79be2b2a52eb4d781bbef48486696c5889b33d477f5e257c34a470fe3a156346 | Triage

Sharing

General

Target

79be2b2a52eb4d781bbef48486696c5889b33d477f5e257c34a470fe3a156346
Size

80KB
Sample

221126-c4117sae6s
MD5

8b795edbdfa0dbfdeb08fbd139939ef0
SHA1

0e14c82ef2c1b4a1c5b66411a5fe4bf5d44a880a
SHA256

79be2b2a52eb4d781bbef48486696c5889b33d477f5e257c34a470fe3a156346
SHA512

073b9768c6a13b12fadb7c900c305e2ffef486b75f9d1b78adf489ba64a2a6d58a46e99dfdfebc783d1d36a8a4ffd04ba4f47c2ed200bccd05fcaebaed76fd84
SSDEEP

1536:JI/F3n8jZoEe6eyA/6NiDGqFoeU3wWVHxKs/AI4KtuVLUSFN:JIBK2DGqNUTss/AtYuVLUEN

Score

6^/10

microsoft persistence phishing

Malware Config

Targets

- Target
  
  79be2b2a52eb4d781bbef48486696c5889b33d477f5e257c34a470fe3a156346
- Size
  
  80KB
- MD5
  
  8b795edbdfa0dbfdeb08fbd139939ef0
- SHA1
  
  0e14c82ef2c1b4a1c5b66411a5fe4bf5d44a880a
- SHA256
  
  79be2b2a52eb4d781bbef48486696c5889b33d477f5e257c34a470fe3a156346
- SHA512
  
  073b9768c6a13b12fadb7c900c305e2ffef486b75f9d1b78adf489ba64a2a6d58a46e99dfdfebc783d1d36a8a4ffd04ba4f47c2ed200bccd05fcaebaed76fd84
- SSDEEP
  
  1536:JI/F3n8jZoEe6eyA/6NiDGqFoeU3wWVHxKs/AI4KtuVLUSFN:JIBK2DGqNUTss/AtYuVLUEN
Score

6^/10

microsoft persistence phishing
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishing