920c9bc7e54b4118943a942288d63388ea8e2d77d5de5673156a04cbdf49aae2 | Triage

Sharing

General

Target

920c9bc7e54b4118943a942288d63388ea8e2d77d5de5673156a04cbdf49aae2
Size

209KB
Sample

221003-v3l5rsghdm
MD5

02ec8ec1f5e97610ce62971f341d2450
SHA1

7eacf1422b184716b6877cf7b48563c8daf92411
SHA256

920c9bc7e54b4118943a942288d63388ea8e2d77d5de5673156a04cbdf49aae2
SHA512

4c649da19f595c629da5ffd0970526979ad3c8c2005a8a0ec6fe40ddce2d8f7794690f7da6aef4d40f385cc73cc380fbaab0479c20ad1b76fa88f48f649430d9
SSDEEP

6144:BaxFOvfhde7YK3pBZ8OfTSFzWg4LAoPdgN:Cqep/v/LAS6

Score

6^/10

microsoft persistence phishing

Malware Config

Targets

- Target
  
  920c9bc7e54b4118943a942288d63388ea8e2d77d5de5673156a04cbdf49aae2
- Size
  
  209KB
- MD5
  
  02ec8ec1f5e97610ce62971f341d2450
- SHA1
  
  7eacf1422b184716b6877cf7b48563c8daf92411
- SHA256
  
  920c9bc7e54b4118943a942288d63388ea8e2d77d5de5673156a04cbdf49aae2
- SHA512
  
  4c649da19f595c629da5ffd0970526979ad3c8c2005a8a0ec6fe40ddce2d8f7794690f7da6aef4d40f385cc73cc380fbaab0479c20ad1b76fa88f48f649430d9
- SSDEEP
  
  6144:BaxFOvfhde7YK3pBZ8OfTSFzWg4LAoPdgN:Cqep/v/LAS6
Score

6^/10

microsoft persistence phishing
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishing