Overview

overview

8

Static

static

1

tfwksit.png

windows10-ltsc_2021-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    tfwksit.png

  • Size

    269KB

  • Sample

    250410-zagrss11gt

  • MD5

    d6c42db5839899c6f1e7246b7905644c

  • SHA1

    632c2261709e9ca6584b909aa4ff8193942075e5

  • SHA256

    d9814c90272db1c79539450920f6ce99faf865e0092f54beecea3944983be667

  • SHA512

    748f2234b561113fff92b363c9263dbe1d6608e6a0a217f783ef22b7a0bf6ec941d4c717ae22adbe6d43fff9301ab1376f5a1bde337b39928e0b827a92ae8f56

  • SSDEEP

    6144:9wCrnrJmUkyaqJFpzjWiybeS4AKxMAH7LHOdyrhNuU4TFO1L9+:9Prn8oFdGqx7HHHOMr94T894

Score
8/10
microsoftdiscoveryphishing

Malware Config

Targets

    • Target

      tfwksit.png

    • Size

      269KB

    • MD5

      d6c42db5839899c6f1e7246b7905644c

    • SHA1

      632c2261709e9ca6584b909aa4ff8193942075e5

    • SHA256

      d9814c90272db1c79539450920f6ce99faf865e0092f54beecea3944983be667

    • SHA512

      748f2234b561113fff92b363c9263dbe1d6608e6a0a217f783ef22b7a0bf6ec941d4c717ae22adbe6d43fff9301ab1376f5a1bde337b39928e0b827a92ae8f56

    • SSDEEP

      6144:9wCrnrJmUkyaqJFpzjWiybeS4AKxMAH7LHOdyrhNuU4TFO1L9+:9Prn8oFdGqx7HHHOMr94T894

    Score
    8/10
    microsoftdiscoveryphishing

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Legitimate hosting services abused for malware hosting/C2

    • Detected potential entity reuse from brand MICROSOFT.

      phishingmicrosoft
    behavioral1

MITRE ATT&CK Enterprise v16

Tasks