c7e0c721799b060365baffbdea91c83b3e90e76694488f706338d61b80814eb1 | Triage

Submit
Reports

Overview

overview

Static

static

Order numb...).html

windows10_x64

Sharing

General

Target

Order number 4192 (Account Invoice 1681_00001849).msg
Size

109KB
Sample

211025-hs6efagfek
MD5

f9861f2456317bc0785e12e7454c1f3b
SHA1

f1e817eb328f50b86282a0090b028176d9c28d18
SHA256

c7e0c721799b060365baffbdea91c83b3e90e76694488f706338d61b80814eb1
SHA512

0f12a4daa127f181e7184f2404048772b6cf3b38677c9155a9f815ad66c98970fd42450d31b66037593efa05bbbd33b1a0ad3094535453020b658be39ae75df5

Score

10^/10

microsoft persistence phishing

Static task

static1

Behavioral task

behavioral1

Sample

Order number 4192 (Account Invoice 168100001849).html

Resource

win10-de-20211014

microsoft persistence phishing

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  Order number 4192 (Account Invoice 168100001849).html
- Size
  
  5KB
- MD5
  
  ce95e62ba83415bc28b21711e98baa13
- SHA1
  
  29f9bd33074e201af10119b52797f61dbf50347e
- SHA256
  
  4c059d9876c3e0ab630bbf69f3fb3d55bad17819ffa59c1636b280218bc65acc
- SHA512
  
  0b440b0963f738142bb20e96aac24ccf0606acb09b1f24bedfb1d37e94690163e90222424060f8837b5364521ce8622e07a9ca14eed87d047e61614a70d275e4
Score

10^/10

microsoft persistence phishing
- Registers COM server for autorun
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

microsoftpersistencephishing

© 2018-2024

Terms | Privacy