cbe9b1beccf512039addaf4b1b3f68958c5485b9ac40afb97bce214300fb7fb0 | Triage

Sharing

General

Target

cbe9b1beccf512039addaf4b1b3f68958c5485b9ac40afb97bce214300fb7fb0
Size

77KB
Sample

221003-qst1eahdcp
MD5

56cd334f2b05a808f0954b304edab2b1
SHA1

0c825a0ffec628d3db8e73ca7df174e3522546e2
SHA256

cbe9b1beccf512039addaf4b1b3f68958c5485b9ac40afb97bce214300fb7fb0
SHA512

fdcac9b8636d82300971635d0d69bf3449b1d7ac71d3f3fc44d4deca6ccec1842b9fcc98c53d9ae0eb81b3e30416ef0fc7de6cfb3e62a43d7dba99c613047676
SSDEEP

1536:n95Epxulddns7pVf8crl+eHXWx4IxxjlyuSEFbqDtynpMBF:nKvf8crl+OXWCuSyFGMnpC

Score

6^/10

microsoft persistence phishing

Malware Config

Targets

- Target
  
  cbe9b1beccf512039addaf4b1b3f68958c5485b9ac40afb97bce214300fb7fb0
- Size
  
  77KB
- MD5
  
  56cd334f2b05a808f0954b304edab2b1
- SHA1
  
  0c825a0ffec628d3db8e73ca7df174e3522546e2
- SHA256
  
  cbe9b1beccf512039addaf4b1b3f68958c5485b9ac40afb97bce214300fb7fb0
- SHA512
  
  fdcac9b8636d82300971635d0d69bf3449b1d7ac71d3f3fc44d4deca6ccec1842b9fcc98c53d9ae0eb81b3e30416ef0fc7de6cfb3e62a43d7dba99c613047676
- SSDEEP
  
  1536:n95Epxulddns7pVf8crl+eHXWx4IxxjlyuSEFbqDtynpMBF:nKvf8crl+OXWCuSyFGMnpC
Score

6^/10

microsoft persistence phishing
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishing