84799114d3e2d4b2f9ad903c4cc3ff42a9908c60200575f8d2b357ca0facffa8 | Triage

Sharing

General

Target

84799114d3e2d4b2f9ad903c4cc3ff42a9908c60200575f8d2b357ca0facffa8
Size

68KB
Sample

221121-n78e8shd86
MD5

3b2cebb4bd1d2eb8b7dba94c85d9ed70
SHA1

476b327d0cfa3e8577c726027eed7cc5a776253f
SHA256

84799114d3e2d4b2f9ad903c4cc3ff42a9908c60200575f8d2b357ca0facffa8
SHA512

1f110cc927f4e7cc33284623717e532dc81c5d3de9dcafb33543e26b4a44f8f0a20a7d107d492922f91ae490efeda1641f906a2a2e3e6325e934b0dd0524d336
SSDEEP

1536:tFtYqrfZeXKvcLB7SY+A37feaCMJDmYsLIb4PvYqHB/AdGub:/fYlB7SDADeak7dJHB/AdGub

Score

6^/10

microsoft persistence phishing

Malware Config

Targets

- Target
  
  84799114d3e2d4b2f9ad903c4cc3ff42a9908c60200575f8d2b357ca0facffa8
- Size
  
  68KB
- MD5
  
  3b2cebb4bd1d2eb8b7dba94c85d9ed70
- SHA1
  
  476b327d0cfa3e8577c726027eed7cc5a776253f
- SHA256
  
  84799114d3e2d4b2f9ad903c4cc3ff42a9908c60200575f8d2b357ca0facffa8
- SHA512
  
  1f110cc927f4e7cc33284623717e532dc81c5d3de9dcafb33543e26b4a44f8f0a20a7d107d492922f91ae490efeda1641f906a2a2e3e6325e934b0dd0524d336
- SSDEEP
  
  1536:tFtYqrfZeXKvcLB7SY+A37feaCMJDmYsLIb4PvYqHB/AdGub:/fYlB7SDADeak7dJHB/AdGub
Score

6^/10

microsoft persistence phishing
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishing