b114167cfcc6c5bf57b75d69def57b9afa6a50e222200e9a4fff53b220f0ed9f | Triage

Submit
Reports

Overview

overview

8

Static

static

8

b114167cfc...9f.exe

windows7-x64

8

b114167cfc...9f.exe

windows10-2004-x64

8

Sharing

General

Target

b114167cfcc6c5bf57b75d69def57b9afa6a50e222200e9a4fff53b220f0ed9f
Size

952KB
Sample

221127-dbn2lshc6y
MD5

b85d090ef51feabc04de1d9058262d94
SHA1

478f1cf250086261dfcf0ba89b4f3965e2559d15
SHA256

b114167cfcc6c5bf57b75d69def57b9afa6a50e222200e9a4fff53b220f0ed9f
SHA512

96d555b6199ec5c68418ac2e45063a80912f287e70a5ae61c46134d914f2004fd006499a824e223d7a1a6e4650b4c2b34a1328ff4fbcf8fc0bb7721cf769403d
SSDEEP

12288:oyELQDEI04EAihYHfX9c3pW0MIVABegEe:9ELQpYYc3pW0P6Be/

Score

8^/10

microsoft persistence phishing upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

b114167cfcc6c5bf57b75d69def57b9afa6a50e222200e9a4fff53b220f0ed9f.exe

Resource

win7-20221111-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

b114167cfcc6c5bf57b75d69def57b9afa6a50e222200e9a4fff53b220f0ed9f.exe

Resource

win10v2004-20220901-en

microsoft persistence phishing upx

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  b114167cfcc6c5bf57b75d69def57b9afa6a50e222200e9a4fff53b220f0ed9f
- Size
  
  952KB
- MD5
  
  b85d090ef51feabc04de1d9058262d94
- SHA1
  
  478f1cf250086261dfcf0ba89b4f3965e2559d15
- SHA256
  
  b114167cfcc6c5bf57b75d69def57b9afa6a50e222200e9a4fff53b220f0ed9f
- SHA512
  
  96d555b6199ec5c68418ac2e45063a80912f287e70a5ae61c46134d914f2004fd006499a824e223d7a1a6e4650b4c2b34a1328ff4fbcf8fc0bb7721cf769403d
- SSDEEP
  
  12288:oyELQDEI04EAihYHfX9c3pW0MIVABegEe:9ELQpYYc3pW0P6Be/
Score

8^/10

upx microsoft persistence phishing
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishingupx

© 2018-2024

Terms | Privacy