Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
paystub_11_24_2022.html

Overview

General Information

Sample Name:paystub_11_24_2022.html
Analysis ID:756209
MD5:e1892a15eb3e631a1092656d70b4d153
SHA1:bb4fedcb1a78f24312d38b38614c67f3da01abe6
SHA256:3a038932b8fca36ec5b47950e9d903c746b2430e313ccbec2e94a0919353077b

Detection

HTMLPhisher
Score:64
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Yara detected HtmlPhish10
Yara detected HtmlPhish54
HTML document with suspicious title
Phishing site detected (based on image similarity)
None HTTPS page querying sensitive user data (password, username or email)
No HTML title found

Classification

  • System is w10x64_ra
  • chrome.exe (PID: 6932 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument C:\Users\eyup\Desktop\paystub_11_24_2022.html MD5: 7BC7B4AEDC055BB02BCB52710132E9E1)
    • chrome.exe (PID: 2852 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2040 --field-trial-handle=1804,i,15675935499722441086,6223138009730746946,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8 MD5: 7BC7B4AEDC055BB02BCB52710132E9E1)
  • cleanup
SourceRuleDescriptionAuthorStrings
84922.0.pages.csvJoeSecurity_HtmlPhish_10Yara detected HtmlPhish_10Joe Security
    84922.0.pages.csvJoeSecurity_HtmlPhish_54Yara detected HtmlPhish_54Joe Security
      No Sigma rule has matched
      No Snort rule has matched

      Click to jump to signature section

      Show All Signature Results

      Phishing

      barindex
      Source: Yara matchFile source: 84922.0.pages.csv, type: HTML
      Source: Yara matchFile source: 84922.0.pages.csv, type: HTML
      Source: file:///C:/Users/eyup/Desktop/paystub_11_24_2022.htmlMatcher: Found strong image similarity, brand: Microsoft image: 84922.0.img.1.gfk.csv EE5C8D9FB6248C938FD0DC19370E90BD
      Source: file:///C:/Users/eyup/Desktop/paystub_11_24_2022.htmlMatcher: Found strong image similarity, brand: Microsoft image: 84922.0.img.1.gfk.csv EE5C8D9FB6248C938FD0DC19370E90BD
      Source: file:///C:/Users/eyup/Desktop/paystub_11_24_2022.htmlMa