39c3bc94da657024ec3131e96b5071d0c605c1f61d40a7cde4919fbcf19a01ff | Triage

Sharing

General

Target

39c3bc94da657024ec3131e96b5071d0c605c1f61d40a7cde4919fbcf19a01ff
Size

228KB
Sample

221002-edf98afgd6
MD5

740df801c26b6fa95b8afe3861bbb84f
SHA1

86a8eeab02f782d14b653d4a42756a968d2f5494
SHA256

39c3bc94da657024ec3131e96b5071d0c605c1f61d40a7cde4919fbcf19a01ff
SHA512

0537a7bb6da72e74e85c9a10010e99199741214d5fcec2ca364d823bb24158adc8267f7de4109ccf09233446f8b1fb8e9e93b23cb516cc242fa325033d64e614
SSDEEP

6144:XGks8C+sEQDu0irIuU5pmZbgXooP17xerO:E8jsx085pmZUPbcO

Score

6^/10

microsoft persistence phishing

Malware Config

Targets

- Target
  
  39c3bc94da657024ec3131e96b5071d0c605c1f61d40a7cde4919fbcf19a01ff
- Size
  
  228KB
- MD5
  
  740df801c26b6fa95b8afe3861bbb84f
- SHA1
  
  86a8eeab02f782d14b653d4a42756a968d2f5494
- SHA256
  
  39c3bc94da657024ec3131e96b5071d0c605c1f61d40a7cde4919fbcf19a01ff
- SHA512
  
  0537a7bb6da72e74e85c9a10010e99199741214d5fcec2ca364d823bb24158adc8267f7de4109ccf09233446f8b1fb8e9e93b23cb516cc242fa325033d64e614
- SSDEEP
  
  6144:XGks8C+sEQDu0irIuU5pmZbgXooP17xerO:E8jsx085pmZUPbcO
Score

6^/10

microsoft persistence phishing
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishing