General
-
Target
https://www.google.com
-
Sample
241203-yz3j5asjgx
Score
7/10
Malware Config
Targets
-
-
Target
https://www.google.com
Score7/10-
A potential corporate email address has been identified in the URL: 28280C0F53DB09900A490D45@AdobeOrg
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Mark of the Web detected: This indicates that the page was originally saved or cloned.
-
Network Share Discovery
Attempt to gather information on host network.
-
Probable phishing domain
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Modify Registry
1Subvert Trust Controls
1SIP and Trust Provider Hijacking
1