Edit tour
Windows
Analysis Report
securedoc_20250414T103717.html
Overview
General Information
| Sample name: | securedoc_20250414T103717.html |
| Analysis ID: | 1664742 |
| MD5: | c4432d1b1bd231cdeb511e47d17b087c |
| SHA1: | 9c8782462a5136458d5c505b224fa17291012ce5 |
| SHA256: | f131edaa4a186173277acfcc58cf5507f728b36ac2dabe7fabe0a5de3e67fff3 |
| Infos: | |
 | |
Detection
| Score: | 60 |
| Range: | 0 - 100 |
| Confidence: | 100% |
Signatures
AI detected phishing page
AI detected suspicious Javascript
HTML file submission containing password form
Suspicious Javascript code found in HTML file
Detected hidden input values containing email addresses (often used in phishing pages)
HTML body contains low number of good links
HTML page contains hidden javascript code
HTML title does not match URL
HTTP GET or POST without a user agent
IP address seen in connection with other malware
None HTTPS page querying sensitive user data (password, username or email)
Classification
- System is w10x64
chrome.exe (PID: 6316 cmdline: "C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --s tart-maxim ized "abou t:blank" MD5: E81F54E6C1129887AEA47E7D092680BF) - chrome.exe (PID: 6668 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --no-pre-r ead-main-d ll --field -trial-han dle=2312,i ,143265973 2085035326 0,61287718 6176157903 7,262144 - -disable-f eatures=Op timization GuideModel Downloadin g,Optimiza tionHints, Optimizati onHintsFet ching,Opti mizationTa rgetPredic tion --var iations-se ed-version =20250306- 183004.429 000 --mojo -platform- channel-ha ndle=2332 /prefetch: 3 MD5: E81F54E6C1129887AEA47E7D092680BF)
- chrome.exe (PID: 7216 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" "C:\ Users\user \Desktop\s ecuredoc_2 0250414T10 3717.html" MD5: E81F54E6C1129887AEA47E7D092680BF)
- cleanup
⊘No configs have been found
⊘No yara matches
⊘No Sigma rule has matched
⊘No Suricata rule has matched
- • Phishing
- • Compliance
- • Networking
- • System Summary
- • Stealing of Sensitive Information
Click to jump to signature section
Show All Signature Results
Phishing |   |
|---|
| Source: | Joe Sandbox AI: | ||
| Source: | Joe Sandbox AI: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTP traffic detected: | ||