6b10d39289d722281981e4ce0c600ed89dc282ebae8f26a4d86601d0b59d68c7 | Triage

Resubmissions

20-11-2024 18:20

241120-wytvgszgqg 6

20-11-2024 18:16

241120-wwsvea1jh1 7

Sharing

General

Target

sample
Size

18KB
Sample

241120-wwsvea1jh1
MD5

c9f8d37c6bb95a60d07752e635567f41
SHA1

bd556719c7a0071c1b044b7de86b9c5ccc341b88
SHA256

6b10d39289d722281981e4ce0c600ed89dc282ebae8f26a4d86601d0b59d68c7
SHA512

b287525e3d3119f326bd99da4bab601755e9a74bf41ab7fc78483f5b4ac079248f9162c32d854839ec87193e12f983cdcb87c1664bc22b3b4fe30bdcb370dc87
SSDEEP

384:g/QaC1ocy4n4lbGaUMvhpNA5epMTRlObz6r0sZjL2f61xCejiw:gM1ocy44EanJpNQe7bz6r0sZjLUMxPiw

Score

7^/10

discovery motw phishing

Malware Config

Targets

- Target
  
  sample
- Size
  
  18KB
- MD5
  
  c9f8d37c6bb95a60d07752e635567f41
- SHA1
  
  bd556719c7a0071c1b044b7de86b9c5ccc341b88
- SHA256
  
  6b10d39289d722281981e4ce0c600ed89dc282ebae8f26a4d86601d0b59d68c7
- SHA512
  
  b287525e3d3119f326bd99da4bab601755e9a74bf41ab7fc78483f5b4ac079248f9162c32d854839ec87193e12f983cdcb87c1664bc22b3b4fe30bdcb370dc87
- SSDEEP
  
  384:g/QaC1ocy4n4lbGaUMvhpNA5epMTRlObz6r0sZjL2f61xCejiw:gM1ocy44EanJpNQe7bz6r0sZjLUMxPiw
Score

7^/10

discovery motw phishing
- A potential corporate email address has been identified in the URL: [email protected]
  phishing
- Mark of the Web detected: This indicates that the page was originally saved or cloned.
  phishing motw
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverymotwphishing