Overview

overview

7

Static

static

1

attachment-1.html

windows11-21h2-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Pay Application Inv approval request.eml

  • Size

    49KB

  • Sample

    241123-cml6qavqgx

  • MD5

    e6c230521b307d41e2c52ac575b6be75

  • SHA1

    349d580bbadef1a3508573899cdb202d90dc3081

  • SHA256

    c7c52c4c82341556e2be4abbaecd834e01f06aa6918839b74963111a48f7106c

  • SHA512

    3945c0e482e0a399534e131139747d9de17abf37a3f5b175e9ed4502cf05fe8f04a53f3d5beba16e8a759bd46baf89d88933d34e7106ad29b2ad978286e7e874

  • SSDEEP

    768:SjIrigYkiIenL8UfBi1hZjwWEPb/HkpWxT5/6dX3/vStV99nCZUbTgr336Jcu:SjIXkAhhZ0HPb2XvYVL4Wl

Score
7/10
microsoftdiscoveryphishing

Malware Config

Targets

    • Target

      attachment-1

    • Size

      254B

    • MD5

      164ff36a46f7143c44356eeaaf91b54d

    • SHA1

      279b4d088d36d697ac74bac5ec3d8827c550464a

    • SHA256

      dfbe03c7cfc32f54f6492ce61b1aad0f59cc304873dd7e51832db967adae5060

    • SHA512

      9b4b212ed167fb670bf715081d73436e7a33e9290aa56a09bdb481e095ad2203f3460b42e52f9efb97890aa819f25781f99c4cfbcced9d23c1cb99e0975a6aa7

    Score
    7/10
    microsoftdiscoveryphishing

    • A potential corporate email address has been identified in the URL: [email protected]

      phishing

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Detected potential entity reuse from brand MICROSOFT.

      phishingmicrosoft
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks