a171a1383d3fc6416710c636d9677b68a6fcf3a517f6b743d7ff2f6d8a60bd1b | Triage

Sharing

General

Target

a171a1383d3fc6416710c636d9677b68a6fcf3a517f6b743d7ff2f6d8a60bd1b
Size

5.1MB
Sample

221001-vwsc7sgea6
MD5

6405c0730396c39b25e44b944e7dfa14
SHA1

50b5d6b02d22cd03f6b633e830c1addaf339bc1f
SHA256

a171a1383d3fc6416710c636d9677b68a6fcf3a517f6b743d7ff2f6d8a60bd1b
SHA512

bb8bfa19e66e18c2f7f39b67a89174e48b4c037f5b2c6700c8a9bdea2be7ea62c89ab8bb99f0262299747d6023a0846ae0bfa45962a1188c35ecf357cc7a87fa
SSDEEP

98304:ShJYUlhaoF18cv9w2meTA4yxhnRWuL6/IdV4+uIqx5DjfoTsp/:IJlhz1hv9w2NA4yxhRp4+Yh4w

Score

6^/10

microsoft persistence phishing

Malware Config

Targets

- Target
  
  a171a1383d3fc6416710c636d9677b68a6fcf3a517f6b743d7ff2f6d8a60bd1b
- Size
  
  5.1MB
- MD5
  
  6405c0730396c39b25e44b944e7dfa14
- SHA1
  
  50b5d6b02d22cd03f6b633e830c1addaf339bc1f
- SHA256
  
  a171a1383d3fc6416710c636d9677b68a6fcf3a517f6b743d7ff2f6d8a60bd1b
- SHA512
  
  bb8bfa19e66e18c2f7f39b67a89174e48b4c037f5b2c6700c8a9bdea2be7ea62c89ab8bb99f0262299747d6023a0846ae0bfa45962a1188c35ecf357cc7a87fa
- SSDEEP
  
  98304:ShJYUlhaoF18cv9w2meTA4yxhnRWuL6/IdV4+uIqx5DjfoTsp/:IJlhz1hv9w2NA4yxhRp4+Yh4w
Score

6^/10

microsoft persistence phishing
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishing