533369f756dbd8fa50d8379a20b3f7482fcb7b8f63d56cbf87bc48a28867da12 | Triage

Sharing

General

Target

533369f756dbd8fa50d8379a20b3f7482fcb7b8f63d56cbf87bc48a28867da12
Size

884KB
Sample

221003-e4et3sgaf7
MD5

44d4fd62cc32efc42c13ea3918beb370
SHA1

e6153fa28896ebee6d5bbeb6e1756ee8f618c2b7
SHA256

533369f756dbd8fa50d8379a20b3f7482fcb7b8f63d56cbf87bc48a28867da12
SHA512

22b9c3738a173966cdf0bdacead23a28ed3dcafb0be982abd86a7aa76963df0c3b05400644ca3262090cc59d46d2baf4cee2c238e5f51df5604bc0b5c7e17a51
SSDEEP

6144:dJyFOLXADQh1O5mNPM0D2FEDEgXhYHXKSXn9N0bzDk5NRmnCO6vIrh9W4UbckJ4g:fyELQDEI04EAihYHfXnc3pW0MIVABe

Score

6^/10

microsoft persistence phishing

Malware Config

Targets

- Target
  
  533369f756dbd8fa50d8379a20b3f7482fcb7b8f63d56cbf87bc48a28867da12
- Size
  
  884KB
- MD5
  
  44d4fd62cc32efc42c13ea3918beb370
- SHA1
  
  e6153fa28896ebee6d5bbeb6e1756ee8f618c2b7
- SHA256
  
  533369f756dbd8fa50d8379a20b3f7482fcb7b8f63d56cbf87bc48a28867da12
- SHA512
  
  22b9c3738a173966cdf0bdacead23a28ed3dcafb0be982abd86a7aa76963df0c3b05400644ca3262090cc59d46d2baf4cee2c238e5f51df5604bc0b5c7e17a51
- SSDEEP
  
  6144:dJyFOLXADQh1O5mNPM0D2FEDEgXhYHXKSXn9N0bzDk5NRmnCO6vIrh9W4UbckJ4g:fyELQDEI04EAihYHfXnc3pW0MIVABe
Score

6^/10

microsoft persistence phishing
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishing