Overview

overview

7

Static

static

1

email-html-1.html

windows7-x64

3

email-html-1.html

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    phish_alert_sp2_2.0.0.0 (31).eml

  • Size

    406KB

  • Sample

    241126-yx1yhsxnax

  • MD5

    5ad90453db830a4e9c7a30f5da529d42

  • SHA1

    0f9aa09aa8759d63e23db032a944a2723a2fd509

  • SHA256

    ee09723664ccafd695143ebed0da07399caceb5360e20859473389a586090e1c

  • SHA512

    3fa87ec9274f097399d932696441ae3253080a813a200bf61dcdaa17c8be1cdf1d5b3ee2c5b523366e030ce77a96825fdec1a219d16be132584e08e7af03a934

  • SSDEEP

    12288:FAf1F/gpKOfgdU+aIaqFkX+mq2+tWjkTN6q4:Iqpt+7kX+mQP6V

Score
7/10
microsoftdiscoveryphishing

Malware Config

Targets

    • Target

      email-html-1.txt

    • Size

      3KB

    • MD5

      29af4f96ca4a06f04ea2fd0bbbf5eade

    • SHA1

      eda51de3601919cdbf664b6b24732a5c48920252

    • SHA256

      352ecceedaa79508655e37b5754d70ce6a62e53a99919ea2c6cb5089411d3894

    • SHA512

      21f4804cad9ac2d4093dbefa2608e507b6fc6c568ce15c080002246299a9390d879cf62357fd211b735baa33b77af145f4975e86436646256119286ab7bde994

    Score
    7/10
    discoverymicrosoftphishing

    • A potential corporate email address has been identified in the URL: [email protected]

      phishing

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Detected potential entity reuse from brand MICROSOFT.

      phishingmicrosoft
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks