Resubmissions

09/11/2024, 20:27

241109-y8tnksvjak 7

09/11/2024, 20:11

241109-yye3fa1fjh 7

General

  • Target

    inbox.png

  • Size

    380KB

  • Sample

    241109-yye3fa1fjh

  • MD5

    ac6b3da921d65420f87bfe834a0af4af

  • SHA1

    e626e96e876c3efca77c5d20d45d2688343f4e1c

  • SHA256

    27410bc7be14c47eb58679632c4f683dcd90814191ad030fd254e4ff96646523

  • SHA512

    1ffac797295123cfa93ff22677eeaaea9994dc07b0070c5b3012c96a918a60230190fd2419b780073a5a312065d9af1ed573ce10c27bb3abd61c7925425e37db

  • SSDEEP

    6144:Jxfkm9zdfezpYigNE5pk7znts/imEDWUuENSdn9qoA12/oMs5WqKZV5bbDjTQBRb:JxfrJ9e+TGk7zZi4NqUBAFD53/8BRiBu

Score
7/10

Malware Config

Targets

    • Target

      inbox.png

    • Size

      380KB

    • MD5

      ac6b3da921d65420f87bfe834a0af4af

    • SHA1

      e626e96e876c3efca77c5d20d45d2688343f4e1c

    • SHA256

      27410bc7be14c47eb58679632c4f683dcd90814191ad030fd254e4ff96646523

    • SHA512

      1ffac797295123cfa93ff22677eeaaea9994dc07b0070c5b3012c96a918a60230190fd2419b780073a5a312065d9af1ed573ce10c27bb3abd61c7925425e37db

    • SSDEEP

      6144:Jxfkm9zdfezpYigNE5pk7znts/imEDWUuENSdn9qoA12/oMs5WqKZV5bbDjTQBRb:JxfrJ9e+TGk7zZi4NqUBAFD53/8BRiBu

    Score
    7/10
    • A potential corporate email address has been identified in the URL: httpswww.youtube.com@Omnidevcbrd1

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Legitimate hosting services abused for malware hosting/C2

    • Network Share Discovery

      Attempt to gather information on host network.

MITRE ATT&CK Enterprise v15

Tasks