31a68ed6b2adb472576b3238e126f7a945a27b7febe4bae256e578310c36a982 | Triage

Resubmissions

22-11-2022 15:13

221122-sl31vagd72 6

22-11-2022 15:05

221122-sf5bqabf5y 5

Sharing

General

Target

PaymentReceipt.msg
Size

135KB
Sample

221122-sl31vagd72
MD5

190b2f2f4eb5361a9d88e313d2b4844e
SHA1

79ea96adc49c7fc4b2fdaba58a46416fa20fb003
SHA256

31a68ed6b2adb472576b3238e126f7a945a27b7febe4bae256e578310c36a982
SHA512

94e580bc30ac820f878a78b9111c4fead2682c03bf40d5d62a0960fe41b6c57b8053ef2a37499e6bafc4ba8e9ab7d4c57412525777a718fde4a28ef90d26f94c
SSDEEP

3072:2wMvQMvBkEqDCnukEntrMCoPDsaW+U0KWdt+saSZ/SU/p96NTXO0ni:2zvRJkEqDCnukEntrMCoPDswt+saSZ/c

Score

6^/10

microsoft collection phishing

Malware Config

Targets

- Target
  
  PaymentReceipt.msg
- Size
  
  135KB
- MD5
  
  190b2f2f4eb5361a9d88e313d2b4844e
- SHA1
  
  79ea96adc49c7fc4b2fdaba58a46416fa20fb003
- SHA256
  
  31a68ed6b2adb472576b3238e126f7a945a27b7febe4bae256e578310c36a982
- SHA512
  
  94e580bc30ac820f878a78b9111c4fead2682c03bf40d5d62a0960fe41b6c57b8053ef2a37499e6bafc4ba8e9ab7d4c57412525777a718fde4a28ef90d26f94c
- SSDEEP
  
  3072:2wMvQMvBkEqDCnukEntrMCoPDsaW+U0KWdt+saSZ/SU/p96NTXO0ni:2zvRJkEqDCnukEntrMCoPDswt+saSZ/c
Score

6^/10

collection
- Accesses Microsoft Outlook profiles
  collection
- Drops file in System32 directory
behavioral1 behavioral2
- Target
  
  ATT56422.html
- Size
  
  66KB
- MD5
  
  e901cb84ab92322beef1feb551067188
- SHA1
  
  5c9333a1660d3d6f94117eb1153b084641755298
- SHA256
  
  81dc994acdbb669272cc6d37e5cbfb1de6850f9844d41e5b478580494895afcd
- SHA512
  
  a3184269c6efd761166cab0bc944b454fcc5295027c913055f12c33fa46ce5ad85d0e48ee962aa94624a1a7310c3a8da86d3af8da9bdc2ad050606bcfe0ac04e
- SSDEEP
  
  1536:7v4i/7RHfUhPEqDCllukEntrMCoPDzI69W+U0KWgkbt+saSZ/SU/p96M4TptO0o:LkEqDCnukEntrMCoPDsaW+U0KWdt+saC
Score

5^/10

microsoft phishing
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral3 behavioral4

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Email Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

microsoftphishing