42634068796ae44f472cb46f2f5a2efa57b8fb1dc812db822dcd9f667a9c5d6e | Triage

Submit
Reports

Overview

overview

6

Static

static

1

Customer I...8.html

windows10-1703-x64

6

Sharing

Copy URL Twitter E-mail

General

Target

Customer Invoice - VANCOUVER AUTO LIQUIDATION CENTER LTD - VAQ28.html
Size

1.1MB
Sample

230418-lwzmvaaf99
MD5

d208c48729e45d010a0a8d6f4a42a676
SHA1

ce9e46c7a711c9edb4529ebaa35cecc84daadeb1
SHA256

42634068796ae44f472cb46f2f5a2efa57b8fb1dc812db822dcd9f667a9c5d6e
SHA512

1332536f44602fb5a5810c482aadd90f3d6ad8a5bc5914af8183ee876ec025d24907f613c00b5a66fef80c30f474b876387adc6993aa8f499a83f28a503c1f08
SSDEEP

24576:jt+JCmQ+eJyNvrbDRoQbkzkIfkIlF6rFbrIaoybV:jiCmQc1r5oybV

Score

6^/10

Static task

static1

Behavioral task

behavioral1

Sample

Customer Invoice - VANCOUVER AUTO LIQUIDATION CENTER LTD - VAQ28.html

Resource

win10-20230220-en

windows10-1703-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  Customer Invoice - VANCOUVER AUTO LIQUIDATION CENTER LTD - VAQ28.html
- Size
  
  1.1MB
- MD5
  
  d208c48729e45d010a0a8d6f4a42a676
- SHA1
  
  ce9e46c7a711c9edb4529ebaa35cecc84daadeb1
- SHA256
  
  42634068796ae44f472cb46f2f5a2efa57b8fb1dc812db822dcd9f667a9c5d6e
- SHA512
  
  1332536f44602fb5a5810c482aadd90f3d6ad8a5bc5914af8183ee876ec025d24907f613c00b5a66fef80c30f474b876387adc6993aa8f499a83f28a503c1f08
- SSDEEP
  
  24576:jt+JCmQ+eJyNvrbDRoQbkzkIfkIlF6rFbrIaoybV:jiCmQc1r5oybV
Score

6^/10
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy