25b4c28e591c75a14d024e25e311789774dd22e431b1c9ce54524c619aeb0ffa | Triage

Sharing

General

Target

25b4c28e591c75a14d024e25e311789774dd22e431b1c9ce54524c619aeb0ffa
Size

540KB
Sample

221121-l322jseb35
MD5

402a41803e3aa78fb0f5884a267180d0
SHA1

e6b4d0bd659bf4cf29ad0b65355b21004dd7738f
SHA256

25b4c28e591c75a14d024e25e311789774dd22e431b1c9ce54524c619aeb0ffa
SHA512

9cd921817d84c8e330d780bfb40ca793f321757a9016abb3afc7ea04d35719a96162193fbe1daf33599b0302e70e5775140eb07939def52b3449272f754d076e
SSDEEP

6144:5VTxmEZRQqsK0xGStCt9E6oY/wrvZRQqsK0xGStC69E6oY/wr8lo9U80eLQ9XmeB:5XrTQBNikKw7TQBNLkKwGd80MeyFe

Score

6^/10

microsoft persistence phishing

Malware Config

Targets

- Target
  
  25b4c28e591c75a14d024e25e311789774dd22e431b1c9ce54524c619aeb0ffa
- Size
  
  540KB
- MD5
  
  402a41803e3aa78fb0f5884a267180d0
- SHA1
  
  e6b4d0bd659bf4cf29ad0b65355b21004dd7738f
- SHA256
  
  25b4c28e591c75a14d024e25e311789774dd22e431b1c9ce54524c619aeb0ffa
- SHA512
  
  9cd921817d84c8e330d780bfb40ca793f321757a9016abb3afc7ea04d35719a96162193fbe1daf33599b0302e70e5775140eb07939def52b3449272f754d076e
- SSDEEP
  
  6144:5VTxmEZRQqsK0xGStCt9E6oY/wrvZRQqsK0xGStC69E6oY/wr8lo9U80eLQ9XmeB:5XrTQBNikKw7TQBNLkKwGd80MeyFe
Score

6^/10

microsoft persistence phishing
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishing