Overview

overview

8

Static

static

ecf9ce345d...ac.exe

windows7-x64

8

ecf9ce345d...ac.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ecf9ce345d03547056b276e7b45af498210ca29a5895e2a19af4710ad072d3ac

  • Size

    289KB

  • Sample

    221003-kdaqbsfah2

  • MD5

    5725a7142c9aae016bf49d3a827a5d97

  • SHA1

    16b86d45da91715d65035ad968fec0b9074c3e7e

  • SHA256

    ecf9ce345d03547056b276e7b45af498210ca29a5895e2a19af4710ad072d3ac

  • SHA512

    55abe0ee5fab60c98f26c5ffa9b81e11c9c52e5cc35358d470fbb0fc852c5c696ed8103e9a3f1d913791a82f527ed0332a6a072775b8ca48b54f0052c3feb1e5

  • SSDEEP

    6144:t/0uo5P7yKRUWNjNhCHM1S9K/LdC+aAP7Y4:tJCfUa4H2Sy9zF

Score
8/10
microsoftpersistencephishing

Malware Config

Targets

    • Target

      ecf9ce345d03547056b276e7b45af498210ca29a5895e2a19af4710ad072d3ac

    • Size

      289KB

    • MD5

      5725a7142c9aae016bf49d3a827a5d97

    • SHA1

      16b86d45da91715d65035ad968fec0b9074c3e7e

    • SHA256

      ecf9ce345d03547056b276e7b45af498210ca29a5895e2a19af4710ad072d3ac

    • SHA512

      55abe0ee5fab60c98f26c5ffa9b81e11c9c52e5cc35358d470fbb0fc852c5c696ed8103e9a3f1d913791a82f527ed0332a6a072775b8ca48b54f0052c3feb1e5

    • SSDEEP

      6144:t/0uo5P7yKRUWNjNhCHM1S9K/LdC+aAP7Y4:tJCfUa4H2Sy9zF

    Score
    8/10
    persistencemicrosoftphishing

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Detected potential entity reuse from brand microsoft.

      phishingmicrosoft
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

2
T1112

Credential Access

Discovery

System Information Discovery

2
T1082

Query Registry

1
T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks