c809a194f34137549878aa40f1cbc02df4e26acfa0ad27012ff58b8dbdb0d786 | Triage

Submit
Reports

Overview

overview

8

Static

static

1

_MG_9578.jpg

windows10-2004-x64

8

Sharing

General

Target

_MG_9578.JPG
Size

7.3MB
Sample

231029-ran7waga8w
MD5

171645120b71e758b238f1d48bbd9051
SHA1

01962344acfad235de82e6889dfd6deb9b6d3b8e
SHA256

c809a194f34137549878aa40f1cbc02df4e26acfa0ad27012ff58b8dbdb0d786
SHA512

dbc2ec28c462fb31cb3c171d015295071382e6a4d79ac1d1500f889b1bd36a40f656bd4553a9dbb2a81e97aafbc03664bf59a01e2c0adf46d918eedb41366786
SSDEEP

196608:OgZO39s5LtYiw2HD2WNkFUBmU0Y70AK2LoMiTy:OgZ1NtYiwS2WNkCBmU0YzK2p3

Score

8^/10

microsoft discovery phishing upx

Static task

static1

Behavioral task

behavioral1

Sample

_MG_9578.jpg

Resource

win10v2004-20231023-en

microsoft discovery phishing upx

windows10-2004-x64

17 signatures

1800 seconds

Malware Config

Targets

- Target
  
  _MG_9578.JPG
- Size
  
  7.3MB
- MD5
  
  171645120b71e758b238f1d48bbd9051
- SHA1
  
  01962344acfad235de82e6889dfd6deb9b6d3b8e
- SHA256
  
  c809a194f34137549878aa40f1cbc02df4e26acfa0ad27012ff58b8dbdb0d786
- SHA512
  
  dbc2ec28c462fb31cb3c171d015295071382e6a4d79ac1d1500f889b1bd36a40f656bd4553a9dbb2a81e97aafbc03664bf59a01e2c0adf46d918eedb41366786
- SSDEEP
  
  196608:OgZO39s5LtYiw2HD2WNkFUBmU0Y70AK2LoMiTy:OgZ1NtYiwS2WNkCBmU0YzK2p3
Score

8^/10

microsoft discovery phishing upx
- Downloads MZ/PE file
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

microsoftdiscoveryphishingupx

© 2018-2024

Terms | Privacy