a37e207560cd433ec1c6c02af92a6a23f5976a138e61e73ab8edcb85c96f6cba | Triage

Sharing

General

Target

a37e207560cd433ec1c6c02af92a6a23f5976a138e61e73ab8edcb85c96f6cba
Size

34KB
Sample

221002-d8d8nsfec7
MD5

6da1c0ad910523cbc8f27a8920668a10
SHA1

0d6dc266ae7be363c95069d7e84fc5c14d07c128
SHA256

a37e207560cd433ec1c6c02af92a6a23f5976a138e61e73ab8edcb85c96f6cba
SHA512

554a0c68bb6335b0f71fd3364d8d911bed2cf5a6be4def4df845cf7fc665d57abd003e2acaa716f020acb5138f99642136bd1b468cd57ba9e2a59ba11e1b7d9b
SSDEEP

768:KE9RQ3mWlM8w2pPK61gi0As39hw2/WMAdM4TZlzT:KE9RQ3dC89t1q3n4TZlP

Score

6^/10

microsoft persistence phishing

Malware Config

Targets

- Target
  
  a37e207560cd433ec1c6c02af92a6a23f5976a138e61e73ab8edcb85c96f6cba
- Size
  
  34KB
- MD5
  
  6da1c0ad910523cbc8f27a8920668a10
- SHA1
  
  0d6dc266ae7be363c95069d7e84fc5c14d07c128
- SHA256
  
  a37e207560cd433ec1c6c02af92a6a23f5976a138e61e73ab8edcb85c96f6cba
- SHA512
  
  554a0c68bb6335b0f71fd3364d8d911bed2cf5a6be4def4df845cf7fc665d57abd003e2acaa716f020acb5138f99642136bd1b468cd57ba9e2a59ba11e1b7d9b
- SSDEEP
  
  768:KE9RQ3mWlM8w2pPK61gi0As39hw2/WMAdM4TZlzT:KE9RQ3dC89t1q3n4TZlP
Score

6^/10

microsoft persistence phishing
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishing