c789917d81c512721b9805834cace72408df2f2058895e356083e43a699c809d | Triage

Sharing

General

Target

c789917d81c512721b9805834cace72408df2f2058895e356083e43a699c809d
Size

42KB
Sample

221003-s7gdzaddd2
MD5

549bd75235d9f2f9ac9f95cc33d79e40
SHA1

22f51cae435ebb97f92ee9f22a9f3f170b48caa6
SHA256

c789917d81c512721b9805834cace72408df2f2058895e356083e43a699c809d
SHA512

83d518bb92f5efb03ae51d0308159acdfa2003dccfac99c1a3002680753f2205e23447e64365c7f547d8482afc6c2791d20d2a80c12cbd1eef5074ba476e7291
SSDEEP

768:AknYgtFvqTOYq8ow+F0gJZzA+gNVM2oqfatHFAP1K4S:AkoxNoT5A+n2dCtl2nS

Score

6^/10

microsoft persistence phishing

Malware Config

Targets

- Target
  
  c789917d81c512721b9805834cace72408df2f2058895e356083e43a699c809d
- Size
  
  42KB
- MD5
  
  549bd75235d9f2f9ac9f95cc33d79e40
- SHA1
  
  22f51cae435ebb97f92ee9f22a9f3f170b48caa6
- SHA256
  
  c789917d81c512721b9805834cace72408df2f2058895e356083e43a699c809d
- SHA512
  
  83d518bb92f5efb03ae51d0308159acdfa2003dccfac99c1a3002680753f2205e23447e64365c7f547d8482afc6c2791d20d2a80c12cbd1eef5074ba476e7291
- SSDEEP
  
  768:AknYgtFvqTOYq8ow+F0gJZzA+gNVM2oqfatHFAP1K4S:AkoxNoT5A+n2dCtl2nS
Score

6^/10

microsoft persistence phishing
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishing