231c528dd2d2213c92cacb16593a4a31a7a0f246e013465e9f9e8975f192f7de | Triage

Submit
Reports

Overview

overview

6

Static

static

5

231c528dd2...de.exe

windows7-x64

6

231c528dd2...de.exe

windows10-2004-x64

6

Sharing

General

Target

231c528dd2d2213c92cacb16593a4a31a7a0f246e013465e9f9e8975f192f7de
Size

965KB
Sample

221126-1n4zxsgb24
MD5

1e18c444e928321b6b7d90b23bc52d81
SHA1

64db2a5b20169f82a16879c4c17f3faa12ea99d9
SHA256

231c528dd2d2213c92cacb16593a4a31a7a0f246e013465e9f9e8975f192f7de
SHA512

259463793c1b4c6f2af705a0ad2c9294799e914b065cbd24b60e3df35d51b383d2341b6f236c24015301bd35a8fbed2f1b8a48e688079486a0a1ddd2497e3b7f
SSDEEP

12288:ltb20Qc3lT7af41ePBRYuQLKpqeUhbTv5OFgNuPPpHSgakT9/C1zBb6A:ltb20pkaCqT5TBWgNQ7aE9/yzBb6A

Score

6^/10

microsoft persistence phishing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

231c528dd2d2213c92cacb16593a4a31a7a0f246e013465e9f9e8975f192f7de.exe

Resource

win7-20220812-en

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

231c528dd2d2213c92cacb16593a4a31a7a0f246e013465e9f9e8975f192f7de.exe

Resource

win10v2004-20220812-en

microsoft persistence phishing

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  231c528dd2d2213c92cacb16593a4a31a7a0f246e013465e9f9e8975f192f7de
- Size
  
  965KB
- MD5
  
  1e18c444e928321b6b7d90b23bc52d81
- SHA1
  
  64db2a5b20169f82a16879c4c17f3faa12ea99d9
- SHA256
  
  231c528dd2d2213c92cacb16593a4a31a7a0f246e013465e9f9e8975f192f7de
- SHA512
  
  259463793c1b4c6f2af705a0ad2c9294799e914b065cbd24b60e3df35d51b383d2341b6f236c24015301bd35a8fbed2f1b8a48e688079486a0a1ddd2497e3b7f
- SSDEEP
  
  12288:ltb20Qc3lT7af41ePBRYuQLKpqeUhbTv5OFgNuPPpHSgakT9/C1zBb6A:ltb20pkaCqT5TBWgNQ7aE9/yzBb6A
Score

6^/10

persistence microsoft phishing
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishing

© 2018-2024

Terms | Privacy