Trojan.HTML.PHISH.QURAAOOIIK
January 14, 2022
ALIASES:
HTML/Phishing.Gen trojan (NOD32)
PLATFORM:
Windows
OVERALL RISK RATING:
DAMAGE POTENTIAL:
DISTRIBUTION POTENTIAL:
REPORTED INFECTION:
INFORMATION EXPOSURE:
Threat Type: Trojan
Destructiveness: No
Encrypted: No
In the wild: Yes
OVERVIEW
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
TECHNICAL DETAILS
File Size:
46,763 bytes
File Type:
HTML, HTM
Memory Resident:
No
Arrival Details
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
Other Details
This Trojan connects to the following possibly malicious URL:
- https://{BLOCKED}palkatreszek.hu/wp-includes/blocks/audio/reportpdfpurchase.php
It does the following:
- It disguises as a form to open a PDF document.