Overview

overview

6

Static

static

ffcfbe72-c...af.eml

windows7-x64

6

ffcfbe72-c...af.eml

windows10-2004-x64

3

email-html-1.html

windows7-x64

1

email-html-1.html

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Quarantined Messages.zip

  • Size

    12KB

  • Sample

    221123-ksq1vshe74

  • MD5

    b60a2721b413df1e953a3f449a5cfa8d

  • SHA1

    6f09408178844a121e2496d352ca5291d150511f

  • SHA256

    1d4e551be7e915d456c9f8330d8e063c9025664975430aa9de2df24727a04d5a

  • SHA512

    2194ca68a59334f3a52222a2fe9c793120aa044dbeae097458ce16b726ba76f2ab48fafdef1ed40f403dee1f124f41476ad729a0be2466ae46e308768f66f279

  • SSDEEP

    192:Wx3c1909upeRlGQQSW5yX+X7ynAPt6lkfcurGhXSuJrXiGK86VLB1K6ePK2tFCQ/:WEAuu6SW5YBnKrtmiuJC8S+tIQ/

Score
6/10
collection

Malware Config

Targets

    • Target

      ffcfbe72-cb97-4d57-2284-08dacd133a69/96bc5dc5-7f24-5cc9-7579-52f3ef64e6af.eml

    • Size

      28KB

    • MD5

      e80681ab4916a184f787ecef84c0e482

    • SHA1

      09f9d11484ee77a26a7fd8e7e2fd67f1ee5618e9

    • SHA256

      041185d640e745253b8777f31848f7d9986faa85042f525a7130ca364850d03c

    • SHA512

      a2809307f9e2c127f07576135a7262edbcb591325c1b3af55e033a0e434e70f5f9371b67a5f8325d066b0bc7275e64eb2489cc47c76715af6cc9eac4bbb5f4eb

    • SSDEEP

      768:jDaIi0q0QvTuU1ARRFRRRgvRF888888888888XVeyoOX:jDo30+SU1ARRFRRRgvRF88888888888A

    Score
    6/10
    collection

    • Accesses Microsoft Outlook profiles

      collection

    • Drops file in System32 directory

    behavioral1behavioral2

    • Target

      email-html-1.txt

    • Size

      11KB

    • MD5

      74dbcddba470ca9ab869a3f59b858af2

    • SHA1

      d3177896e02ddf50759eabed9dfe415dfce1fe98

    • SHA256

      55c8f3f2453432c3ee288de39b8fa065f3cdc3d02227da90970b31dd1ff95783

    • SHA512

      7ec9f2ebc69c4ceeea62ff9def1d7e8447c33b9351423bc702835349124bc94f14f0b1f35ba6fd387d22690b6e0e382b36fd3429868ef1921fefd1b2b1e0c787

    • SSDEEP

      192:Y+qJ4DaE0tcUS2IaqosgQb3tBb3tBb3tBS3tBb3tBb3tBb3tBSU2pnaqosytBb3t:SJWD9US2IlosgQb3Hb3Hb3HS3Hb3Hb3P

    Score
    1/10
    behavioral3behavioral4

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

System Information Discovery

2
T1082

Query Registry

1
T1012

Lateral Movement

Collection

Email Collection

1
T1114

Exfiltration

Command and Control

Impact

Tasks