d033605f67f88ae63698704b6952598620cdc7804b660b934915c63b3a29fb6d | Triage

Sharing

General

Target

d033605f67f88ae63698704b6952598620cdc7804b660b934915c63b3a29fb6d
Size

172KB
Sample

221128-tqpjpagb57
MD5

50486822c6f8804a2bf0bc548fcfee37
SHA1

201b6d91609c1b4f0bc98679e2ae5bebe6005e82
SHA256

d033605f67f88ae63698704b6952598620cdc7804b660b934915c63b3a29fb6d
SHA512

b28d56c3ea6bc78eb07f60c25a54b0e5794bc9816af2446ebfd85e9c3dc9b351f7eb107478c688e55e68bb8de035703a909729c2037bfa6312d070e91cbb5746
SSDEEP

3072:FrMDaZX4XVj/DLcQdu18w3cCZyvxJePk3lSsKbn7zR0ex5OBZk:Fb4XyQI1RcCMviglCj3R0eP

Score

6^/10

microsoft persistence phishing

Malware Config

Targets

- Target
  
  d033605f67f88ae63698704b6952598620cdc7804b660b934915c63b3a29fb6d
- Size
  
  172KB
- MD5
  
  50486822c6f8804a2bf0bc548fcfee37
- SHA1
  
  201b6d91609c1b4f0bc98679e2ae5bebe6005e82
- SHA256
  
  d033605f67f88ae63698704b6952598620cdc7804b660b934915c63b3a29fb6d
- SHA512
  
  b28d56c3ea6bc78eb07f60c25a54b0e5794bc9816af2446ebfd85e9c3dc9b351f7eb107478c688e55e68bb8de035703a909729c2037bfa6312d070e91cbb5746
- SSDEEP
  
  3072:FrMDaZX4XVj/DLcQdu18w3cCZyvxJePk3lSsKbn7zR0ex5OBZk:Fb4XyQI1RcCMviglCj3R0eP
Score

6^/10

microsoft persistence phishing
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishing