18251337057d6fe618d3cbea69d49d0a2499821e741eae38d8f1a3b71244c051 | Triage

Sharing

General

Target

18251337057d6fe618d3cbea69d49d0a2499821e741eae38d8f1a3b71244c051
Size

17KB
Sample

221002-g3rtcsbgb9
MD5

45094f97583be3744b029bd3eb59c1f0
SHA1

1fed260f32950b4203f2460fb14cc8e4af2ac493
SHA256

18251337057d6fe618d3cbea69d49d0a2499821e741eae38d8f1a3b71244c051
SHA512

0b4d5491524aac423d351e7e0936ea9af6c83f4654120b0a8e5ddb114075ff8dd56892d4ac3e470ce776d3df69c117bfca5dedab4425c0d545484425ea94d0c6
SSDEEP

384:/7PWwyyb5KmA1e8aOvKE2tArX5S5vrHHA/j77:DPWwyypAAQf2GrXWAjP

Score

6^/10

microsoft persistence phishing

Malware Config

Targets

- Target
  
  18251337057d6fe618d3cbea69d49d0a2499821e741eae38d8f1a3b71244c051
- Size
  
  17KB
- MD5
  
  45094f97583be3744b029bd3eb59c1f0
- SHA1
  
  1fed260f32950b4203f2460fb14cc8e4af2ac493
- SHA256
  
  18251337057d6fe618d3cbea69d49d0a2499821e741eae38d8f1a3b71244c051
- SHA512
  
  0b4d5491524aac423d351e7e0936ea9af6c83f4654120b0a8e5ddb114075ff8dd56892d4ac3e470ce776d3df69c117bfca5dedab4425c0d545484425ea94d0c6
- SSDEEP
  
  384:/7PWwyyb5KmA1e8aOvKE2tArX5S5vrHHA/j77:DPWwyypAAQf2GrXWAjP
Score

6^/10

microsoft persistence phishing
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishing