Overview

overview

8

Static

static

1

.html

windows7-x64

8

.html

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    .

  • Size

    520KB

  • Sample

    241121-wxwyfsvkcv

  • MD5

    98f65230a00dbd6bf529f3e1e0c902e0

  • SHA1

    325f4af94fe7e9fa727ca112ecbf716095ca5634

  • SHA256

    f1573869b1a63009096aaaf41be1b56d3c86589ab27678f97aea90674dea1519

  • SHA512

    979a386ca73a7d94b6a1970894f1f540bb043a6e69a0d5144995516da1afcd7c4bedc2747fe2b18515578cf124319a3718ebe85291ad6909dedee1139121a3ee

  • SSDEEP

    6144:AsFdmOBmO9mOcmOhmOomOAmOkmOZmOvmOXRhk:AKmym4mxmamRmdmnmKmmmMhk

Score
8/10
steamdiscoverypersistencephishing

Malware Config

Targets

    • Target

      .

    • Size

      520KB

    • MD5

      98f65230a00dbd6bf529f3e1e0c902e0

    • SHA1

      325f4af94fe7e9fa727ca112ecbf716095ca5634

    • SHA256

      f1573869b1a63009096aaaf41be1b56d3c86589ab27678f97aea90674dea1519

    • SHA512

      979a386ca73a7d94b6a1970894f1f540bb043a6e69a0d5144995516da1afcd7c4bedc2747fe2b18515578cf124319a3718ebe85291ad6909dedee1139121a3ee

    • SSDEEP

      6144:AsFdmOBmO9mOcmOhmOomOAmOkmOZmOvmOXRhk:AKmym4mxmamRmdmnmKmmmMhk

    Score
    8/10
    steamdiscoverypersistencephishing

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Detected potential entity reuse from brand STEAM.

      phishingsteam
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks