8ecbd16910d56516d4289e0e50334bf5e82de419b6b575a28ac8d955570d2abd | Triage

Sharing

General

Target

8ecbd16910d56516d4289e0e50334bf5e82de419b6b575a28ac8d955570d2abd
Size

97KB
Sample

221003-aghv1aged6
MD5

7243639111345815b1063c5151e35420
SHA1

a8df282e8ad611607fcdd482722fbf5e52e00217
SHA256

8ecbd16910d56516d4289e0e50334bf5e82de419b6b575a28ac8d955570d2abd
SHA512

ca1c5511e82f23813e67ffe2124d983e31fddc346b0ef337313e3b8e896b2c07072c3ea27bd890c62812c629d193475b99ea8f553309d7d5a2f44a6318c28416
SSDEEP

3072:nP51eypHeI1U4DRlbrGG6uaNVtN0OIa5SBVp1mDB:nPDDHeI1U4DRlbqVzHIK

Score

6^/10

microsoft persistence phishing

Malware Config

Targets

- Target
  
  8ecbd16910d56516d4289e0e50334bf5e82de419b6b575a28ac8d955570d2abd
- Size
  
  97KB
- MD5
  
  7243639111345815b1063c5151e35420
- SHA1
  
  a8df282e8ad611607fcdd482722fbf5e52e00217
- SHA256
  
  8ecbd16910d56516d4289e0e50334bf5e82de419b6b575a28ac8d955570d2abd
- SHA512
  
  ca1c5511e82f23813e67ffe2124d983e31fddc346b0ef337313e3b8e896b2c07072c3ea27bd890c62812c629d193475b99ea8f553309d7d5a2f44a6318c28416
- SSDEEP
  
  3072:nP51eypHeI1U4DRlbrGG6uaNVtN0OIa5SBVp1mDB:nPDDHeI1U4DRlbqVzHIK
Score

6^/10

microsoft persistence phishing
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishing