4847bd33b9e09ddf739d5dcf92ec2fa711df257794ec312c7fec5f159e9807d1 | Triage

Sharing

General

Target

4847bd33b9e09ddf739d5dcf92ec2fa711df257794ec312c7fec5f159e9807d1
Size

718KB
Sample

221126-2vs2nseg3s
MD5

d7c4b09634b20262a72113918a833c23
SHA1

e2c402fc13065407fa4b378e09f1d66e47ecc70f
SHA256

4847bd33b9e09ddf739d5dcf92ec2fa711df257794ec312c7fec5f159e9807d1
SHA512

388e564bd9ae2ed404ee845428aff9a27663010bcd2727e857e5312eb93ec51ddb092af634912d649289b50eb3e5554ee9a35c175152f875f20c29b007ef409e
SSDEEP

12288:OPOAkxuwAGhN0nNlwDDn9VCYl9o+XjXCBF8RbTA:wOd8wAGioxVC89osyIZTA

Score

6^/10

microsoft persistence phishing

Malware Config

Targets

- Target
  
  4847bd33b9e09ddf739d5dcf92ec2fa711df257794ec312c7fec5f159e9807d1
- Size
  
  718KB
- MD5
  
  d7c4b09634b20262a72113918a833c23
- SHA1
  
  e2c402fc13065407fa4b378e09f1d66e47ecc70f
- SHA256
  
  4847bd33b9e09ddf739d5dcf92ec2fa711df257794ec312c7fec5f159e9807d1
- SHA512
  
  388e564bd9ae2ed404ee845428aff9a27663010bcd2727e857e5312eb93ec51ddb092af634912d649289b50eb3e5554ee9a35c175152f875f20c29b007ef409e
- SSDEEP
  
  12288:OPOAkxuwAGhN0nNlwDDn9VCYl9o+XjXCBF8RbTA:wOd8wAGioxVC89osyIZTA
Score

6^/10

microsoft persistence phishing
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishing