81404f86c3b7bdec0404ed5d573e1b690e0b8a7093cf32a1fbd694df00f87653 | Triage

Sharing

General

Target

81404f86c3b7bdec0404ed5d573e1b690e0b8a7093cf32a1fbd694df00f87653
Size

14KB
Sample

221002-p9h4sshdhj
MD5

708b1a2dc02a08436d09eb4a2aa15225
SHA1

40a4c25223021cb22a83f6ca66f5c95e1d116271
SHA256

81404f86c3b7bdec0404ed5d573e1b690e0b8a7093cf32a1fbd694df00f87653
SHA512

883fa66b346fdbb5da1c79531ab772487966f638e56ea2a4274244285c7a2c358f2c06e60f74580f7b97c8f7f02a6379e49241d5b9ee5ab262871b0ed68b5a75
SSDEEP

384:1F3vbQwxS6FP8Ks7zrelNg94lGMhUAmJOTbmn:1F3DQwxS6Z/4elNg9+yJ3

Score

6^/10

microsoft persistence phishing

Malware Config

Targets

- Target
  
  81404f86c3b7bdec0404ed5d573e1b690e0b8a7093cf32a1fbd694df00f87653
- Size
  
  14KB
- MD5
  
  708b1a2dc02a08436d09eb4a2aa15225
- SHA1
  
  40a4c25223021cb22a83f6ca66f5c95e1d116271
- SHA256
  
  81404f86c3b7bdec0404ed5d573e1b690e0b8a7093cf32a1fbd694df00f87653
- SHA512
  
  883fa66b346fdbb5da1c79531ab772487966f638e56ea2a4274244285c7a2c358f2c06e60f74580f7b97c8f7f02a6379e49241d5b9ee5ab262871b0ed68b5a75
- SSDEEP
  
  384:1F3vbQwxS6FP8Ks7zrelNg94lGMhUAmJOTbmn:1F3DQwxS6Z/4elNg9+yJ3
Score

6^/10

microsoft persistence phishing
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishing