ceab04afd7bb76ba0a4f43a5459bbc6788d2f1aba3b13a68fed96d415a39f338 | Triage

Sharing

General

Target

ceab04afd7bb76ba0a4f43a5459bbc6788d2f1aba3b13a68fed96d415a39f338
Size

54KB
Sample

221001-3f34rsbha8
MD5

61d7385ea4727c10e926b5a17f533c76
SHA1

50bf373a3399d664ee200885adc57dc5d8beb808
SHA256

ceab04afd7bb76ba0a4f43a5459bbc6788d2f1aba3b13a68fed96d415a39f338
SHA512

540a2fb51874208783129b6a4dfbc4a8f89753a6b0bf4db114474b7936bec35a81182593f3767455c16a2999c8878fbff42aec6dd1ebf56066f231a1e1c46f5a
SSDEEP

768:2P2Bbv+VazyoD2zBTU//1mz8+M9GnLEu+2M1FRJS8mt4JuZnJgp:dJv46yoD29TNz8+M9GLfEw8ki

Score

6^/10

microsoft persistence phishing

Malware Config

Targets

- Target
  
  ceab04afd7bb76ba0a4f43a5459bbc6788d2f1aba3b13a68fed96d415a39f338
- Size
  
  54KB
- MD5
  
  61d7385ea4727c10e926b5a17f533c76
- SHA1
  
  50bf373a3399d664ee200885adc57dc5d8beb808
- SHA256
  
  ceab04afd7bb76ba0a4f43a5459bbc6788d2f1aba3b13a68fed96d415a39f338
- SHA512
  
  540a2fb51874208783129b6a4dfbc4a8f89753a6b0bf4db114474b7936bec35a81182593f3767455c16a2999c8878fbff42aec6dd1ebf56066f231a1e1c46f5a
- SSDEEP
  
  768:2P2Bbv+VazyoD2zBTU//1mz8+M9GnLEu+2M1FRJS8mt4JuZnJgp:dJv46yoD29TNz8+M9GLfEw8ki
Score

6^/10

microsoft persistence phishing
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishing