23835d53eae0e8d10d81d6d5718a18b346fb3358adaec23f028daa6d1b41c515 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

1

28090-feti...d.html

windows7-x64

3

28090-feti...d.html

windows10-2004-x64

7

Sharing

General

Target

28090-fetish-locator-week-two-free-download.html
Size

37KB
Sample

240802-1btcnawblg
MD5

a792149c9ede049def8aa98a7feae3c9
SHA1

3be2dfa24f829c5e4fe813f71e4dd543d13f6cf5
SHA256

23835d53eae0e8d10d81d6d5718a18b346fb3358adaec23f028daa6d1b41c515
SHA512

4c6a1b563f851001f9a8104bad60e5af8c3f3803f22abdd8d386e1c5b1ceead2da642f2ec8cdeb6fe59c3a45d78c0408dde1fd43da0a4e9983cd0adc55d8a576
SSDEEP

384:RyLfr5yp0rRuhIz0FJ3RY2GQCIkD4xrSxRvCxeGY/UwKxHzN05frtWnZg2S8+n5M:Rqj+zN0FrtWnZIYuZojV

Score

7^/10

discovery motw phishing

Static task

static1

Behavioral task

behavioral1

Sample

28090-fetish-locator-week-two-free-download.html

Resource

win7-20240729-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

28090-fetish-locator-week-two-free-download.html

Resource

win10v2004-20240802-en

discovery motw phishing

windows10-2004-x64

15 signatures

150 seconds

Malware Config

Targets

- Target
  
  28090-fetish-locator-week-two-free-download.html
- Size
  
  37KB
- MD5
  
  a792149c9ede049def8aa98a7feae3c9
- SHA1
  
  3be2dfa24f829c5e4fe813f71e4dd543d13f6cf5
- SHA256
  
  23835d53eae0e8d10d81d6d5718a18b346fb3358adaec23f028daa6d1b41c515
- SHA512
  
  4c6a1b563f851001f9a8104bad60e5af8c3f3803f22abdd8d386e1c5b1ceead2da642f2ec8cdeb6fe59c3a45d78c0408dde1fd43da0a4e9983cd0adc55d8a576
- SSDEEP
  
  384:RyLfr5yp0rRuhIz0FJ3RY2GQCIkD4xrSxRvCxeGY/UwKxHzN05frtWnZg2S8+n5M:Rqj+zN0FrtWnZIYuZojV
Score

7^/10

discovery motw phishing
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Mark of the Web detected: This indicates that the page was originally saved or cloned.
  phishing motw
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverymotwphishing

© 2018-2025

Terms | Privacy