Overview

overview

8

Static

static

1

sample.html

windows7-x64

3

sample.html

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    sample

  • Size

    357KB

  • Sample

    241116-bneycswhqb

  • MD5

    2ba57cd99712bd80a801abb8fd5cdaad

  • SHA1

    a6ded0e51ce51afcfc06dda1fc0b07fffdfd9e61

  • SHA256

    e3ee3bac62c452976df966af291f416113cc44110d218c368a4891c4fbae7d38

  • SHA512

    f391a27cbc1701a6b2a35862135a29143c46d86c246ed8ea57d1b1a17e9c48825367c48c2b4a620e3da715755e13da66ababf533963cea14e88428fce119d7ea

  • SSDEEP

    3072:sPe0nFs9tfoDF98tsGlKpje60I450/dhheV3fj5V3fjbIVIjoxPr:90nC9tfo598Cpje60I45EdhhIIVIePr

Score
8/10
microsoftdiscoveryphishing

Malware Config

Targets

    • Target

      sample

    • Size

      357KB

    • MD5

      2ba57cd99712bd80a801abb8fd5cdaad

    • SHA1

      a6ded0e51ce51afcfc06dda1fc0b07fffdfd9e61

    • SHA256

      e3ee3bac62c452976df966af291f416113cc44110d218c368a4891c4fbae7d38

    • SHA512

      f391a27cbc1701a6b2a35862135a29143c46d86c246ed8ea57d1b1a17e9c48825367c48c2b4a620e3da715755e13da66ababf533963cea14e88428fce119d7ea

    • SSDEEP

      3072:sPe0nFs9tfoDF98tsGlKpje60I450/dhheV3fj5V3fjbIVIjoxPr:90nC9tfo598Cpje60I45EdhhIIVIePr

    Score
    8/10
    discoverymicrosoftphishing

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Network Share Discovery

      Attempt to gather information on host network.

      discovery

    • Detected potential entity reuse from brand MICROSOFT.

      phishingmicrosoft
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks