ccace411efb58b204e9b60392559d2f551c70dff8fe8253a0a9c6c2165815e30 | Triage

Sharing

General

Target

ccace411efb58b204e9b60392559d2f551c70dff8fe8253a0a9c6c2165815e30
Size

1.5MB
Sample

221121-n6djgahd26
MD5

2800c5b787aacf22a92daf9cb3901920
SHA1

21452b847035cc281812f26954ad362c76343763
SHA256

ccace411efb58b204e9b60392559d2f551c70dff8fe8253a0a9c6c2165815e30
SHA512

59cd73756b45e4d3c2c5f2a636a7b032392dbfec6ae18bb6c51c869fe9c110f17a119325da1cbb7859f03c7b49cc62857f8f334a129d064e293c94ae9dc07298
SSDEEP

3072:zZ+DFi3UYufoxeAuSAyxECWeIIBRAuSDADeak7dJHB/Ax:kFi3UYufoxxuSAy2eIIBRJSsQLH5Ax

Score

6^/10

microsoft persistence phishing

Malware Config

Targets

- Target
  
  ccace411efb58b204e9b60392559d2f551c70dff8fe8253a0a9c6c2165815e30
- Size
  
  1.5MB
- MD5
  
  2800c5b787aacf22a92daf9cb3901920
- SHA1
  
  21452b847035cc281812f26954ad362c76343763
- SHA256
  
  ccace411efb58b204e9b60392559d2f551c70dff8fe8253a0a9c6c2165815e30
- SHA512
  
  59cd73756b45e4d3c2c5f2a636a7b032392dbfec6ae18bb6c51c869fe9c110f17a119325da1cbb7859f03c7b49cc62857f8f334a129d064e293c94ae9dc07298
- SSDEEP
  
  3072:zZ+DFi3UYufoxeAuSAyxECWeIIBRAuSDADeak7dJHB/Ax:kFi3UYufoxxuSAy2eIIBRJSsQLH5Ax
Score

6^/10

microsoft persistence phishing
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishing