50c3e40c19a5a61cffd885b590d961bc8be69412c772ddbb14d6bd3328281949 | Triage

Submit
Reports

Overview

overview

Static

static

1

Mentor-Tan...4.html

windows7-x64

3

Mentor-Tan...4.html

windows10-2004-x64

Sharing

General

Target

Mentor-Tanner-Tools-2019-Free-479524.html
Size

31KB
Sample

241023-s7lzfszfjj
MD5

66beafd8a01b95b56969ad330ff5c9aa
SHA1

ef5b3ce2bc1fcc9909f071a796bee5f862a69172
SHA256

50c3e40c19a5a61cffd885b590d961bc8be69412c772ddbb14d6bd3328281949
SHA512

375b5829d8d8d4c69f8582e7e4bb9a9baaef810a771c214971d00adfd52d838c5ea9c1f251ef13b43c5bc141022765aaa590822e9ef3e19ee9180a30d26e274a
SSDEEP

384:+kSuhDEnNWjLcc2ue9yHUqDDUTbV6dqReyjTDXTKeaDQmGEFl8R07bZ+hNQud7yB:SD+a15RMiKte/Oig/Z2EZ

Score

10^/10

google defense_evasion discovery persistence phishing

Static task

static1

Behavioral task

behavioral1

Sample

Mentor-Tanner-Tools-2019-Free-479524.html

Resource

win7-20241010-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

Mentor-Tanner-Tools-2019-Free-479524.html

Resource

win10v2004-20241007-en

google defense_evasion discovery persistence phishing

windows10-2004-x64

25 signatures

150 seconds

Malware Config

Targets

- Target
  
  Mentor-Tanner-Tools-2019-Free-479524.html
- Size
  
  31KB
- MD5
  
  66beafd8a01b95b56969ad330ff5c9aa
- SHA1
  
  ef5b3ce2bc1fcc9909f071a796bee5f862a69172
- SHA256
  
  50c3e40c19a5a61cffd885b590d961bc8be69412c772ddbb14d6bd3328281949
- SHA512
  
  375b5829d8d8d4c69f8582e7e4bb9a9baaef810a771c214971d00adfd52d838c5ea9c1f251ef13b43c5bc141022765aaa590822e9ef3e19ee9180a30d26e274a
- SSDEEP
  
  384:+kSuhDEnNWjLcc2ue9yHUqDDUTbV6dqReyjTDXTKeaDQmGEFl8R07bZ+hNQud7yB:SD+a15RMiKte/Oig/Z2EZ
Score

10^/10

discovery google defense_evasion persistence phishing
- Detected google phishing page
  phishing google
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Modifies file permissions
  discovery
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Indicator Removal: File Deletion
  Adversaries may delete files left behind by the actions of their intrusion activity.
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

File and Directory Permissions Modification

Indicator Removal

File Deletion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

googledefense_evasiondiscoverypersistencephishing

© 2018-2024

Terms | Privacy