d8b0afe186d27036726354b56097cb27959f28908cb5aaec5ff41c0d97261d44 | Triage

Sharing

General

Target

d8b0afe186d27036726354b56097cb27959f28908cb5aaec5ff41c0d97261d44
Size

92KB
Sample

221003-eglzwafac7
MD5

098d8a44ccf1b0def7657d50837313f4
SHA1

08d64f2754929676921947f20f48fa4dbfeaf23f
SHA256

d8b0afe186d27036726354b56097cb27959f28908cb5aaec5ff41c0d97261d44
SHA512

59b28df0e82bb085ba89c43832c0df1f413d339836d1c9c4160a12529df147f1142271e9a44f3489533d593db6b6acec1521c22e7824a64340804b7eece1a28e
SSDEEP

1536:2uV2VFS7IYcP6vl7QQgbcy6me8io3yHql:O3PrCvlHQKo3G

Score

6^/10

microsoft persistence phishing

Malware Config

Targets

- Target
  
  d8b0afe186d27036726354b56097cb27959f28908cb5aaec5ff41c0d97261d44
- Size
  
  92KB
- MD5
  
  098d8a44ccf1b0def7657d50837313f4
- SHA1
  
  08d64f2754929676921947f20f48fa4dbfeaf23f
- SHA256
  
  d8b0afe186d27036726354b56097cb27959f28908cb5aaec5ff41c0d97261d44
- SHA512
  
  59b28df0e82bb085ba89c43832c0df1f413d339836d1c9c4160a12529df147f1142271e9a44f3489533d593db6b6acec1521c22e7824a64340804b7eece1a28e
- SSDEEP
  
  1536:2uV2VFS7IYcP6vl7QQgbcy6me8io3yHql:O3PrCvlHQKo3G
Score

6^/10

microsoft persistence phishing
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishing