Overview

overview

1

Static

static

1

login.php?...2.html

windows7-x64

1

login.php?...2.html

windows10-2004-x64

1

User tags

Assigned on submission by the user, not by sandbox detections.

Threatview.io Proactive Hunter

Sharing

Copy URL
Twitter E-mail

General

  • Target

    login.php?skip_api_login=1&api_key=966242223397117&signed_next=1&next=https:%2F%2Fwww.facebook.com%2Fsharer.php?u=https%3A%2F%2Fdetection.fyi%2Fsigmahq%2Fsigma%2Fwindows%2Fprocess_creation%2Fproc_creation_win_explorer_lolbin_execution%2.1

  • Size

    43KB

  • Sample

    240406-fa11wsag2x

  • MD5

    b2e14f5d9e523d6371eeb3523ea678b1

  • SHA1

    279f23cb03d92c75d20e83a46c399f097c24a24e

  • SHA256

    710bffd2fb503ed13b13d0794c03d296ca1980a1fae1b644feb73c295e2b83f4

  • SHA512

    4aae039e93e1f28ac5f0a3310eac581a01c4b25e1835988c2c059c554841304a8a9e4deb49a5c7ce2620b0d5fd7c9c9e86b3fdd725ab068350c26b5f084d853c

  • SSDEEP

    768:LViPsMnVzWN1ZGl7toI13+xDqO3mkHl9NwFOHtxt8R8xToleB0ptGu1CwNTeK:hiPsMnVmZ27+I13+xDhmkzNwFOHtxt8l

Score
1/10

Malware Config

Targets

    • Target

      login.php?skip_api_login=1&api_key=966242223397117&signed_next=1&next=https:%2F%2Fwww.facebook.com%2Fsharer.php?u=https%3A%2F%2Fdetection.fyi%2Fsigmahq%2Fsigma%2Fwindows%2Fprocess_creation%2Fproc_creation_win_explorer_lolbin_execution%2.1

    • Size

      43KB

    • MD5

      b2e14f5d9e523d6371eeb3523ea678b1

    • SHA1

      279f23cb03d92c75d20e83a46c399f097c24a24e

    • SHA256

      710bffd2fb503ed13b13d0794c03d296ca1980a1fae1b644feb73c295e2b83f4

    • SHA512

      4aae039e93e1f28ac5f0a3310eac581a01c4b25e1835988c2c059c554841304a8a9e4deb49a5c7ce2620b0d5fd7c9c9e86b3fdd725ab068350c26b5f084d853c

    • SSDEEP

      768:LViPsMnVzWN1ZGl7toI13+xDqO3mkHl9NwFOHtxt8R8xToleB0ptGu1CwNTeK:hiPsMnVmZ27+I13+xDhmkzNwFOHtxt8l

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks