hxxps://ntintegratedtherapycomau-my[.]sharepoint[.]com/[:]f[:]/g/personal/camilla_ntintegratedtherapy_com_au/ErItCTzuCm5Gte3g8pH5Y2UBTfMMS_dSAjP8_DqvaWx5_g?e=FeZT3E | Triage

Submit
Reports

Overview

overview

8

Static

static

URLScan

urlscan

1

https://ntintegrated...

windows7-x64

1

https://ntintegrated...

windows10-2004-x64

8

Sharing

General

Target

https://ntintegratedtherapycomau-my.sharepoint.com/:f:/g/personal/camilla_ntintegratedtherapy_com_au/ErItCTzuCm5Gte3g8pH5Y2UBTfMMS_dSAjP8_DqvaWx5_g?e=FeZT3E
Sample

221122-e25ygsab96

Score

8^/10

microsoft persistence phishing

Static task

static1

URLScan task

urlscan1

Behavioral task

behavioral1

Sample

https://ntintegratedtherapycomau-my.sharepoint.com/:f:/g/personal/camilla_ntintegratedtherapy_com_au/ErItCTzuCm5Gte3g8pH5Y2UBTfMMS_dSAjP8_DqvaWx5_g?e=FeZT3E

Resource

win7-20221111-en

windows7-x64

5 signatures

300 seconds

Behavioral task

behavioral2

Sample

https://ntintegratedtherapycomau-my.sharepoint.com/:f:/g/personal/camilla_ntintegratedtherapy_com_au/ErItCTzuCm5Gte3g8pH5Y2UBTfMMS_dSAjP8_DqvaWx5_g?e=FeZT3E

Resource

win10v2004-20221111-en

microsoft persistence phishing

windows10-2004-x64

14 signatures

300 seconds

Malware Config

Targets

- Target
  
  https://ntintegratedtherapycomau-my.sharepoint.com/:f:/g/personal/camilla_ntintegratedtherapy_com_au/ErItCTzuCm5Gte3g8pH5Y2UBTfMMS_dSAjP8_DqvaWx5_g?e=FeZT3E
Score

8^/10

microsoft persistence phishing
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

urlscan1

behavioral1

behavioral2

microsoftpersistencephishing

© 2018-2024

Terms | Privacy