aa182c1dd15391145126cee64e9f9f19d1f981b87881a0db59150169c47f1f8e | Triage

Sharing

General

Target

aa182c1dd15391145126cee64e9f9f19d1f981b87881a0db59150169c47f1f8e
Size

145KB
Sample

221002-d74f6sfeb6
MD5

720b789eefe099955bbd26736450e920
SHA1

f651c1382a3e9d6cb4e8a955c92c52f394354d74
SHA256

aa182c1dd15391145126cee64e9f9f19d1f981b87881a0db59150169c47f1f8e
SHA512

b20244fe826830265ed4fe60e4a9da39eacdcb7ec4e28d2a723dff1d8f75f75e20dcb1c98f79c7603a0ab3205d9574b44e1c0863c2a83d1755435b70a2e30e0b
SSDEEP

3072:113tVVEvE681agzc4hwt73+3cMeRbMxNipieSqjSsf:7J6+agzth47OMhRbMxL0

Score

6^/10

microsoft persistence phishing

Malware Config

Targets

- Target
  
  aa182c1dd15391145126cee64e9f9f19d1f981b87881a0db59150169c47f1f8e
- Size
  
  145KB
- MD5
  
  720b789eefe099955bbd26736450e920
- SHA1
  
  f651c1382a3e9d6cb4e8a955c92c52f394354d74
- SHA256
  
  aa182c1dd15391145126cee64e9f9f19d1f981b87881a0db59150169c47f1f8e
- SHA512
  
  b20244fe826830265ed4fe60e4a9da39eacdcb7ec4e28d2a723dff1d8f75f75e20dcb1c98f79c7603a0ab3205d9574b44e1c0863c2a83d1755435b70a2e30e0b
- SSDEEP
  
  3072:113tVVEvE681agzc4hwt73+3cMeRbMxNipieSqjSsf:7J6+agzth47OMhRbMxL0
Score

6^/10

microsoft persistence phishing
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishing