980a4c5fcf90fadef4d09f195a7e1aad611dd5efbb2fbff5273bd234321cbcde | Triage

Sharing

General

Target

980a4c5fcf90fadef4d09f195a7e1aad611dd5efbb2fbff5273bd234321cbcde
Size

790KB
Sample

221129-eh8j9sch49
MD5

2ef7792b210e25daf86ce4846a1ebeb3
SHA1

18a8205c446665f36e93fefad590ee73b54bd106
SHA256

980a4c5fcf90fadef4d09f195a7e1aad611dd5efbb2fbff5273bd234321cbcde
SHA512

0157a51c60c32ba83729bf0224a07c69c52833d3f944e8a77822de50e88133deaf0ee42a50175ff3fa84c45d27e9e318edd77d63ee2443eb929c1e26a78ae4f6
SSDEEP

12288:lf2Y7tNy+uFEfX5UnhWlZuaEaniusQTMt5PRa9fwE/DxAKZ+ft7VpW7mg03iQUXr:HtNh6gCLpW+TYkSUP7S

Score

6^/10

microsoft persistence phishing

Malware Config

Targets

- Target
  
  980a4c5fcf90fadef4d09f195a7e1aad611dd5efbb2fbff5273bd234321cbcde
- Size
  
  790KB
- MD5
  
  2ef7792b210e25daf86ce4846a1ebeb3
- SHA1
  
  18a8205c446665f36e93fefad590ee73b54bd106
- SHA256
  
  980a4c5fcf90fadef4d09f195a7e1aad611dd5efbb2fbff5273bd234321cbcde
- SHA512
  
  0157a51c60c32ba83729bf0224a07c69c52833d3f944e8a77822de50e88133deaf0ee42a50175ff3fa84c45d27e9e318edd77d63ee2443eb929c1e26a78ae4f6
- SSDEEP
  
  12288:lf2Y7tNy+uFEfX5UnhWlZuaEaniusQTMt5PRa9fwE/DxAKZ+ft7VpW7mg03iQUXr:HtNh6gCLpW+TYkSUP7S
Score

6^/10

microsoft persistence phishing
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishing