c4cc11590e97c5fb1f58dc56a9f9cb53a5f92d682e01a4da0dc6a7d052285125 | Triage

Sharing

General

Target

c4cc11590e97c5fb1f58dc56a9f9cb53a5f92d682e01a4da0dc6a7d052285125
Size

108KB
Sample

221002-el5b1sgbg7
MD5

709d3d5207839969befcc05a6a66c050
SHA1

2e6decb6fff155c5905c8b7ac93e363b3687ca95
SHA256

c4cc11590e97c5fb1f58dc56a9f9cb53a5f92d682e01a4da0dc6a7d052285125
SHA512

940dcb2dc854e70a4231a2848ab91ef2bf9969acef249f034584e59238b9ce6ed03e1a36078cf02697384448355aa0f15ff7491893850d8b89d6832daa25752b
SSDEEP

1536:6oh/KUjDpavGLLTDqVJd7+tVoXFMNER9CG91NO7Rq28/cvzqwaBu9h:Zh/tDpavG3TmVX+yxrNO7YNUvzoKh

Score

6^/10

microsoft persistence phishing

Malware Config

Targets

- Target
  
  c4cc11590e97c5fb1f58dc56a9f9cb53a5f92d682e01a4da0dc6a7d052285125
- Size
  
  108KB
- MD5
  
  709d3d5207839969befcc05a6a66c050
- SHA1
  
  2e6decb6fff155c5905c8b7ac93e363b3687ca95
- SHA256
  
  c4cc11590e97c5fb1f58dc56a9f9cb53a5f92d682e01a4da0dc6a7d052285125
- SHA512
  
  940dcb2dc854e70a4231a2848ab91ef2bf9969acef249f034584e59238b9ce6ed03e1a36078cf02697384448355aa0f15ff7491893850d8b89d6832daa25752b
- SSDEEP
  
  1536:6oh/KUjDpavGLLTDqVJd7+tVoXFMNER9CG91NO7Rq28/cvzqwaBu9h:Zh/tDpavG3TmVX+yxrNO7YNUvzoKh
Score

6^/10

microsoft persistence phishing
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishing