7ece138a48c4d0b668e3d618f655371b4fd786204965fda05b9178036409b103 | Triage

Sharing

General

Target

7ece138a48c4d0b668e3d618f655371b4fd786204965fda05b9178036409b103
Size

198KB
Sample

221003-xa1hssbbdm
MD5

366256c8333c74c6ed3f59239bc20f60
SHA1

75e6ae4e7677a61b9db9213f785b7d22b7e2c258
SHA256

7ece138a48c4d0b668e3d618f655371b4fd786204965fda05b9178036409b103
SHA512

c4c1a8501f87138cab2a806ae222dc4e9fde3ebd7824581cafa37692cfb1a33ccf0167a70f8fec990475c59702321dd293cec8ae501dfd893ba1815aaa0f8ad0
SSDEEP

3072:VK6LU4+ugDnPB1t9VupGg/9MxpgvsoipeRUR5IrCYNsG5d3drafA45Ym5v:VbLv+ugDPBj9VOGK9R1M5o1tra4jm

Score

6^/10

microsoft persistence phishing

Malware Config

Targets

- Target
  
  7ece138a48c4d0b668e3d618f655371b4fd786204965fda05b9178036409b103
- Size
  
  198KB
- MD5
  
  366256c8333c74c6ed3f59239bc20f60
- SHA1
  
  75e6ae4e7677a61b9db9213f785b7d22b7e2c258
- SHA256
  
  7ece138a48c4d0b668e3d618f655371b4fd786204965fda05b9178036409b103
- SHA512
  
  c4c1a8501f87138cab2a806ae222dc4e9fde3ebd7824581cafa37692cfb1a33ccf0167a70f8fec990475c59702321dd293cec8ae501dfd893ba1815aaa0f8ad0
- SSDEEP
  
  3072:VK6LU4+ugDnPB1t9VupGg/9MxpgvsoipeRUR5IrCYNsG5d3drafA45Ym5v:VbLv+ugDPBj9VOGK9R1M5o1tra4jm
Score

6^/10

microsoft persistence phishing
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishing