8bc594b4627a591445fab10f05d09e8d4fec4a99ceca55c27dd6945462a34c7f | Triage

Sharing

General

Target

8bc594b4627a591445fab10f05d09e8d4fec4a99ceca55c27dd6945462a34c7f
Size

30KB
Sample

221120-l9akwacd5w
MD5

1c05900513bb1a0bb7f25b7a49a7cd80
SHA1

b7aec49233bd4271fd3395daefa29507b16a5039
SHA256

8bc594b4627a591445fab10f05d09e8d4fec4a99ceca55c27dd6945462a34c7f
SHA512

b4831618367756df780ccb060cfbe1e17528a53edd2e5e3bf14617cbc2ef057c8e41246a9230e6b0e971bf69ce4e66e85282723cdee2b094b9299830d716a52b
SSDEEP

384:RoHUrot3b5tbqMHLueg6ihJSxUCR1rgCPKabK2t0X5P7DZ+LMX4xWBZWIAZQ0xgr:RMmot32MHTFRJ+XJNAZrxoaEeNFkB

Score

6^/10

microsoft persistence phishing

Malware Config

Targets

- Target
  
  8bc594b4627a591445fab10f05d09e8d4fec4a99ceca55c27dd6945462a34c7f
- Size
  
  30KB
- MD5
  
  1c05900513bb1a0bb7f25b7a49a7cd80
- SHA1
  
  b7aec49233bd4271fd3395daefa29507b16a5039
- SHA256
  
  8bc594b4627a591445fab10f05d09e8d4fec4a99ceca55c27dd6945462a34c7f
- SHA512
  
  b4831618367756df780ccb060cfbe1e17528a53edd2e5e3bf14617cbc2ef057c8e41246a9230e6b0e971bf69ce4e66e85282723cdee2b094b9299830d716a52b
- SSDEEP
  
  384:RoHUrot3b5tbqMHLueg6ihJSxUCR1rgCPKabK2t0X5P7DZ+LMX4xWBZWIAZQ0xgr:RMmot32MHTFRJ+XJNAZrxoaEeNFkB
Score

6^/10

microsoft persistence phishing
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishing