Overview

overview

6

Static

static

[external]...ul.eml

windows7-x64

6

[external]...ul.eml

windows10-2004-x64

3

email-html-2.txt

windows7-x64

1

email-html-2.txt

windows10-2004-x64

1

email-html-3.js

windows7-x64

1

email-html-3.js

windows10-2004-x64

1

email-plain-1.txt

windows7-x64

1

email-plain-1.txt

windows10-2004-x64

1

image001.png

windows7-x64

3

image001.png

windows10-2004-x64

3

image002.png

windows7-x64

3

image002.png

windows10-2004-x64

3

image003.png

windows7-x64

3

image003.png

windows10-2004-x64

3

image004.png

windows7-x64

3

image004.png

windows10-2004-x64

3

image005.png

windows7-x64

3

image005.png

windows10-2004-x64

5

image006.png

windows7-x64

3

image006.png

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    [external] Re_ Automatic payment via Credit Card successful.eml

  • Size

    359KB

  • Sample

    220930-te5rjaehhq

  • MD5

    43b96d94645cf214099f61dbf9b99a77

  • SHA1

    609078efcfe6cbfdf06572af4407dcfd6e92d622

  • SHA256

    24c4f94de545416dfd664bd6b545fd4264e73e6a998730e9e035c58e03d7c30f

  • SHA512

    e6b941cb1d9c29bc602cb7da9525f2193b98c151cb19e47958bb938507538d06b347506d6d68f9fe0545852f8fcaf38a6b733dc8654b524a90fe57a4654ffd60

  • SSDEEP

    6144:UTx3bnsBQscikDtjj490vUo72quVbg5bLGZfk0ZA/8NcXoCWQwe7W1vo57:UTx3bnsBQscigtH4XKi0mvA8Mwe78e

Score
6/10
collection

Malware Config

Targets

    • Target

      [external] Re_ Automatic payment via Credit Card successful.eml

    • Size

      359KB

    • MD5

      43b96d94645cf214099f61dbf9b99a77

    • SHA1

      609078efcfe6cbfdf06572af4407dcfd6e92d622

    • SHA256

      24c4f94de545416dfd664bd6b545fd4264e73e6a998730e9e035c58e03d7c30f

    • SHA512

      e6b941cb1d9c29bc602cb7da9525f2193b98c151cb19e47958bb938507538d06b347506d6d68f9fe0545852f8fcaf38a6b733dc8654b524a90fe57a4654ffd60

    • SSDEEP

      6144:UTx3bnsBQscikDtjj490vUo72quVbg5bLGZfk0ZA/8NcXoCWQwe7W1vo57:UTx3bnsBQscigtH4XKi0mvA8Mwe78e

    Score
    6/10
    collection

    • Accesses Microsoft Outlook profiles

      collection

    • Drops file in System32 directory

    behavioral1behavioral2

    • Target

      email-html-2.txt

    • Size

      21KB

    • MD5

      bd66c4e8ee943d16ac4345314ad090b0

    • SHA1

      43fb7f2c3cdf2aefc2cb7312d878e8313c7d1e86

    • SHA256

      710fb3cf81042fd772abeda1b0e7cefd1360703c38d60341f8e66598d8802b29

    • SHA512

      479645ce2ac2675c72aadd0c5a813c4131d79b1c6a86066d1bf6dfa199a0ec2d49827ff00a96eddbe5a6b2a6ee927cc40adfb5574d02c9e46d9fb3deea9816be

    • SSDEEP

      384:w8ee1VlgzenAxFTRJRUuAN01XXgyve9g38s9gXRONO11zE3IG8f5Nu9Uer92Dv8C:w8eecjcfFXFG8DW2Dhfy5Cp5r6jc5cy

    Score
    1/10
    behavioral3behavioral4

    • Target

      email-html-3.txt

    • Size

      59KB

    • MD5

      0d270a232500045b2d686cb0e619727c

    • SHA1

      0724f5edba3a8f830212d91cf6845249c370d70a

    • SHA256

      8462747cb460e25af72c1918954c264e9d03f79830b886e09ee2952d8ced6ec6

    • SHA512

      2cfb89602ad3b57142f575a9fb30be3133b46c98c41ac5f8df39664becc8a48b47f163391b6c0ab741de062204520b40a97ec5e0c169f64da344dad4a05d86cc

    • SSDEEP

      1536:c4RCamTmtTr3DYUY7gmmQITIfveZ/J5XhlSTeTqVLRbi6IT2CfOzzlNwaTf2/5zv:3

    Score
    1/10
    behavioral5behavioral6

    • Target

      email-plain-1.txt

    • Size

      4KB

    • MD5

      4db029f6541dff1ce900b3a1f60093cd

    • SHA1

      8420f0ab1edffad4265d257a911abee054d79186

    • SHA256

      431c4b54cd304428be84231dc495a50362584461fe7f5b53fc221a7d79805bd1

    • SHA512

      182c06f7f68896ed34287f62ea76594a687cb17927a812a7e6f8746426855f6b44c7c56108747b8a932eaa53b5c4ecb8ad8b198f7b167da2f09f779c8179d81b

    • SSDEEP

      96:iZQxYT/wzKR4eXOD4ds9gcFTTt14nSKO/zFKRAXdD4Ls9gcNfLx:iZQxC/wmR4eeD4ds9gwB14SDzkRAtD4g

    Score
    1/10
    behavioral7behavioral8

    • Target

      image001.png

    • Size

      106KB

    • MD5

      b2bd78ba51b2d54b2d3a9bd969e9bee8

    • SHA1

      a8858f359b53a53a07c25d0718a044f8ccb74a72

    • SHA256

      8f2ad90bf07789079ddaa8a9089c3213d32c71d093588188e95f8d724aeb4d97

    • SHA512

      84cfac8f5def0091cd98c7b8677c1fc87e107e8a65550129043a9108a3e65d097946b634f74e5b1628730c62b5944b70f5c65f16552a7bb7e73e900ad4f8021f

    • SSDEEP

      1536:WLGtLn89ewUlb1mJb1Cy60a7NqZaVGDg8ZqKg4oz3wqIfsWsPBWpHGyKrPA+Utg:LtY/Jb1wNqZW2R7ozAq2swjqwg

    Score
    3/10
    behavioral9behavioral10

    • Target

      image002.png

    • Size

      7KB

    • MD5

      7e1d6233c93755d30067179b66d4642a

    • SHA1

      ac68587bd8dbf7219772356cde14503231792e19

    • SHA256

      c588ed0a04689e52654c9f82754d787373b05e6cf715c24d551d91d6befb2075

    • SHA512

      a8a3bac6841b56564cf0fc7db602ba93f98fa5a4c25fb5eb51a9c2ddcf0af7e5600e5ce81d8e9fed667edc6497ce6212f469343fb75558ebedca3e59aaad0da4

    • SSDEEP

      192:8nnHNsMzDCrqxSf4zZucgah4xNU8uYeEfLKi7d:8nHkPC4xNU8mQLzx

    Score
    3/10
    behavioral11behavioral12

    • Target

      image003.png

    • Size

      33KB

    • MD5

      29694f85203bac52a86715bc04313490

    • SHA1

      4607745697f441363c5a3c0aaa80fa0f46a736d0

    • SHA256

      11020355e65d1ab9fcc370d4b36342ab60bd64735ab93a8d5fb1fac8b8b9e779

    • SHA512

      a9e9f1d0db7d2b1bae7f9fcec8175dfac926ca450cc4ee357154e7fadb2cc3205d30815e98f1c4ba6948bb206e6226e18d3e9d647d0b01c6a2842f7bd0f843bf

    • SSDEEP

      768:tVuj5FbTeBut2bR3DOCpUld/SIxV59el4xro1WAr8Nvdy5GgEbhhK:tMYBut2bJPmdxV5OurEYs0gCrK

    Score
    3/10
    behavioral13behavioral14

    • Target

      image004.png

    • Size

      12KB

    • MD5

      d85557cff61bc277a36dad84c7f46b53

    • SHA1

      520acb1879afc4da556d229a24e70c911167db95

    • SHA256

      11bd490117d116df754df048a31c3c1f200d19009d9491a22ef8b3ae5fe1ced4

    • SHA512

      3469574928db4778f682d30c33a59c32206504c59dd2907407b1cb0da2a12758a194b6c236908e2ffad820a25416bab0fa38621dae8861baab38b7f194a638f4

    • SSDEEP

      384:iEB4LuGxHCh1aTSGqGZPFWkNNF4J/cAdqmaU7W:iE7kHckz9NWANgBW

    Score
    3/10
    behavioral15behavioral16

    • Target

      image005.png

    • Size

      12KB

    • MD5

      e8356426fba09e20195964180d4a116d

    • SHA1

      2a08962abeff4d97346bceb5815f5375a8385d30

    • SHA256

      a260d43f8ecc63e9ea6182a74cf4dbf2d9ca500f80bcc4b4ba93b44329333a59

    • SHA512

      a418207285bc47c8e19c84f1c479ba9286c41a8ddcef34fd346b19bd1405b181a60068964ed925cbdb9400a86921f5a945e63ad77e69932647b178957dbf72eb

    • SSDEEP

      192:SMu9WknHqu7vHUFR48zGaey+V3t3iKKnxC/QHUFOJKiZ57BbxuiUHYZGjN:NuokKu7HUFR4Fatcd3VjOUIAiZbbQ

    Score
    5/10

    • Drops file in System32 directory

    behavioral17behavioral18

    • Target

      image006.png

    • Size

      12KB

    • MD5

      a346a4e2f7efea0ff1fd9019bb4b5f86

    • SHA1

      73a64ccc7f728e5ea3d45bfb295a4215a61aa594

    • SHA256

      6ed938cc280fedb30723b4088a4cdf7f6654ac2c8edce93c777f7191dec88ce5

    • SHA512

      89273e55db8c9fe45a62560d291cf49174b1359e505b9e740817b9ca75e1c081b8edb2d9ed57d3a1f509005cb8cabec88fac991a28f824f11a638b1a1847e01b

    • SSDEEP

      384:sRCnFegcd8xR6XTqoOhDTZN6yqagw9GnKtBLT2:sRhgcd8+oT+QMUT2

    Score
    3/10
    behavioral19behavioral20

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

System Information Discovery

9
T1082

Query Registry

2
T1012

Lateral Movement

Collection

Email Collection

1
T1114

Exfiltration

Command and Control

Impact

Tasks