HTML_DELPHISH.A
JS/Phish (AVG); HTML/Phishing (AhnLab-V3); JS/Phish.QXZ!tr (Fortinet); JS.Phish (Ikarus)
Windows
Threat Type: Trojan
Destructiveness: No
Encrypted:
In the wild: Yes
OVERVIEW
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It may be hosted on a website and run when a user accesses the said website.
However, as of this writing, the said sites are inaccessible.
TECHNICAL DETAILS
54,199 bytes
HTML, HTM
27 Sep 2015
Arrival Details
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
It may be hosted on a website and run when a user accesses the said website.
Other Details
This Trojan connects to the following possibly malicious URL:
- http://{BLOCKED}u.in/Dh/dhldelivery/dhl/login.php
However, as of this writing, the said sites are inaccessible.