479e35ec9e5fb0d36987bc9941b243a1b943ae20cb063b44b278b7adee4aa9df | Triage

Submit
Reports

Overview

overview

7

Static

static

526f1e6cf6...mp.exe

windows7_x64

1

526f1e6cf6...mp.exe

windows10_x64

7

Sharing

General

Target

526f1e6cf62c73b2f8e4c325c234bee6a2590de0.tmp
Size

12.2MB
Sample

211109-tdyxlafee3
MD5

3d59560cefc7bc7cd835d7cfa9e76615
SHA1

526f1e6cf62c73b2f8e4c325c234bee6a2590de0
SHA256

479e35ec9e5fb0d36987bc9941b243a1b943ae20cb063b44b278b7adee4aa9df
SHA512

9cf48a91d248abd437897ae71beeca2f11b27e4ae0f4ab7e04f5d147e8d6bc677b54ff71912f46fcf7134e5ad57cfc4d94126dd2df6a4b2d38b8b31e949b9593

Score

7^/10

microsoft phishing

Static task

static1

Behavioral task

behavioral1

Sample

526f1e6cf62c73b2f8e4c325c234bee6a2590de0.tmp.exe

Resource

win7-en-20211104

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

526f1e6cf62c73b2f8e4c325c234bee6a2590de0.tmp.exe

Resource

win10-en-20211014

microsoft phishing

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  526f1e6cf62c73b2f8e4c325c234bee6a2590de0.tmp
- Size
  
  12.2MB
- MD5
  
  3d59560cefc7bc7cd835d7cfa9e76615
- SHA1
  
  526f1e6cf62c73b2f8e4c325c234bee6a2590de0
- SHA256
  
  479e35ec9e5fb0d36987bc9941b243a1b943ae20cb063b44b278b7adee4aa9df
- SHA512
  
  9cf48a91d248abd437897ae71beeca2f11b27e4ae0f4ab7e04f5d147e8d6bc677b54ff71912f46fcf7134e5ad57cfc4d94126dd2df6a4b2d38b8b31e949b9593
Score

7^/10

microsoft phishing
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

microsoftphishing

© 2018-2024

Terms | Privacy