a2dbc6d2f83b671069df302103c0d5551229852061f03c1998ed88e081d0d109 | Triage

Sharing

General

Target

a2dbc6d2f83b671069df302103c0d5551229852061f03c1998ed88e081d0d109
Size

136KB
Sample

221001-vxqk1ahdhj
MD5

6bb487d7a5c8ecda9c14c1e94c0329fd
SHA1

a6543b6f66627f0117520906b35500fc7433613f
SHA256

a2dbc6d2f83b671069df302103c0d5551229852061f03c1998ed88e081d0d109
SHA512

bbe2d8051138ea0f9bc4d30bdb5275e576c244218ae390405691c770fa8c76bd5647ba8020be57c98ff073b6e6b3a8a3cc007c06f8fa5f6c73c2c2756d53c7ca
SSDEEP

3072:r2yhKkTuu7RZsAvA6pAp+0nDZSEFUBoRjUpYpl:qyhKkTucZy6pAp+0dTmQl

Score

6^/10

microsoft persistence phishing

Malware Config

Targets

- Target
  
  a2dbc6d2f83b671069df302103c0d5551229852061f03c1998ed88e081d0d109
- Size
  
  136KB
- MD5
  
  6bb487d7a5c8ecda9c14c1e94c0329fd
- SHA1
  
  a6543b6f66627f0117520906b35500fc7433613f
- SHA256
  
  a2dbc6d2f83b671069df302103c0d5551229852061f03c1998ed88e081d0d109
- SHA512
  
  bbe2d8051138ea0f9bc4d30bdb5275e576c244218ae390405691c770fa8c76bd5647ba8020be57c98ff073b6e6b3a8a3cc007c06f8fa5f6c73c2c2756d53c7ca
- SSDEEP
  
  3072:r2yhKkTuu7RZsAvA6pAp+0nDZSEFUBoRjUpYpl:qyhKkTucZy6pAp+0dTmQl
Score

6^/10

microsoft persistence phishing
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishing