dcefd56133f9aa62fbebaf85ff265d627b967c87db4581e1915b33ebab06e789 | Triage

Submit
Reports

Overview

overview

6

Static

static

dcefd56133...89.exe

windows7-x64

1

dcefd56133...89.exe

windows10-2004-x64

6

Sharing

General

Target

dcefd56133f9aa62fbebaf85ff265d627b967c87db4581e1915b33ebab06e789
Size

172KB
Sample

221003-kbz77sgeeq
MD5

3c66118313e326cbadbae173bd5f73a9
SHA1

445424426aac2ca7fbaaabcb4270c04e3a4d5f50
SHA256

dcefd56133f9aa62fbebaf85ff265d627b967c87db4581e1915b33ebab06e789
SHA512

f4b47fe86c222c27961ee70fc3c63d14cde736c25fa5814ae019216c1149e1a8e0bfaa7d1da4d349573590a2feeab1dba1306c0c5241a8f02e811fc0180cadb2
SSDEEP

3072:flpEfu5mz5RqgF+Jn9bl9Z2mZTecyUCaHKG3+MKHdTrU0UFSp0:tpwukzt+Jn9bZ2mZT1yUCmZ0UAS

Score

6^/10

microsoft persistence phishing

Static task

static1

Behavioral task

behavioral1

Sample

dcefd56133f9aa62fbebaf85ff265d627b967c87db4581e1915b33ebab06e789.exe

Resource

win7-20220901-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

dcefd56133f9aa62fbebaf85ff265d627b967c87db4581e1915b33ebab06e789.exe

Resource

win10v2004-20220901-en

microsoft persistence phishing

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  dcefd56133f9aa62fbebaf85ff265d627b967c87db4581e1915b33ebab06e789
- Size
  
  172KB
- MD5
  
  3c66118313e326cbadbae173bd5f73a9
- SHA1
  
  445424426aac2ca7fbaaabcb4270c04e3a4d5f50
- SHA256
  
  dcefd56133f9aa62fbebaf85ff265d627b967c87db4581e1915b33ebab06e789
- SHA512
  
  f4b47fe86c222c27961ee70fc3c63d14cde736c25fa5814ae019216c1149e1a8e0bfaa7d1da4d349573590a2feeab1dba1306c0c5241a8f02e811fc0180cadb2
- SSDEEP
  
  3072:flpEfu5mz5RqgF+Jn9bl9Z2mZTecyUCaHKG3+MKHdTrU0UFSp0:tpwukzt+Jn9bZ2mZT1yUCmZ0UAS
Score

6^/10

microsoft persistence phishing
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishing

© 2018-2024

Terms | Privacy