9cb80589c5fbb93a3051bbfe5e6f1f490b898c6deb42de70db98d34c66e3ec06 | Triage

Sharing

General

Target

9cb80589c5fbb93a3051bbfe5e6f1f490b898c6deb42de70db98d34c66e3ec06
Size

60KB
Sample

221127-stsvvacb3z
MD5

6dc7a60f0aa0f4017003a6db225d2abb
SHA1

c133aec0a8e61e9a48a45a0f0e827e891de5c2e0
SHA256

9cb80589c5fbb93a3051bbfe5e6f1f490b898c6deb42de70db98d34c66e3ec06
SHA512

dc5439890814edc7c99380f63df8e996e7f1097f32ef65eb7c8c74896c237273547aff70e628e5447792ddfcf69075ff4493442aa7a7b35f2f726c58043cf2df
SSDEEP

1536:ry9Rr0HkX1xKQjuia5sHdH/zGJdwfIr3Z:Pk1xKKuiaqHdlfIrp

Score

6^/10

microsoft persistence phishing

Malware Config

Targets

- Target
  
  9cb80589c5fbb93a3051bbfe5e6f1f490b898c6deb42de70db98d34c66e3ec06
- Size
  
  60KB
- MD5
  
  6dc7a60f0aa0f4017003a6db225d2abb
- SHA1
  
  c133aec0a8e61e9a48a45a0f0e827e891de5c2e0
- SHA256
  
  9cb80589c5fbb93a3051bbfe5e6f1f490b898c6deb42de70db98d34c66e3ec06
- SHA512
  
  dc5439890814edc7c99380f63df8e996e7f1097f32ef65eb7c8c74896c237273547aff70e628e5447792ddfcf69075ff4493442aa7a7b35f2f726c58043cf2df
- SSDEEP
  
  1536:ry9Rr0HkX1xKQjuia5sHdH/zGJdwfIr3Z:Pk1xKKuiaqHdlfIrp
Score

6^/10

microsoft persistence phishing
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishing