Overview

overview

8

Static

static

1

pack.png

windows11-21h2-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ja.zip

  • Size

    3KB

  • Sample

    241228-smh23azkaj

  • MD5

    ef2802e82479ed452675b2c13d60295e

  • SHA1

    02232c6eda1f694c56c9dd69ffa0f80a9ad1eaf4

  • SHA256

    16ac15accc7ae3514934ad47e4ab5cad698527be297141b8296a30d589007147

  • SHA512

    516a99dc0c30ea6d6b272d8bac7d4873597f4e141120e0fe38128b8f75b450faa8bf3f47764856c32b269b871c0898168bc2239712a39825fcd53dc6e6411e5c

Score
8/10
steamdefense_evasiondiscoverypersistencephishing

Malware Config

Targets

    • Target

      pack.png

    • Size

      704B

    • MD5

      28801382ac9d17482d52f018323dc3d3

    • SHA1

      70cf7be57f3292165ea5a9233cfe5c261cadae02

    • SHA256

      6ee012b9259037ee0c13bbe23211894ce6bd4419415a0514046694fc87956267

    • SHA512

      802dee49b1417fca53b0ac0eed7edf2ed3bbf21fbd21d4de843420352e758ddf84bfee0f153fe877b09d5e5ef7e725793a0d9fa83a1b2016cde7730f1a1ba372

    Score
    8/10
    steamdefense_evasiondiscoverypersistencephishing

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Detected potential entity reuse from brand STEAM.

      phishingsteam
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks