Overview

overview

7

Static

static

1

attachment-1.html

windows7-x64

7

attachment-1.html

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a1s-root6=email_banfield_2024_12_12_18_API-4Y8LGw4pXVzKtYpq-2024-12-12T18_15_04.eml.infected

  • Size

    34KB

  • Sample

    241212-yecszaxlck

  • MD5

    8a661d61670b8c128c99e7b9d79508f3

  • SHA1

    0a87eac05c4cef82ae5b9ad24a3037066f4b0454

  • SHA256

    3f43257a362c9be5875ab171603766400c0dad5eaa48bbe70b6de3dfc8bd613d

  • SHA512

    5dc3e9477566587401349462a5aea281c1cfbdfb91b0711269b7046148754219b488ea8a8ee3a84daed8268e1bb056f13b4ab71d28b0b110074672fc270ceff5

  • SSDEEP

    768:ek4lJ23HkdbhFl9JyxhD3jaup3rdhbaY8LTMrns7JROFetnvJ:ek4lJ23HkdbhFl9JyxhTCY8ys7Jzxx

Score
7/10
microsoftdiscoveryphishing

Malware Config

Targets

    • Target

      attachment-1

    • Size

      4KB

    • MD5

      5afdfeec2d5d3629827ec111471e74bf

    • SHA1

      5f7363a45e6a61fefc517a4e3950844c1206cb71

    • SHA256

      1af239c9e8c8647c4af4177525c3fb4f2cffbb13eb5187e5e0a7208a6c70cfbd

    • SHA512

      cecc1eaf4113e99e6f7e760602c373bc7f1eddd4f878b3f2a88b3b5d4549d1a6a32ef3beaa257329a6b5f09fbb57d11038b026ca934274c638fb5c83858a6bd7

    • SSDEEP

      96:snt32s97liOCmyHPrC6yVWdiJ7mcYbYwuYHkfGm+cW/lI5sdh332lYVHjcPpt4lO:4xPliOCVvyWdQmch38kfGm+tlI5sddGr

    Score
    7/10
    discoveryphishingmicrosoft

    • A potential corporate email address has been identified in the URL: [email protected]

      phishing

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Detected potential entity reuse from brand MICROSOFT.

      phishingmicrosoft
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks