Overview

overview

5

Static

static

b5f211e632...bf.exe

windows7-x64

5

b5f211e632...bf.exe

windows10-2004-x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b5f211e632089024c0ec3f7a10cac50a6f7541fbdfc588f8fdac5ba8b27d9fbf

  • Size

    52KB

  • Sample

    221003-a48d6shea7

  • MD5

    34642e15aac09c299214bacfb3f8d399

  • SHA1

    cde7830a6b399f63dd8a12e44b7759b722519973

  • SHA256

    b5f211e632089024c0ec3f7a10cac50a6f7541fbdfc588f8fdac5ba8b27d9fbf

  • SHA512

    0e3e8634ae33285820c565ede6d3566dab75580114a3dbf57fc245d06055d961a26bfe5a8f9d16e8478c246b523ca0184b88b6577fcafcdf9b55c50864cf7265

  • SSDEEP

    768:9R7+eNd28dSa/7uyrSMBe1QHgkm60GCEduramZ/OCr27c0ZovjU8:nieNfdS+iyjoQHOtzr27cHU

Score
5/10
microsoftphishing

Malware Config

Targets

    • Target

      b5f211e632089024c0ec3f7a10cac50a6f7541fbdfc588f8fdac5ba8b27d9fbf

    • Size

      52KB

    • MD5

      34642e15aac09c299214bacfb3f8d399

    • SHA1

      cde7830a6b399f63dd8a12e44b7759b722519973

    • SHA256

      b5f211e632089024c0ec3f7a10cac50a6f7541fbdfc588f8fdac5ba8b27d9fbf

    • SHA512

      0e3e8634ae33285820c565ede6d3566dab75580114a3dbf57fc245d06055d961a26bfe5a8f9d16e8478c246b523ca0184b88b6577fcafcdf9b55c50864cf7265

    • SSDEEP

      768:9R7+eNd28dSa/7uyrSMBe1QHgkm60GCEduramZ/OCr27c0ZovjU8:nieNfdS+iyjoQHOtzr27cHU

    Score
    5/10
    microsoftphishing

    • Detected potential entity reuse from brand microsoft.

      phishingmicrosoft

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

System Information Discovery

2
T1082

Query Registry

1
T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks