c31201d58c125afdfabea3e0a17f937c1116e867bfa879b93f3f7957be463a23 | Triage

Sharing

General

Target

c31201d58c125afdfabea3e0a17f937c1116e867bfa879b93f3f7957be463a23
Size

40KB
Sample

221129-2sg7dshh81
MD5

08e9b0c3cc3406bfe975af62366d1d93
SHA1

4ed5026c02690515819d426f72bac8bdc3374679
SHA256

c31201d58c125afdfabea3e0a17f937c1116e867bfa879b93f3f7957be463a23
SHA512

ff16fa25983b53db5d74fa9a436a9e1108a4a8f8d15f2ab3fef0da05c9ec15538b5e043333a1e9ff6ba12dbb87c911f92a8d0a84b23338d322839046f8f852ac
SSDEEP

384:zQGRsbej2OuJdaOoDgsbMgoX84eywEpmFX9ldE1J9k4jbnjRXyhsiP:NFjpOegsb8X84vfSXqr5zjRChP

Score

6^/10

microsoft persistence phishing

Malware Config

Targets

- Target
  
  c31201d58c125afdfabea3e0a17f937c1116e867bfa879b93f3f7957be463a23
- Size
  
  40KB
- MD5
  
  08e9b0c3cc3406bfe975af62366d1d93
- SHA1
  
  4ed5026c02690515819d426f72bac8bdc3374679
- SHA256
  
  c31201d58c125afdfabea3e0a17f937c1116e867bfa879b93f3f7957be463a23
- SHA512
  
  ff16fa25983b53db5d74fa9a436a9e1108a4a8f8d15f2ab3fef0da05c9ec15538b5e043333a1e9ff6ba12dbb87c911f92a8d0a84b23338d322839046f8f852ac
- SSDEEP
  
  384:zQGRsbej2OuJdaOoDgsbMgoX84eywEpmFX9ldE1J9k4jbnjRXyhsiP:NFjpOegsb8X84vfSXqr5zjRChP
Score

6^/10

microsoft persistence phishing
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishing