e2500c7512dcc0aaf72ebf9cb510ceaa480ccf9b705d331bead5ae88f9ab3265 | Triage

Sharing

General

Target

e2500c7512dcc0aaf72ebf9cb510ceaa480ccf9b705d331bead5ae88f9ab3265
Size

100KB
Sample

221124-ey5hjsgg93
MD5

dc4e91ee2856f14c9c9120c6196ed684
SHA1

3b3f6560d18f7aa628a97b31537354008783f2da
SHA256

e2500c7512dcc0aaf72ebf9cb510ceaa480ccf9b705d331bead5ae88f9ab3265
SHA512

f186584cec86bfb46f1d901f1efca8c7f0c1cda9ca277ce2969191210afd3cf26aa299b2b7ea15938cc0f8b798a3af80dd6e960c29934d0427b31b6f00ddec70
SSDEEP

3072:bV/bQmtuADFeIHaVNgdMg35h2NNSCilU1rxIr+:OaFeMaV9ddwIrxIr

Score

6^/10

microsoft persistence phishing

Malware Config

Targets

- Target
  
  e2500c7512dcc0aaf72ebf9cb510ceaa480ccf9b705d331bead5ae88f9ab3265
- Size
  
  100KB
- MD5
  
  dc4e91ee2856f14c9c9120c6196ed684
- SHA1
  
  3b3f6560d18f7aa628a97b31537354008783f2da
- SHA256
  
  e2500c7512dcc0aaf72ebf9cb510ceaa480ccf9b705d331bead5ae88f9ab3265
- SHA512
  
  f186584cec86bfb46f1d901f1efca8c7f0c1cda9ca277ce2969191210afd3cf26aa299b2b7ea15938cc0f8b798a3af80dd6e960c29934d0427b31b6f00ddec70
- SSDEEP
  
  3072:bV/bQmtuADFeIHaVNgdMg35h2NNSCilU1rxIr+:OaFeMaV9ddwIrxIr
Score

6^/10

microsoft persistence phishing
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishing