7b27b0847693f4b53ba839a8d98556b904d5e60727eac3974bf3032d014fe9e3 | Triage

Sharing

General

Target

7b27b0847693f4b53ba839a8d98556b904d5e60727eac3974bf3032d014fe9e3
Size

856KB
Sample

221003-yxhryadggk
MD5

40ef2fce43277317d941bab1a6293355
SHA1

10f647e9032fdb44c9538c0704ce0d6cabb33867
SHA256

7b27b0847693f4b53ba839a8d98556b904d5e60727eac3974bf3032d014fe9e3
SHA512

fb06b2df6fc9aee528defc06e04ddccfff63c96b6f78bfc20e50fe2677b59b8698ac5ac5dfa66bf1cb86bf53db5f1e02d0413b09396d649f46f53f0392c3c8c4
SSDEEP

6144:UJyFOLXADQh1O5mNPM0D2FEDEgXhYHXKSXL9N0bzDk5NRmnCO6vIrh9W4UbckJ4t:oyELQDEI04EAihYHfXLc3pW0MIVABeAM

Score

6^/10

microsoft persistence phishing

Malware Config

Targets

- Target
  
  7b27b0847693f4b53ba839a8d98556b904d5e60727eac3974bf3032d014fe9e3
- Size
  
  856KB
- MD5
  
  40ef2fce43277317d941bab1a6293355
- SHA1
  
  10f647e9032fdb44c9538c0704ce0d6cabb33867
- SHA256
  
  7b27b0847693f4b53ba839a8d98556b904d5e60727eac3974bf3032d014fe9e3
- SHA512
  
  fb06b2df6fc9aee528defc06e04ddccfff63c96b6f78bfc20e50fe2677b59b8698ac5ac5dfa66bf1cb86bf53db5f1e02d0413b09396d649f46f53f0392c3c8c4
- SSDEEP
  
  6144:UJyFOLXADQh1O5mNPM0D2FEDEgXhYHXKSXL9N0bzDk5NRmnCO6vIrh9W4UbckJ4t:oyELQDEI04EAihYHfXLc3pW0MIVABeAM
Score

6^/10

microsoft persistence phishing
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishing