Windows
Analysis Report
https://share.mindmanager.com/#publish/mnPTcUqLfLnU6HRHMb6xC3qXYGZYU6tmBtOy3sS6
Overview
General Information
Detection
HTMLPhisher
Score: | 68 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
AI detected phishing page
Yara detected HtmlPhish10
Phishing site detected (based on image similarity)
Phishing site detected (based on shot match)
Uses Javascript AES encryption / decryption (likely to hide suspicious Javascript code)
HTML body contains low number of good links
HTML body contains password input but no form action
HTML page contains hidden URLs or javascript code
HTML title does not match URL
Invalid T&C link found
Stores files to the Windows start menu directory
Classification
- System is w10x64_ra
chrome.exe (PID: 5748 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed --sing le-argumen t https:// share.mind manager.co m/#publish /mnPTcUqLf LnU6HRHMb6 xC3qXYGZYU 6tmBtOy3sS 6 MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA) chrome.exe (PID: 5700 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2184 --fi eld-trial- handle=196 0,i,197596 6168969992 740,161742 0631890092 2862,26214 4 --disabl e-features =Optimizat ionGuideMo delDownloa ding,Optim izationHin ts,Optimiz ationHints Fetching,O ptimizatio nTargetPre diction /p refetch:8 MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)
- cleanup
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_HtmlPhish_10 | Yara detected HtmlPhish_10 | Joe Security | ||
JoeSecurity_HtmlPhish_10 | Yara detected HtmlPhish_10 | Joe Security |
⊘No Sigma rule has matched
⊘No Snort rule has matched
Click to jump to signature section
Show All Signature Results
Phishing |
---|
Source: | LLM: |
Source: | File source: | ||
Source: | File source: |
Source: | Matcher: |
Source: | Matcher: | ||
Source: | Matcher: | ||
Source: | Matcher: |
Source: | HTTP Parser: |