Windows
Analysis Report
ATT78490.html
Overview
General Information
Detection
Score: | 76 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
AI detected phishing page
HTML file submission requesting Cloudflare captcha challenge
AI detected suspicious Javascript
Call-Chain indicates evasion measures
HTML IFrame injector detected
HTML Script injector detected
HTML root dynamically written
Dynamic code execution using eval()
IP address seen in connection with other malware
Script element or tag injection
Classification
- System is w10x64_ra
chrome.exe (PID: 6784 cmdline:
"C:\Users\ user\AppDa ta\Local\C hromium\Ap plication\ chrome.exe " --start- maximized --single-a rgument C: \Users\use r\Desktop\ ATT78490.h tml MD5: B6CB00FCB81D3B66870817AEBE7163BB) chrome.exe (PID: 3008 cmdline:
"C:\Users\ user\AppDa ta\Local\C hromium\Ap plication\ chrome.exe " --no-san dbox --typ e=utility --utility- sub-type=n etwork.moj om.Network Service -- lang=en-GB --service -sandbox-t ype=none - -start-sta ck-profile r --mojo-p latform-ch annel-hand le=1952 -- field-tria l-handle=1 988,i,8901 8269503560 33275,2384 6541229806 91143,2621 44 --disab le-feature s=Optimiza tionGuideM odelDownlo ading,Opti mizationHi nts,Optimi zationHint sFetching, Optimizati onTargetPr ediction / prefetch:8 MD5: B6CB00FCB81D3B66870817AEBE7163BB)
- cleanup
⊘No configs have been found
⊘No yara matches
⊘No Sigma rule has matched
⊘No Suricata rule has matched
- • Phishing
- • Networking
- • System Summary
- • Data Obfuscation
Click to jump to signature section
Show All Signature Results
Phishing |
---|
Source: | Joe Sandbox AI: |
Source: | Joe Sandbox AI: | ||
Source: | Joe Sandbox AI: | ||
Source: | Joe Sandbox AI: | ||
Source: | Joe Sandbox AI: | ||
Source: | Joe Sandbox AI: |
Source: | JavaScript Tracing: | ||
Source: | JavaScript Tracing: |
Source: | HTTP Parser: |
Source: | HTTP Parser: | ||
Source: | HTTP Parser: | ||
Source: | HTTP Parser: | ||
Source: | HTTP Parser: | ||
Source: | HTTP Parser: | ||
Source: | HTTP Parser: | ||
Source: | HTTP Parser: | ||
Source: | HTTP Parser: |
Source: | JavaScript Tracing: |
Source: | JavaScript Tracing: | ||
Source: | JavaScript Tracing: | ||
Source: | JavaScript Tracing: | ||
Source: | JavaScript Tracing: | ||
Source: | JavaScript Tracing: | ||
Source: | JavaScript Tracing: | ||
Source: | JavaScript Tracing: | ||
Source: | JavaScript Tracing: | ||
Source: | JavaScript Tracing: | ||
Source: | JavaScript Tracing: | ||
Source: | JavaScript Tracing: | ||
Source: | JavaScript Tracing: | ||
Source: | JavaScript Tracing: | ||
Source: | JavaScript Tracing: | ||
Source: | JavaScript Tracing: | ||
Source: | JavaScript Tracing: | ||
Source: | JavaScript Tracing: | ||
Source: | JavaScript Tracing: | ||
Source: | JavaScript Tracing: | ||
Source: | JavaScript Tracing: | ||
Source: | JavaScript Tracing: | ||
Source: | JavaScript Tracing: | ||
Source: | JavaScript Tracing: | ||
Source: | JavaScript Tracing: | ||
Source: | JavaScript Tracing: | ||
Source: | JavaScript Tracing: | ||
Source: | JavaScript Tracing: | ||
Source: | JavaScript Tracing: | ||
Source: | JavaScript Tracing: |