ae636de9b33c5f5d977ad9bb9fb24e83b077fc68eeb0297456792da762a08d41 | Triage

Submit
Reports

Overview

overview

7

Static

static

WAXE8BB.tmp.exe

windows7_x64

1

WAXE8BB.tmp.exe

windows10_x64

7

Sharing

General

Target

WAXE8BB.tmp
Size

8.5MB
Sample

211007-np1bxaccc9
MD5

3bb9fab5db7a39bb92fea50b1e5847e0
SHA1

0c77af1d4fabfba73faf990d7d2384e7f96c61b0
SHA256

ae636de9b33c5f5d977ad9bb9fb24e83b077fc68eeb0297456792da762a08d41
SHA512

a3cde6738018db98372ebcbde0f3816621aa16a21b28223baa94a1053865b6e026422cf92709ab9c751aaf4799fabf783feedbb0d78d4990f4a14a6cb17dc307

Score

7^/10

microsoft phishing

Static task

static1

Behavioral task

behavioral1

Sample

WAXE8BB.tmp.exe

Resource

win7-en-20210920

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

WAXE8BB.tmp.exe

Resource

win10v20210408

microsoft phishing

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  WAXE8BB.tmp
- Size
  
  8.5MB
- MD5
  
  3bb9fab5db7a39bb92fea50b1e5847e0
- SHA1
  
  0c77af1d4fabfba73faf990d7d2384e7f96c61b0
- SHA256
  
  ae636de9b33c5f5d977ad9bb9fb24e83b077fc68eeb0297456792da762a08d41
- SHA512
  
  a3cde6738018db98372ebcbde0f3816621aa16a21b28223baa94a1053865b6e026422cf92709ab9c751aaf4799fabf783feedbb0d78d4990f4a14a6cb17dc307
Score

7^/10

microsoft phishing
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

microsoftphishing

© 2018-2024

Terms | Privacy