ff95adef45524efd6220db583fd57d64ff00be90d9b2540d25d625449fb45d6b | Triage

Sharing

General

Target

ff95adef45524efd6220db583fd57d64ff00be90d9b2540d25d625449fb45d6b
Size

464KB
Sample

221003-f5jp4abadm
MD5

615cc56e248d9fd6f35c4f0a50162efa
SHA1

bae488669bb51773184583230cc9033552282800
SHA256

ff95adef45524efd6220db583fd57d64ff00be90d9b2540d25d625449fb45d6b
SHA512

38fbf5678fec9ac314e184bfad3172a7bcc0a100e4ddaa98b8c762c28d973e7cfeae11498d3759ab47b32a8db67334c3ac91e3a798721fdb0ed9dece612fc569
SSDEEP

6144:TV2RfS155ONNXBuWoJBO9OMbHLkAqF7Ief9UmM7/uTomE5ONNXBuWoJBO9OMbHLQ:Z2EB0NxDIBuOFe7/uTomm0NxDIBuO

Score

6^/10

microsoft persistence phishing

Malware Config

Targets

- Target
  
  ff95adef45524efd6220db583fd57d64ff00be90d9b2540d25d625449fb45d6b
- Size
  
  464KB
- MD5
  
  615cc56e248d9fd6f35c4f0a50162efa
- SHA1
  
  bae488669bb51773184583230cc9033552282800
- SHA256
  
  ff95adef45524efd6220db583fd57d64ff00be90d9b2540d25d625449fb45d6b
- SHA512
  
  38fbf5678fec9ac314e184bfad3172a7bcc0a100e4ddaa98b8c762c28d973e7cfeae11498d3759ab47b32a8db67334c3ac91e3a798721fdb0ed9dece612fc569
- SSDEEP
  
  6144:TV2RfS155ONNXBuWoJBO9OMbHLkAqF7Ief9UmM7/uTomE5ONNXBuWoJBO9OMbHLQ:Z2EB0NxDIBuOFe7/uTomm0NxDIBuO
Score

6^/10

microsoft persistence phishing
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishing