3f43257a362c9be5875ab171603766400c0dad5eaa48bbe70b6de3dfc8bd613d | Triage

Sharing

General

Target

a1s-root6=email_banfield_2024_12_12_18_API-4Y8LGw4pXVzKtYpq-2024-12-12T18_15_04.eml.infected
Size

34KB
Sample

241212-ye55hsxlel
MD5

8a661d61670b8c128c99e7b9d79508f3
SHA1

0a87eac05c4cef82ae5b9ad24a3037066f4b0454
SHA256

3f43257a362c9be5875ab171603766400c0dad5eaa48bbe70b6de3dfc8bd613d
SHA512

5dc3e9477566587401349462a5aea281c1cfbdfb91b0711269b7046148754219b488ea8a8ee3a84daed8268e1bb056f13b4ab71d28b0b110074672fc270ceff5
SSDEEP

768:ek4lJ23HkdbhFl9JyxhD3jaup3rdhbaY8LTMrns7JROFetnvJ:ek4lJ23HkdbhFl9JyxhTCY8ys7Jzxx

Score

7^/10

microsoft discovery phishing

Malware Config

Targets

- Target
  
  a1s-root6=email_banfield_2024_12_12_18_API-4Y8LGw4pXVzKtYpq-2024-12-12T18_15_04.eml.infected
- Size
  
  34KB
- MD5
  
  8a661d61670b8c128c99e7b9d79508f3
- SHA1
  
  0a87eac05c4cef82ae5b9ad24a3037066f4b0454
- SHA256
  
  3f43257a362c9be5875ab171603766400c0dad5eaa48bbe70b6de3dfc8bd613d
- SHA512
  
  5dc3e9477566587401349462a5aea281c1cfbdfb91b0711269b7046148754219b488ea8a8ee3a84daed8268e1bb056f13b4ab71d28b0b110074672fc270ceff5
- SSDEEP
  
  768:ek4lJ23HkdbhFl9JyxhD3jaup3rdhbaY8LTMrns7JROFetnvJ:ek4lJ23HkdbhFl9JyxhTCY8ys7Jzxx
Score

3^/10

discovery
behavioral1
- Target
  
  attachment-2
- Size
  
  28KB
- MD5
  
  ffbdd02f8b20dbadc5e387311f64ad98
- SHA1
  
  75c30b3761403aecdff33ad7c3cae52fd0783707
- SHA256
  
  4ec589091e7df11daa50f5ffafb7ac1348b025796034adf8240b4bc76b4e3d95
- SHA512
  
  56ba9b4399120e5414fca397bd3d06061bf405193b2800ce25f4d48e851f9f20095bd933284f07936471bf02445b17ff58e62980007da1b50645037aeadaa9ad
- SSDEEP
  
  768:YhFl9JyxhD3jaup3rdhbaY8LTMrns7JROFetnvF:YhFl9JyxhTCY8ys7Jzx9
Score

3^/10
behavioral2
- Target
  
  attachment-1
- Size
  
  4KB
- MD5
  
  5afdfeec2d5d3629827ec111471e74bf
- SHA1
  
  5f7363a45e6a61fefc517a4e3950844c1206cb71
- SHA256
  
  1af239c9e8c8647c4af4177525c3fb4f2cffbb13eb5187e5e0a7208a6c70cfbd
- SHA512
  
  cecc1eaf4113e99e6f7e760602c373bc7f1eddd4f878b3f2a88b3b5d4549d1a6a32ef3beaa257329a6b5f09fbb57d11038b026ca934274c638fb5c83858a6bd7
- SSDEEP
  
  96:snt32s97liOCmyHPrC6yVWdiJ7mcYbYwuYHkfGm+cW/lI5sdh332lYVHjcPpt4lO:4xPliOCVvyWdQmch38kfGm+tlI5sddGr
Score

7^/10

microsoft discovery phishing
- A potential corporate email address has been identified in the URL: [email protected]
  phishing
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Detected potential entity reuse from brand MICROSOFT.
  phishing microsoft
behavioral3
- Target
  
  email-plain-1.txt
- Size
  
  209B
- MD5
  
  29eecf9b409d2d9167046a68ea39541f
- SHA1
  
  2793368d2daded388c400dde54a21ff6991465f5
- SHA256
  
  cb589ddc6c7fabe6cf0d5695d03da0f0368210e559badce9cac789bc41f1483c
- SHA512
  
  6e1d9cc79bb8dd63187ca97f8cffb2e5f5b5670b8f994108520b67d1521cacc8f4267176c76caaa161502751b53f9ddd45ca745bb0efb8fea081777465a568b9
Score

1^/10
behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

microsoftdiscoveryphishing

behavioral4