.212.131
Source: unknown TCP traffic detected without corresponding DNS query: 172.217.23.99
Source: unknown TCP traffic detected without corresponding DNS query: 172.217.23.99
Source: unknown TCP traffic detected without corresponding DNS query: 216.58.212.131
Source: unknown TCP traffic detected without corresponding DNS query: 216.58.212.131
Source: unknown TCP traffic detected without corresponding DNS query: 172.217.23.99
Source: unknown TCP traffic detected without corresponding DNS query: 172.217.23.99
Source: unknown TCP traffic detected without corresponding DNS query: 172.217.23.99
Source: unknown TCP traffic detected without corresponding DNS query: 172.217.23.99
Source: unknown TCP traffic detected without corresponding DNS query: 172.217.23.99
Source: unknown TCP traffic detected without corresponding DNS query: 216.58.212.131
Source: unknown TCP traffic detected without corresponding DNS query: 216.58.212.131
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\alfredo\AppData\Local\Temp\e6b0db7b-9f08-487a-a9ef-699c08b3ce7f.tmp
Source: classification engine Classification label: mal48.phis.winHTML@21/144@8/108
Source: unknown Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation --single-argument C:\Users\alfredo\Desktop\test@barclays.com.html
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1708,15171800579801753561,3977679138883550371,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2100 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1708,15171800579801753561,3977679138883550371,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2100 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\BrowserMetrics\BrowserMetrics-62BF39F8-1BC4.pma
Source: Window Recorder Window detected: More than 3 window changes detected