7887e60f290774bbae810ab003f17d10e93431ced630b80231eab1aed0d8d8b5 | Triage

Sharing

General

Target

7887e60f290774bbae810ab003f17d10e93431ced630b80231eab1aed0d8d8b5
Size

267KB
Sample

221126-c4brbaad9y
MD5

abf3a2e6371c638c2940ea387022df38
SHA1

a86278d192a9d43e4d7d42e9b78993c1792cda17
SHA256

7887e60f290774bbae810ab003f17d10e93431ced630b80231eab1aed0d8d8b5
SHA512

043b98ff0545e61802d7d816ed04c9e28b453eb8c8f1ae4034948bf594f160ad723293ff43844d5770046cca22fe1744c6832f0b7f79940b99ec5c7fa817d83f
SSDEEP

3072:k61dU6cPjx6dhCDstuBFTWpCjYNKzAdu4T29QzeP/oEUZvLrWTm5XPaZ9RnbUHIX:XBZES5/kAHIsrqhKshdBCqrNLMhW6k

Score

6^/10

microsoft persistence phishing

Malware Config

Targets

- Target
  
  7887e60f290774bbae810ab003f17d10e93431ced630b80231eab1aed0d8d8b5
- Size
  
  267KB
- MD5
  
  abf3a2e6371c638c2940ea387022df38
- SHA1
  
  a86278d192a9d43e4d7d42e9b78993c1792cda17
- SHA256
  
  7887e60f290774bbae810ab003f17d10e93431ced630b80231eab1aed0d8d8b5
- SHA512
  
  043b98ff0545e61802d7d816ed04c9e28b453eb8c8f1ae4034948bf594f160ad723293ff43844d5770046cca22fe1744c6832f0b7f79940b99ec5c7fa817d83f
- SSDEEP
  
  3072:k61dU6cPjx6dhCDstuBFTWpCjYNKzAdu4T29QzeP/oEUZvLrWTm5XPaZ9RnbUHIX:XBZES5/kAHIsrqhKshdBCqrNLMhW6k
Score

6^/10

microsoft persistence phishing
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishing