a6beb8c05ba8cd12f2246740e386195c773d7b3ded23146bd2103ba67df5cad6 | Triage

Sharing

General

Target

a6beb8c05ba8cd12f2246740e386195c773d7b3ded23146bd2103ba67df5cad6
Size

54KB
Sample

221004-dmkhkaabek
MD5

27c33448c50d5ded300ace54d5257680
SHA1

bf3d1e54786f72ef3cdbfc517ca3d6b0e5ac0b16
SHA256

a6beb8c05ba8cd12f2246740e386195c773d7b3ded23146bd2103ba67df5cad6
SHA512

64dbf9c92755ac767562ecfa9eee89fcbc9827f650e762b009e4640fc8c8e8e5b517c9eee5ad6fc4c7de2102d6ba0402ba5a12602105f5bd427bea45c1dbf934
SSDEEP

768:2P2Bbv+VazyoD2zBTU//1mz8+M9GnLEu+2M1FRJS8mtvdnm0A0:dJv46yoD29TNz8+M9GLfEw8kv4k

Score

6^/10

microsoft persistence phishing

Malware Config

Targets

- Target
  
  a6beb8c05ba8cd12f2246740e386195c773d7b3ded23146bd2103ba67df5cad6
- Size
  
  54KB
- MD5
  
  27c33448c50d5ded300ace54d5257680
- SHA1
  
  bf3d1e54786f72ef3cdbfc517ca3d6b0e5ac0b16
- SHA256
  
  a6beb8c05ba8cd12f2246740e386195c773d7b3ded23146bd2103ba67df5cad6
- SHA512
  
  64dbf9c92755ac767562ecfa9eee89fcbc9827f650e762b009e4640fc8c8e8e5b517c9eee5ad6fc4c7de2102d6ba0402ba5a12602105f5bd427bea45c1dbf934
- SSDEEP
  
  768:2P2Bbv+VazyoD2zBTU//1mz8+M9GnLEu+2M1FRJS8mtvdnm0A0:dJv46yoD29TNz8+M9GLfEw8kv4k
Score

6^/10

microsoft persistence phishing
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishing