Overview

overview

8

Static

static

1

ben ben ben.png

windows10-ltsc 2021-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ben ben ben.png

  • Size

    395KB

  • Sample

    241201-cx13maykaq

  • MD5

    2b7fb6e3e6de328ce6d98eb9385d6e1a

  • SHA1

    fffbbfda1814f7373215e934dcd1a3f59ebda807

  • SHA256

    519ac602f962040370c842d554a4b43e6405dc6744d60d6bb7756dce12c7f2a1

  • SHA512

    4d67856ea191579884477671a2cf4e6aba47e597a6c908e177b627428505d5c69aff1bc5e0dde28841368fe9cee01c5114b9f580b91ae3715f5231a2764aed54

  • SSDEEP

    12288:Hks9tzqU3Pv7TuW638E0R6UzTLQGlJBaonR+7tkC:HksTVPvL638E08YTLZz1stkC

Score
8/10
microsoftdiscoveryphishing

Malware Config

Targets

    • Target

      ben ben ben.png

    • Size

      395KB

    • MD5

      2b7fb6e3e6de328ce6d98eb9385d6e1a

    • SHA1

      fffbbfda1814f7373215e934dcd1a3f59ebda807

    • SHA256

      519ac602f962040370c842d554a4b43e6405dc6744d60d6bb7756dce12c7f2a1

    • SHA512

      4d67856ea191579884477671a2cf4e6aba47e597a6c908e177b627428505d5c69aff1bc5e0dde28841368fe9cee01c5114b9f580b91ae3715f5231a2764aed54

    • SSDEEP

      12288:Hks9tzqU3Pv7TuW638E0R6UzTLQGlJBaonR+7tkC:HksTVPvL638E08YTLZz1stkC

    Score
    8/10
    microsoftdiscoveryphishing

    • Downloads MZ/PE file

    • A potential corporate email address has been identified in the URL: [email protected]

      phishing

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Detected potential entity reuse from brand MICROSOFT.

      phishingmicrosoft
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks