Overview

overview

6

Static

static

phish_aler....0.eml

windows7-x64

6

phish_aler....0.eml

windows10-2004-x64

3

email-html-1.txt

windows7-x64

1

email-html-1.txt

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    phish_alert_sp2_2.0.0.0.eml

  • Size

    17KB

  • Sample

    221129-ztnz8aag8s

  • MD5

    469c6b98ec729223748113a6387cdfc1

  • SHA1

    fd7c68a0b5b998cd997c82af446f1fd40d988363

  • SHA256

    3af37283ec9f9aa34d3dc202e5e21e57e44dcf5cd76d17da0238d23c31a3c29c

  • SHA512

    3aa9cae41b051fb8d51c37e6de7649e038df7c9c934737a7de3437258594971a424a2680d18bf9f838d0a83c911b62cbade9a296f84a4971b9cfd6823f7e2557

  • SSDEEP

    192:C1sfTiq/1TXEjHRRS1j+z4aQfTSKeqG3BtaFPeBJEEbUFwaKRD/dsWsdsSIXILgN:3EjxW9fXyBYkEmUFwzvXegFs/+Czi5z

Score
6/10
collection

Malware Config

Targets

    • Target

      phish_alert_sp2_2.0.0.0.eml

    • Size

      17KB

    • MD5

      469c6b98ec729223748113a6387cdfc1

    • SHA1

      fd7c68a0b5b998cd997c82af446f1fd40d988363

    • SHA256

      3af37283ec9f9aa34d3dc202e5e21e57e44dcf5cd76d17da0238d23c31a3c29c

    • SHA512

      3aa9cae41b051fb8d51c37e6de7649e038df7c9c934737a7de3437258594971a424a2680d18bf9f838d0a83c911b62cbade9a296f84a4971b9cfd6823f7e2557

    • SSDEEP

      192:C1sfTiq/1TXEjHRRS1j+z4aQfTSKeqG3BtaFPeBJEEbUFwaKRD/dsWsdsSIXILgN:3EjxW9fXyBYkEmUFwzvXegFs/+Czi5z

    Score
    6/10
    collection

    • Accesses Microsoft Outlook profiles

      collection

    • Drops file in System32 directory

    behavioral1behavioral2

    • Target

      email-html-1.txt

    • Size

      7KB

    • MD5

      e41c8c282b9acaeae5eff067491e865f

    • SHA1

      9a2fe4fbe17a23b9d2db4797dcd0e33c69635637

    • SHA256

      41b5f76079f544defba1caeade27d08ac504b6ff38ae234efbf99980d3ac882b

    • SHA512

      d0a1b41c0cf106660f4646dd1ac6c14febda96ecbf9b0082207cca1b0fdeba96479da8c9c81324196da302004ef3573d7f472f7dc7ff0e9f5ba70da1b890e3e0

    • SSDEEP

      96:7Il9BtzvH1HbGeSKyKIcSJFWd8pv+Iinn134xZ0fVi20L9Vdy4ZNLOti4WDgYs+T:7I5t5/SKPTuvY1IxZscfXi8DgY8yV

    Score
    1/10
    behavioral3behavioral4

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Email Collection

1
T1114

Exfiltration

Command and Control

Impact

Tasks