d9492d0d917ef60315cb88ca38fd81c491f17c944a57cfadd20fb0747627616a | Triage

Sharing

General

Target

d9492d0d917ef60315cb88ca38fd81c491f17c944a57cfadd20fb0747627616a
Size

40KB
Sample

221001-13ch8ahed7
MD5

6137fc7f4d6fccbfb929eef4f0832b40
SHA1

17541dfca8697662f3ababf055489420e5c2639c
SHA256

d9492d0d917ef60315cb88ca38fd81c491f17c944a57cfadd20fb0747627616a
SHA512

f878e3b71b15fad32603219e8c621bad03e13340a4aa7fb2a51cdb16a64993022f163a562f6f91dd1df12907fddc5c977a3aa4d4e5e3c94479bf9659c563a155
SSDEEP

768:YCs97GGVUMZBCLUvjj2k6tnZ7wPda7+Wo68JD4+6K:Y19UMjCLUv/f6tZ7w1motcK

Score

6^/10

microsoft persistence phishing

Malware Config

Targets

- Target
  
  d9492d0d917ef60315cb88ca38fd81c491f17c944a57cfadd20fb0747627616a
- Size
  
  40KB
- MD5
  
  6137fc7f4d6fccbfb929eef4f0832b40
- SHA1
  
  17541dfca8697662f3ababf055489420e5c2639c
- SHA256
  
  d9492d0d917ef60315cb88ca38fd81c491f17c944a57cfadd20fb0747627616a
- SHA512
  
  f878e3b71b15fad32603219e8c621bad03e13340a4aa7fb2a51cdb16a64993022f163a562f6f91dd1df12907fddc5c977a3aa4d4e5e3c94479bf9659c563a155
- SSDEEP
  
  768:YCs97GGVUMZBCLUvjj2k6tnZ7wPda7+Wo68JD4+6K:Y19UMjCLUv/f6tZ7w1motcK
Score

6^/10

microsoft persistence phishing
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishing