Overview

overview

8

Static

static

1

c1f99abbd6...85.png

windows11-21h2-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c1f99abbd6fc32710c308a95f1f5d085.png

  • Size

    337KB

  • Sample

    250105-p6qz8svkhx

  • MD5

    91afd5fc0fe489bfbfec31f4a1762f17

  • SHA1

    fb2d2b6703224e572eda8cc62e81e36f637b58db

  • SHA256

    ae28b87597a422cb320b95b787a5c2d530aa282fd76d030eb9863e873b993cc2

  • SHA512

    c1b9e8843480818f36bb17027abe5f32d38007e5a3a75826f0f59aafeba20b5663c0dd04a08abf83ca863cdbab7f702a573a65e442cf4db6cda87b0eea7bd36c

  • SSDEEP

    6144:J7efzbKqyafuPI7VFR+nj1irwMwGCY3kzNgWQzBeazM8s2au20RvlBqg0:JafiryOElwnY0zNXQzYKMzDu9Lqh

Score
8/10
microsoftdefense_evasiondiscoveryexploitphishing

Malware Config

Targets

    • Target

      c1f99abbd6fc32710c308a95f1f5d085.png

    • Size

      337KB

    • MD5

      91afd5fc0fe489bfbfec31f4a1762f17

    • SHA1

      fb2d2b6703224e572eda8cc62e81e36f637b58db

    • SHA256

      ae28b87597a422cb320b95b787a5c2d530aa282fd76d030eb9863e873b993cc2

    • SHA512

      c1b9e8843480818f36bb17027abe5f32d38007e5a3a75826f0f59aafeba20b5663c0dd04a08abf83ca863cdbab7f702a573a65e442cf4db6cda87b0eea7bd36c

    • SSDEEP

      6144:J7efzbKqyafuPI7VFR+nj1irwMwGCY3kzNgWQzBeazM8s2au20RvlBqg0:JafiryOElwnY0zNXQzYKMzDu9Lqh

    Score
    8/10
    microsoftdefense_evasiondiscoveryexploitphishing

    • Downloads MZ/PE file

    • Possible privilege escalation attempt

      exploit

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies file permissions

      discovery

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Legitimate hosting services abused for malware hosting/C2

    • Detected potential entity reuse from brand MICROSOFT.

      phishingmicrosoft
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks