629492ea4b35b747ef147532e59f3b66d0cf7c76359dd0b28252d72f5c1ec850 | Triage

Sharing

General

Target

Play_VM-Now(Pta)CLQD.html
Size

1KB
Sample

240905-det22asgrd
MD5

3abc8b16460f4d27bf4d022bdfe9d48a
SHA1

7fd9ae2e988aa96d2e085a47a2466fd6c67ddd3a
SHA256

629492ea4b35b747ef147532e59f3b66d0cf7c76359dd0b28252d72f5c1ec850
SHA512

4b839e620d6f2fe4b916f3eacd4699cb527ded056f9c55b49c8fe51c341cf96ac8fc17996d642cecfc85c29beab4cf2d8598cc89e371be5c6cdda8553c09506f

Score

6^/10

discovery

Malware Config

Targets

- Target
  
  Play_VM-Now(Pta)CLQD.html
- Size
  
  1KB
- MD5
  
  3abc8b16460f4d27bf4d022bdfe9d48a
- SHA1
  
  7fd9ae2e988aa96d2e085a47a2466fd6c67ddd3a
- SHA256
  
  629492ea4b35b747ef147532e59f3b66d0cf7c76359dd0b28252d72f5c1ec850
- SHA512
  
  4b839e620d6f2fe4b916f3eacd4699cb527ded056f9c55b49c8fe51c341cf96ac8fc17996d642cecfc85c29beab4cf2d8598cc89e371be5c6cdda8553c09506f
Score

6^/10

discovery
- Legitimate hosting services abused for malware hosting/C2
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2