a8bc9a4c9133c21962a6abd9b0bade6ee609df84c0e69c957d6a1b3ff2fcb49e | Triage

Resubmissions

09-11-2024 00:07

241109-aee2bsshjj 8

Sharing

General

Target

92a8cc4e385f170db300de8d423686eeeec72a32475a9356d967bee9e3453138.zip
Size

23KB
Sample

241109-aee2bsshjj
MD5

099bdd2f0eda8aa0584bb94672318244
SHA1

840e2cdd802971d462d709133b42bc5c567a70ae
SHA256

a8bc9a4c9133c21962a6abd9b0bade6ee609df84c0e69c957d6a1b3ff2fcb49e
SHA512

ff5d68d73983561708f29e8427a56e2319efd3ed318e4aac24ba442e25d0fa431a9415b2441c367521500b56799b0cf9d960fc2158b8e4777997c4cf3d1963aa
SSDEEP

384:qQgUT3LgKpDq4xq1B/mk4z/OoJBqWBwtUtbUOa12M9353T5fBd/w8h:qQvT3BpDkB/mkARqwwtU1aMMHj5fBtwo

Score

8^/10

google discovery dropper phishing

Malware Config

Targets

- Target
  
  92a8cc4e385f170db300de8d423686eeeec72a32475a9356d967bee9e3453138.vbs
- Size
  
  74KB
- MD5
  
  acfba6ff2e80e0ebc80df9e7d326337c
- SHA1
  
  fe28d5756815fdac31a744a2f11c075f5b1892bc
- SHA256
  
  92a8cc4e385f170db300de8d423686eeeec72a32475a9356d967bee9e3453138
- SHA512
  
  2dcea669b4b3135bca6eba88542948188e25fb040db0a83bac03957b1fd59037998e7bb4a38774115ca051f07cbeacf99fd95113321e6c8fae4568a2e4e30f00
- SSDEEP
  
  768:BfaGWSO85ALmEcHUfkJ7Bate4LV1VZ6Y3PaNNHpXKMcpgUj:gGZALNcH77BajLbf61NR1pcbj
Score

8^/10

google discovery dropper phishing
- Blocklisted process makes network request
- Download via BitsAdmin
  dropper
- Detected potential entity reuse from brand GOOGLE.
  phishing google
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

BITS Jobs

Privilege Escalation

Defense Evasion

BITS Jobs

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

googlediscoverydropperphishing

behavioral2

googlediscoveryphishing