Edit tour
Windows
Analysis Report
paystub_11_24_2022.html
Overview
General Information
| Sample Name: | paystub_11_24_2022.html |
| Analysis ID: | 756209 |
| MD5: | e1892a15eb3e631a1092656d70b4d153 |
| SHA1: | bb4fedcb1a78f24312d38b38614c67f3da01abe6 |
| SHA256: | 3a038932b8fca36ec5b47950e9d903c746b2430e313ccbec2e94a0919353077b |
 | |
Detection
HTMLPhisher
| Score: | 64 |
| Range: | 0 - 100 |
| Whitelisted: | false |
| Confidence: | 100% |
Signatures
Yara detected HtmlPhish10
Yara detected HtmlPhish54
HTML document with suspicious title
Phishing site detected (based on image similarity)
None HTTPS page querying sensitive user data (password, username or email)
No HTML title found
Classification
- System is w10x64_ra
chrome.exe (PID: 6932 cmdline: "C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed --sing le-argumen t C:\Users \eyup\Desk top\paystu b_11_24_20 22.html MD5: 7BC7B4AEDC055BB02BCB52710132E9E1) - chrome.exe (PID: 2852 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2040 --fi eld-trial- handle=180 4,i,156759 3549972244 1086,62231 3800973074 6946,13107 2 --disabl e-features =Optimizat ionGuideMo delDownloa ding,Optim izationHin ts,Optimiz ationTarge tPredictio n /prefetc h:8 MD5: 7BC7B4AEDC055BB02BCB52710132E9E1)
- cleanup
| Source | Rule | Description | Author | Strings |
|---|---|---|---|---|
| JoeSecurity_HtmlPhish_10 | Yara detected HtmlPhish_10 | Joe Security | ||
| JoeSecurity_HtmlPhish_54 | Yara detected HtmlPhish_54 | Joe Security |
⊘No Sigma rule has matched
⊘No Snort rule has matched
Click to jump to signature section
Show All Signature Results
Phishing |   |
|---|
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | Matcher: | ||
| Source: | Matcher: | ||
| Source: | Ma | ||