013250e9f2c5bd41ae133a9215a03336c7febb03f09748aa3b9498cfa0e0cee9 | Triage

Sharing

General

Target

013250e9f2c5bd41ae133a9215a03336c7febb03f09748aa3b9498cfa0e0cee9
Size

181KB
Sample

221127-bpq21sdd9z
MD5

815b3014243afce76085620a8a6541ca
SHA1

8a03e583d051287bd93a706e949725c9ddb728f2
SHA256

013250e9f2c5bd41ae133a9215a03336c7febb03f09748aa3b9498cfa0e0cee9
SHA512

2d48fdc99d07464aebccd554499289c43d2d62949bcab4f4d11562d9918767209d7dd15eba2753ede36b73a4b8fa4234df0cf600c3f6f83d1c8d7b7e7809a906
SSDEEP

3072:xeZK2uAFOLKCK9jc6/f5aFMNPdhMLBQ18QPsH7eGGE/ax:x6SPKpV/fAFMNAqONH7e3qU

Score

6^/10

microsoft persistence phishing

Malware Config

Targets

- Target
  
  013250e9f2c5bd41ae133a9215a03336c7febb03f09748aa3b9498cfa0e0cee9
- Size
  
  181KB
- MD5
  
  815b3014243afce76085620a8a6541ca
- SHA1
  
  8a03e583d051287bd93a706e949725c9ddb728f2
- SHA256
  
  013250e9f2c5bd41ae133a9215a03336c7febb03f09748aa3b9498cfa0e0cee9
- SHA512
  
  2d48fdc99d07464aebccd554499289c43d2d62949bcab4f4d11562d9918767209d7dd15eba2753ede36b73a4b8fa4234df0cf600c3f6f83d1c8d7b7e7809a906
- SSDEEP
  
  3072:xeZK2uAFOLKCK9jc6/f5aFMNPdhMLBQ18QPsH7eGGE/ax:x6SPKpV/fAFMNAqONH7e3qU
Score

6^/10

microsoft persistence phishing
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishing