1859bd158d3b72097121866f709d574e649aa87a6b5c53095e8902b49f39951a | Triage

Sharing

General

Target

1859bd158d3b72097121866f709d574e649aa87a6b5c53095e8902b49f39951a
Size

148KB
Sample

221004-e189hscbbn
MD5

4846921ebf3bec81cb4bc6c13690f73d
SHA1

9d768d834e2780160db2e19fa9b87a5c776e776c
SHA256

1859bd158d3b72097121866f709d574e649aa87a6b5c53095e8902b49f39951a
SHA512

ce5b1eb8e5d0d37b93c7bc2a92545d2f23a4344285fa21b548b18eeecd79d876d293ebcb60e5e194dd17bd7a33e214c9cc7d186bbf82f42ae55e9f90ff7cc514
SSDEEP

3072:dBUHz2Df29SAyL2QwI/nFtMcN/7yQvsIkS/brhvz671UBw50Kvx:d6HyS9mLuitverBYZG7gKvx

Score

6^/10

microsoft persistence phishing

Malware Config

Targets

- Target
  
  1859bd158d3b72097121866f709d574e649aa87a6b5c53095e8902b49f39951a
- Size
  
  148KB
- MD5
  
  4846921ebf3bec81cb4bc6c13690f73d
- SHA1
  
  9d768d834e2780160db2e19fa9b87a5c776e776c
- SHA256
  
  1859bd158d3b72097121866f709d574e649aa87a6b5c53095e8902b49f39951a
- SHA512
  
  ce5b1eb8e5d0d37b93c7bc2a92545d2f23a4344285fa21b548b18eeecd79d876d293ebcb60e5e194dd17bd7a33e214c9cc7d186bbf82f42ae55e9f90ff7cc514
- SSDEEP
  
  3072:dBUHz2Df29SAyL2QwI/nFtMcN/7yQvsIkS/brhvz671UBw50Kvx:d6HyS9mLuitverBYZG7gKvx
Score

6^/10

microsoft persistence phishing
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishing