8a273614263f1dbdaa71f3a4844ae3de006fa595039308125d1d3521a41c44eb | Triage

Sharing

General

Target

8a273614263f1dbdaa71f3a4844ae3de006fa595039308125d1d3521a41c44eb
Size

132KB
Sample

221002-nn6gjadcd3
MD5

6fc3c7ecbd3a67ae926e05e417badb70
SHA1

170b7e7ec7bf717cfb0c3c0ff19e40ec10a8418b
SHA256

8a273614263f1dbdaa71f3a4844ae3de006fa595039308125d1d3521a41c44eb
SHA512

21beb35d177e14ca67fd082a45b4f5503899569df2a80bc5f77064414ec2e2d480f5fce53585c05cb26e2ddb860a8a7c59559eb356fe12cd0d65ed313ac4b669
SSDEEP

1536:fQ3+UIA4VwoGdZBqhEHDirBk71WloQA1sDx69n1aztkKOUK8foRXsWK2:o3+UIA4VwoGDBqhElSksQ9na/tK88sW

Score

6^/10

microsoft persistence phishing

Malware Config

Targets

- Target
  
  8a273614263f1dbdaa71f3a4844ae3de006fa595039308125d1d3521a41c44eb
- Size
  
  132KB
- MD5
  
  6fc3c7ecbd3a67ae926e05e417badb70
- SHA1
  
  170b7e7ec7bf717cfb0c3c0ff19e40ec10a8418b
- SHA256
  
  8a273614263f1dbdaa71f3a4844ae3de006fa595039308125d1d3521a41c44eb
- SHA512
  
  21beb35d177e14ca67fd082a45b4f5503899569df2a80bc5f77064414ec2e2d480f5fce53585c05cb26e2ddb860a8a7c59559eb356fe12cd0d65ed313ac4b669
- SSDEEP
  
  1536:fQ3+UIA4VwoGdZBqhEHDirBk71WloQA1sDx69n1aztkKOUK8foRXsWK2:o3+UIA4VwoGDBqhElSksQ9na/tK88sW
Score

6^/10

microsoft persistence phishing
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishing