Overview

overview

8

Static

static

1

1305607172...4.html

windows7-x64

3

1305607172...4.html

windows10-2004-x64

8

Resubmissions

20/11/2024, 04:02

241120-el8dnszqbt 7

20/11/2024, 03:59

241120-ekb9vavpdp 8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1305607172931190804

  • Size

    5KB

  • Sample

    241120-ekb9vavpdp

  • MD5

    5d094669027e56e50927895fc8d7af02

  • SHA1

    d46e4ea3964fb70cdc1dc144877de3f650efcc4b

  • SHA256

    1af963890a94b022cb3b0fd2276387cf9df618ff4e07f971fa11035325afffc2

  • SHA512

    e69088b84ddca4bc9196c8fb973b2a3a65ee10142ebf2a317d8e907cb043e248d7193ac9baa25d177b9e4b459a3d7f0a16ba6a1121e381586a637d0641c53288

  • SSDEEP

    96:yUpHE+OfRrcLHLTMRe5mvtgCsXe5oEce0zxzhAnx/IJ:ycHEfRrcb3foVNb0zx1Anx/0

Score
8/10
discoveryexecutionmotwphishing

Malware Config

Targets

    • Target

      1305607172931190804

    • Size

      5KB

    • MD5

      5d094669027e56e50927895fc8d7af02

    • SHA1

      d46e4ea3964fb70cdc1dc144877de3f650efcc4b

    • SHA256

      1af963890a94b022cb3b0fd2276387cf9df618ff4e07f971fa11035325afffc2

    • SHA512

      e69088b84ddca4bc9196c8fb973b2a3a65ee10142ebf2a317d8e907cb043e248d7193ac9baa25d177b9e4b459a3d7f0a16ba6a1121e381586a637d0641c53288

    • SSDEEP

      96:yUpHE+OfRrcLHLTMRe5mvtgCsXe5oEce0zxzhAnx/IJ:ycHEfRrcb3foVNb0zx1Anx/0

    Score
    8/10
    discoveryexecutionmotwphishing

    • Blocklisted process makes network request

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Mark of the Web detected: This indicates that the page was originally saved or cloned.

      phishingmotw
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks