e9872a1f5f2b7c2c83d75d42ff8726b1eccc491f2c6667f04a1263f2062edf2d | Triage

Submit
Reports

Overview

overview

7

Static

static

1

skin_5368e...5d.png

windows10-ltsc 2021-x64

7

Sharing

General

Target

skin_5368efbd1506a7b442207c403d655d5d.png
Size

1KB
Sample

241120-3ytytawmbx
MD5

afe454e4b0f73fe6f278c0cf7e6df5d6
SHA1

52b76b26974c48fe37e7b60120549d826065b4fe
SHA256

e9872a1f5f2b7c2c83d75d42ff8726b1eccc491f2c6667f04a1263f2062edf2d
SHA512

0c55a3eb831a39a5bd574f048a335b5107e233445d5c0d57e07407398b41baa92b102bc02357f19df930d6b748b8f19c4dd72807c5946a286d36e41768a56b06

Score

7^/10

discovery motw phishing

Static task

static1

Behavioral task

behavioral1

Sample

skin_5368efbd1506a7b442207c403d655d5d.png

Resource

win10ltsc2021-20241023-en

discovery motw phishing

windows10-ltsc 2021-x64

17 signatures

1800 seconds

Malware Config

Targets

- Target
  
  skin_5368efbd1506a7b442207c403d655d5d.png
- Size
  
  1KB
- MD5
  
  afe454e4b0f73fe6f278c0cf7e6df5d6
- SHA1
  
  52b76b26974c48fe37e7b60120549d826065b4fe
- SHA256
  
  e9872a1f5f2b7c2c83d75d42ff8726b1eccc491f2c6667f04a1263f2062edf2d
- SHA512
  
  0c55a3eb831a39a5bd574f048a335b5107e233445d5c0d57e07407398b41baa92b102bc02357f19df930d6b748b8f19c4dd72807c5946a286d36e41768a56b06
Score

7^/10

discovery motw phishing
- A potential corporate email address has been identified in the URL: =@L
  phishing
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Mark of the Web detected: This indicates that the page was originally saved or cloned.
  phishing motw
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverymotwphishing

© 2018-2024

Terms | Privacy