hxxp://miniroyale[.]io | Triage

Submit
Reports

Overview

overview

8

Static

static

1

URLScan

urlscan

1

http://miniroyale.io

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

Target

http://miniroyale.io
Sample

230612-px8hxscc53

Score

8^/10

google persistence phishing

Static task

static1

URLScan task

urlscan1

Behavioral task

behavioral1

Sample

http://miniroyale.io

Resource

win10v2004-20230220-en

google persistence phishing

windows10-2004-x64

26 signatures

150 seconds

Malware Config

Targets

- Target
  
  http://miniroyale.io
Score

8^/10

google persistence phishing
- Downloads MZ/PE file
- Sets file execution options in registry
  persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Registers COM server for autorun
  persistence
- Checks system information in the registry
  System information is often read in order to detect sandboxing environments.
- Detected potential entity reuse from brand google.
  phishing google
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

urlscan1

behavioral1

googlepersistencephishing

© 2018-2025

Terms | Privacy