72239bda6fba5427731c134e7a821b0b37b8897112eeb75d6a5228c957b52773 | Triage

Sharing

General

Target

72239bda6fba5427731c134e7a821b0b37b8897112eeb75d6a5228c957b52773
Size

60KB
Sample

221121-k37rcsce84
MD5

168af7e873f93ae68ac49307c32b1110
SHA1

13df802fd7893670a63bc5d70d91cf5e1c095a4a
SHA256

72239bda6fba5427731c134e7a821b0b37b8897112eeb75d6a5228c957b52773
SHA512

ddb825355a4383481c31ae102a4031685a7bc56ed6db38a6eaec308c672c0fe1d0df1e181646219b76a331d31be34b4e86d0d27f635a7695ac267a5716833ac9
SSDEEP

1536:TKotzMHlEOvdGLJbI7jezy2FhNUKjZJLs8j9:TKoZMHaOvdAJU7jX2FfUSq8

Score

6^/10

microsoft persistence phishing

Malware Config

Targets

- Target
  
  72239bda6fba5427731c134e7a821b0b37b8897112eeb75d6a5228c957b52773
- Size
  
  60KB
- MD5
  
  168af7e873f93ae68ac49307c32b1110
- SHA1
  
  13df802fd7893670a63bc5d70d91cf5e1c095a4a
- SHA256
  
  72239bda6fba5427731c134e7a821b0b37b8897112eeb75d6a5228c957b52773
- SHA512
  
  ddb825355a4383481c31ae102a4031685a7bc56ed6db38a6eaec308c672c0fe1d0df1e181646219b76a331d31be34b4e86d0d27f635a7695ac267a5716833ac9
- SSDEEP
  
  1536:TKotzMHlEOvdGLJbI7jezy2FhNUKjZJLs8j9:TKoZMHaOvdAJU7jX2FfUSq8
Score

6^/10

microsoft persistence phishing
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishing