4c745dc6b7dd140ab294d4c4952a63f6f7107bad8288eb58831874e6f63deb4d | Triage

Sharing

General

Target

4c745dc6b7dd140ab294d4c4952a63f6f7107bad8288eb58831874e6f63deb4d
Size

48KB
Sample

221121-jalsradb2y
MD5

29495ca0a611858c6d192ba2cee598a0
SHA1

49a2aac6fb9603fb6752be63ae19560ad168e857
SHA256

4c745dc6b7dd140ab294d4c4952a63f6f7107bad8288eb58831874e6f63deb4d
SHA512

f7655796934ee150e420b46d535268e9b7a8567512bb696ec7ac28a9e873e652b8e0548a264ab2f4dd689fae273763b845909a03f3786ce4844db3ef6a2e2781
SSDEEP

768:8mBAbngVqih5XQSl+FBYsJ4d5vm/ero9Kf945aIu5:8bnbaNMFBFc5To9Kfe5aI

Score

6^/10

microsoft persistence phishing

Malware Config

Targets

- Target
  
  4c745dc6b7dd140ab294d4c4952a63f6f7107bad8288eb58831874e6f63deb4d
- Size
  
  48KB
- MD5
  
  29495ca0a611858c6d192ba2cee598a0
- SHA1
  
  49a2aac6fb9603fb6752be63ae19560ad168e857
- SHA256
  
  4c745dc6b7dd140ab294d4c4952a63f6f7107bad8288eb58831874e6f63deb4d
- SHA512
  
  f7655796934ee150e420b46d535268e9b7a8567512bb696ec7ac28a9e873e652b8e0548a264ab2f4dd689fae273763b845909a03f3786ce4844db3ef6a2e2781
- SSDEEP
  
  768:8mBAbngVqih5XQSl+FBYsJ4d5vm/ero9Kf945aIu5:8bnbaNMFBFc5To9Kfe5aI
Score

6^/10

microsoft persistence phishing
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishing