HTML_PHISH.XTXB
PLATFORM:
Windows
OVERALL RISK RATING:
DAMAGE POTENTIAL:
DISTRIBUTION POTENTIAL:
REPORTED INFECTION:
INFORMATION EXPOSURE:
Threat Type: Trojan
Destructiveness: No
Encrypted:
In the wild: Yes
OVERVIEW
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
TECHNICAL DETAILS
File Size:
5,519 bytes
File Type:
HTML, HTM
Initial Samples Received Date:
16 Dec 2015
Arrival Details
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
Other Details
This Trojan connects to the following possibly malicious URL:
- http://{BLOCKED}r.com/wp/wp-content/uploads/2010/07/dhl_delivery_1.jpg
- http://www.{BLOCKED}batradeltd.net/pig/btn1.png
- http://www.{BLOCKED}batradeltd.net/pig/dhl.png
- http://www.{BLOCKED}batradeltd.net/excel/Scott/input.php
NOTES:
It opens up a fake website asking for personal account information of users.