4bddf74f407c218fc0fe77cd274f953fbe68e7d0411d71d0d57c9a32b223c344 | Triage

Sharing

General

Target

4bddf74f407c218fc0fe77cd274f953fbe68e7d0411d71d0d57c9a32b223c344
Size

70KB
Sample

221002-r8hgzsbdb6
MD5

6e15ba2a0024d4645ec521517e256c50
SHA1

efeb70f77e60a24bd43fb1f4f2bc84d91ddc1367
SHA256

4bddf74f407c218fc0fe77cd274f953fbe68e7d0411d71d0d57c9a32b223c344
SHA512

a620919f5673f3d592fed66473dfefc00aa3fea5e6f10747ab861337428bdc8ad9ff09840bf2a0e5c1270b4d13a7e979d5d3a8e578d0dca3cf465805abbed579
SSDEEP

768:XElGiBcBui2FjUwF0wdPVv/rJMDzdFRJfSt3x1wV3e3qtAcyMc8JZdfrKf5m:0lGBu/jjPVv/tMDzxJGCVO3GOMlIm

Score

6^/10

microsoft persistence phishing

Malware Config

Targets

- Target
  
  4bddf74f407c218fc0fe77cd274f953fbe68e7d0411d71d0d57c9a32b223c344
- Size
  
  70KB
- MD5
  
  6e15ba2a0024d4645ec521517e256c50
- SHA1
  
  efeb70f77e60a24bd43fb1f4f2bc84d91ddc1367
- SHA256
  
  4bddf74f407c218fc0fe77cd274f953fbe68e7d0411d71d0d57c9a32b223c344
- SHA512
  
  a620919f5673f3d592fed66473dfefc00aa3fea5e6f10747ab861337428bdc8ad9ff09840bf2a0e5c1270b4d13a7e979d5d3a8e578d0dca3cf465805abbed579
- SSDEEP
  
  768:XElGiBcBui2FjUwF0wdPVv/rJMDzdFRJfSt3x1wV3e3qtAcyMc8JZdfrKf5m:0lGBu/jjPVv/tMDzxJGCVO3GOMlIm
Score

6^/10

microsoft persistence phishing
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishing