d96529f3e5d94ba0742ec7a86f0b24a04201dd88064132c905e2d0e9217a2bbe | Triage

Sharing

General

Target

d96529f3e5d94ba0742ec7a86f0b24a04201dd88064132c905e2d0e9217a2bbe
Size

20KB
Sample

221003-s7fgnsddc8
MD5

519ec5235e767e8ce5c04a1e73ae25b0
SHA1

511fb4a1103e5448337c31670e2b37ee40c98d0b
SHA256

d96529f3e5d94ba0742ec7a86f0b24a04201dd88064132c905e2d0e9217a2bbe
SHA512

7703e00cf148bb72ae7e2bda40febd5e2508825ad5b7936545e7bc29c2aa32652d746dd90bdfbca2efe509218e44a65b2584e1d2a38071869f509b21e7b4e6c5
SSDEEP

384:hWZ71xBX3RZjmDZBv0xAXZWYfW1xz4PJTVYOxR3V/WXR4:s72mEHnZUO

Score

6^/10

microsoft persistence phishing

Malware Config

Targets

- Target
  
  d96529f3e5d94ba0742ec7a86f0b24a04201dd88064132c905e2d0e9217a2bbe
- Size
  
  20KB
- MD5
  
  519ec5235e767e8ce5c04a1e73ae25b0
- SHA1
  
  511fb4a1103e5448337c31670e2b37ee40c98d0b
- SHA256
  
  d96529f3e5d94ba0742ec7a86f0b24a04201dd88064132c905e2d0e9217a2bbe
- SHA512
  
  7703e00cf148bb72ae7e2bda40febd5e2508825ad5b7936545e7bc29c2aa32652d746dd90bdfbca2efe509218e44a65b2584e1d2a38071869f509b21e7b4e6c5
- SSDEEP
  
  384:hWZ71xBX3RZjmDZBv0xAXZWYfW1xz4PJTVYOxR3V/WXR4:s72mEHnZUO
Score

6^/10

microsoft persistence phishing
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishing