eb12b3e0e80061ae8cc6cccb048b505dc95e8709f6d6a23f86f7d33d6ec3fbdf | Triage

Submit
Reports

Overview

overview

6

Static

static

eb12b3e0e8...df.exe

windows7-x64

3

eb12b3e0e8...df.exe

windows10-2004-x64

6

Sharing

General

Target

eb12b3e0e80061ae8cc6cccb048b505dc95e8709f6d6a23f86f7d33d6ec3fbdf
Size

44KB
Sample

221003-htc5aadhfn
MD5

0a376abb3320642841e1e930c782b823
SHA1

da9ab9dc83b0871e3f0927a2160f3e1a9f0fe0d7
SHA256

eb12b3e0e80061ae8cc6cccb048b505dc95e8709f6d6a23f86f7d33d6ec3fbdf
SHA512

423d9f20372dbe5f4ff0a79614743da4f6171cb3a8a45895ac4ed6128fde13e0abd82fec094f18d096df049549e56008ee0e406f1c2b59be09f511e7e68c8c85
SSDEEP

384:DKUMFZnXUq8vagN7aCY8CtBcelBcowX0SeCXZ1ocHzoMPnMWmLrEeBodtXx/hGsF:DMFZkq8C/uZ1G/E+StXxkdzZBZTnKB

Score

6^/10

microsoft persistence phishing

Static task

static1

Behavioral task

behavioral1

Sample

eb12b3e0e80061ae8cc6cccb048b505dc95e8709f6d6a23f86f7d33d6ec3fbdf.exe

Resource

win7-20220812-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

eb12b3e0e80061ae8cc6cccb048b505dc95e8709f6d6a23f86f7d33d6ec3fbdf.exe

Resource

win10v2004-20220901-en

microsoft persistence phishing

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  eb12b3e0e80061ae8cc6cccb048b505dc95e8709f6d6a23f86f7d33d6ec3fbdf
- Size
  
  44KB
- MD5
  
  0a376abb3320642841e1e930c782b823
- SHA1
  
  da9ab9dc83b0871e3f0927a2160f3e1a9f0fe0d7
- SHA256
  
  eb12b3e0e80061ae8cc6cccb048b505dc95e8709f6d6a23f86f7d33d6ec3fbdf
- SHA512
  
  423d9f20372dbe5f4ff0a79614743da4f6171cb3a8a45895ac4ed6128fde13e0abd82fec094f18d096df049549e56008ee0e406f1c2b59be09f511e7e68c8c85
- SSDEEP
  
  384:DKUMFZnXUq8vagN7aCY8CtBcelBcowX0SeCXZ1ocHzoMPnMWmLrEeBodtXx/hGsF:DMFZkq8C/uZ1G/E+StXxkdzZBZTnKB
Score

6^/10

microsoft persistence phishing
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishing

© 2018-2024

Terms | Privacy