Overview

overview

6

Static

static

RRRRRRR.eml

windows10-1703-x64

3

RRRRRRR.eml

windows7-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    RRRRRRR.mhtml

  • Size

    1016KB

  • Sample

    221128-nydt9sbc66

  • MD5

    b7260051b04d2d09fb386829a6863aa0

  • SHA1

    a51208f29ab322113c367f5f3a37dd8107e2b160

  • SHA256

    fcc08d30a2cec28522c62be3157c575495cc304ae4e265a342ee2f19ff75b766

  • SHA512

    31af0533c5e0188974292f43d77eb40bc1fae1b5addc6ebd0f53f883ff9c9705c1c11e59ae8381d50ca37a4eac5239b3c6017b4d2ac1a65a8119f6e7ba50556a

  • SSDEEP

    12288:gWjBqcJxZTDVLf9GCzJxXzaxBycW/NCfedctqfDxsw:ZzJxXzaxhqcedpiw

Score
6/10
collection

Malware Config

Targets

    • Target

      RRRRRRR.mhtml

    • Size

      1016KB

    • MD5

      b7260051b04d2d09fb386829a6863aa0

    • SHA1

      a51208f29ab322113c367f5f3a37dd8107e2b160

    • SHA256

      fcc08d30a2cec28522c62be3157c575495cc304ae4e265a342ee2f19ff75b766

    • SHA512

      31af0533c5e0188974292f43d77eb40bc1fae1b5addc6ebd0f53f883ff9c9705c1c11e59ae8381d50ca37a4eac5239b3c6017b4d2ac1a65a8119f6e7ba50556a

    • SSDEEP

      12288:gWjBqcJxZTDVLf9GCzJxXzaxBycW/NCfedctqfDxsw:ZzJxXzaxhqcedpiw

    Score
    6/10
    collection

    • Accesses Microsoft Outlook profiles

      collection

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Email Collection

1
T1114

Exfiltration

Command and Control

Impact

Tasks