Overview

overview

8

Static

static

1

URLScan

urlscan

1

http://youtube.com

windows7-x64

8

Resubmissions

23-12-2024 10:50

241223-mxbg3sypek 1

23-12-2024 10:41

241223-mq5scayndp 8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    http://youtube.com

  • Sample

    241223-mq5scayndp

Score
8/10
microsoftdiscoverylateral_movementpersistencephishingprivilege_escalation

Malware Config

Targets

    • Target

      http://youtube.com

    Score
    8/10
    microsoftdiscoverylateral_movementpersistencephishingprivilege_escalation

    • Modifies RDP port number used by Windows

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Checks registry for disk virtualization

      Detecting virtualization disks is order done to detect sandboxing environments.

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    • Remote Services: SMB/Windows Admin Shares

      Adversaries may use Valid Accounts to interact with a remote network share using Server Message Block (SMB).

      lateral_movement

    • Detected potential entity reuse from brand MICROSOFT.

      phishingmicrosoft
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks