Overview

overview

10

Static

static

URLScan

urlscan

10

http://recp.mkt91.ne...

windows10_x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    http://recp.mkt91.net/ctt?m=804040&r=Njg0NjYxMDU1NQS2&b=0&j=NjAwMDczOTg3S0&k=NCLogo&kx=1&kt=12&kd=https://0bhmf.csb.app#scyrus@evolenthealth.com

  • Sample

    210122-gyf84k1sxs

Score
10/10
genericmicrosoftphishingransomware

Malware Config

Targets

    • Target

      http://recp.mkt91.net/ctt?m=804040&r=Njg0NjYxMDU1NQS2&b=0&j=NjAwMDczOTg3S0&k=NCLogo&kx=1&kt=12&kd=https://0bhmf.csb.app#scyrus@evolenthealth.com

    Score
    6/10
    ransomware

    • JavaScript code in executable

    • Program crash

    • Enumerates physical storage devices

      Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

      ransomware
    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks