cb71899e8e819dad3ee7b2cffc01bcf9ef127d3a48c7a4b34afb7600bdbadea7 | Triage

Sharing

General

Target

cb71899e8e819dad3ee7b2cffc01bcf9ef127d3a48c7a4b34afb7600bdbadea7
Size

1.1MB
Sample

221003-vvvf6sgeb2
MD5

4246990a38dee2f7a52eb5fce2add740
SHA1

b60f6e992a44edd702597c52b3b94590c756206c
SHA256

cb71899e8e819dad3ee7b2cffc01bcf9ef127d3a48c7a4b34afb7600bdbadea7
SHA512

e99b32d66184b0853c4009a167994fced8b81749e0f060286019c61aaeda10dd45d56158037feff6633c42e5d2fa6547809217689340b4ee857d23f7d80bf744
SSDEEP

24576:FpxK03WqqZFqPimXPuxadXezUNVfaLm4AuVg:HxnwZE6mXPuxadXezN

Score

6^/10

microsoft persistence phishing

Malware Config

Targets

- Target
  
  cb71899e8e819dad3ee7b2cffc01bcf9ef127d3a48c7a4b34afb7600bdbadea7
- Size
  
  1.1MB
- MD5
  
  4246990a38dee2f7a52eb5fce2add740
- SHA1
  
  b60f6e992a44edd702597c52b3b94590c756206c
- SHA256
  
  cb71899e8e819dad3ee7b2cffc01bcf9ef127d3a48c7a4b34afb7600bdbadea7
- SHA512
  
  e99b32d66184b0853c4009a167994fced8b81749e0f060286019c61aaeda10dd45d56158037feff6633c42e5d2fa6547809217689340b4ee857d23f7d80bf744
- SSDEEP
  
  24576:FpxK03WqqZFqPimXPuxadXezUNVfaLm4AuVg:HxnwZE6mXPuxadXezN
Score

6^/10

microsoft persistence phishing
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishing