8dea051a17291a78ed12c5724653c6ea38ba958054e4a77c6aba5c0e9f2d6b22 | Triage

Sharing

General

Target

8dea051a17291a78ed12c5724653c6ea38ba958054e4a77c6aba5c0e9f2d6b22
Size

248KB
Sample

221123-xqwjsaag2v
MD5

154b033125819fc2a997cecb968f9b2b
SHA1

9bd4eb62deb8d692278636669e2d7546219d89b0
SHA256

8dea051a17291a78ed12c5724653c6ea38ba958054e4a77c6aba5c0e9f2d6b22
SHA512

47e8b1d8f2ae24bd64346dc40fdfeb88a048d24dd921eb8343d1787fe9ad1ae937cc61f499122b8cc6f7cbc6ea3bfaa73629ebd40f8e52ea55b66b92f1c5708a
SSDEEP

6144:46UD6PU1D8rzsIvrySGaRPu+ySOmioLDCY0yGsdekxVgbioo:4PsU1D8rzsIvrySGaRPuaioiYvGsd0io

Score

6^/10

microsoft persistence phishing

Malware Config

Targets

- Target
  
  8dea051a17291a78ed12c5724653c6ea38ba958054e4a77c6aba5c0e9f2d6b22
- Size
  
  248KB
- MD5
  
  154b033125819fc2a997cecb968f9b2b
- SHA1
  
  9bd4eb62deb8d692278636669e2d7546219d89b0
- SHA256
  
  8dea051a17291a78ed12c5724653c6ea38ba958054e4a77c6aba5c0e9f2d6b22
- SHA512
  
  47e8b1d8f2ae24bd64346dc40fdfeb88a048d24dd921eb8343d1787fe9ad1ae937cc61f499122b8cc6f7cbc6ea3bfaa73629ebd40f8e52ea55b66b92f1c5708a
- SSDEEP
  
  6144:46UD6PU1D8rzsIvrySGaRPu+ySOmioLDCY0yGsdekxVgbioo:4PsU1D8rzsIvrySGaRPuaioiYvGsd0io
Score

6^/10

microsoft persistence phishing
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishing