Overview
overview
5Static
static
4External ...18.eml
windows7-x64
5External ...18.eml
windows10-2004-x64
3FZDVFGZE.jpg
windows7-x64
3FZDVFGZE.jpg
windows10-2004-x64
3RingCentra...il.pdf
windows7-x64
1RingCentra...il.pdf
windows10-2004-x64
1email-html-2.html
windows7-x64
1email-html-2.html
windows10-2004-x64
1email-plain-1.txt
windows7-x64
1email-plain-1.txt
windows10-2004-x64
1Analysis
-
max time kernel
94s -
max time network
16s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
24-06-2024 11:31
Behavioral task
behavioral1
Sample
External A New Audio VN available from Matthew _2112779118.eml
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
External A New Audio VN available from Matthew _2112779118.eml
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
FZDVFGZE.jpg
Resource
win7-20240508-en
Behavioral task
behavioral4
Sample
FZDVFGZE.jpg
Resource
win10v2004-20240611-en
Behavioral task
behavioral5
Sample
RingCentral_e-Voicemail.pdf
Resource
win7-20240221-en
Behavioral task
behavioral6
Sample
RingCentral_e-Voicemail.pdf
Resource
win10v2004-20240508-en
Behavioral task
behavioral7
Sample
email-html-2.html
Resource
win7-20240508-en
Behavioral task
behavioral8
Sample
email-html-2.html
Resource
win10v2004-20240226-en
Behavioral task
behavioral9
Sample
email-plain-1.txt
Resource
win7-20240508-en
Behavioral task
behavioral10
Sample
email-plain-1.txt
Resource
win10v2004-20240611-en
General
-
Target
RingCentral_e-Voicemail.pdf
-
Size
72KB
-
MD5
17f7d8c5859e45b196a0c6728a3e45cf
-
SHA1
4c6cc2c9c0762494922ce0da4884953a861cee50
-
SHA256
0a99dcb4d6465d22a857396d0de737b2780a900bcea8992386b801cf2076e0ef
-
SHA512
b1ff36bca94c7a9aef2473db5890198b6effd06b91b19b5eec7cc21fff1ac0e3ec2925ff7fdbd762fee1186412faaabd03ed00a1b92b3a7992d27b2ed18c0770
-
SSDEEP
1536:kONCqgprCVh2yoWbv2wt9VUJsi6lgDxQIoBY2jKSBcQeP:kOcLpiRn2wCJGSNpoBYKK6cNP
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 1912 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
Processes:
AcroRd32.exepid process 1912 AcroRd32.exe 1912 AcroRd32.exe 1912 AcroRd32.exe 1912 AcroRd32.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD579e008b653b041e622b40dba7ebdb6c8
SHA195a680ce4aa634eaa7a88ffcda38fb9c68bea490
SHA25691c550ed494ca78f44838ae11f2f6eb73803e26746afd258cb84c602aeaef5a6
SHA512642da0cd9e9ebfa1ec6085a5c3d2d52903c1be927e026a489c4fcdbfbc205b1867dac568fba601af27d02b27c1d5bcc5c0fcf766acab4d52f24686d633119428