d90f0a913f11c8594ebfd4dd2545a5e4476b702cb3fe1b7137f215feaebdedab | Triage

Sharing

General

Target

d90f0a913f11c8594ebfd4dd2545a5e4476b702cb3fe1b7137f215feaebdedab
Size

169KB
Sample

221004-e91zhacee3
MD5

4d156825e586c53438bc029c33ba38b0
SHA1

c7016b743b8f7ec91f4b50da914dbd4e5b262799
SHA256

d90f0a913f11c8594ebfd4dd2545a5e4476b702cb3fe1b7137f215feaebdedab
SHA512

c10fa9678d4966698756577b493a4d72809b14049d42902d26f162936e673e4b30b2bcfbcd57a4310f7dfab2c5f0219c4eb2edc3f6868928a81caef9ea15de4a
SSDEEP

3072:uwX8+bXIIpWxwNspeHXjYXPFoetZEWuKznT8Ny8UXCgQ:v8+bXIQcskNoeXMgnn7

Score

6^/10

microsoft persistence phishing

Malware Config

Targets

- Target
  
  d90f0a913f11c8594ebfd4dd2545a5e4476b702cb3fe1b7137f215feaebdedab
- Size
  
  169KB
- MD5
  
  4d156825e586c53438bc029c33ba38b0
- SHA1
  
  c7016b743b8f7ec91f4b50da914dbd4e5b262799
- SHA256
  
  d90f0a913f11c8594ebfd4dd2545a5e4476b702cb3fe1b7137f215feaebdedab
- SHA512
  
  c10fa9678d4966698756577b493a4d72809b14049d42902d26f162936e673e4b30b2bcfbcd57a4310f7dfab2c5f0219c4eb2edc3f6868928a81caef9ea15de4a
- SSDEEP
  
  3072:uwX8+bXIIpWxwNspeHXjYXPFoetZEWuKznT8Ny8UXCgQ:v8+bXIQcskNoeXMgnn7
Score

6^/10

microsoft persistence phishing
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishing