Overview

overview

6

Static

static

78f4f21126...29.exe

windows7-x64

5

78f4f21126...29.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    78f4f21126072e959bbe9876cee1bc17100703a62304954d01c2e16dd9956729

  • Size

    104KB

  • Sample

    221129-t8n1waff73

  • MD5

    262501d948eb900c269e4888d0d416f7

  • SHA1

    25f87d16ce571588a9171b0d0f6b6d80014c2cde

  • SHA256

    78f4f21126072e959bbe9876cee1bc17100703a62304954d01c2e16dd9956729

  • SHA512

    113b8599391080c544730a7ace3258dc5f7f9d9c0bdda9c110843e1fa0a97e8dfd9511827b3e638d3dd4e6204830a15874866864376914092657faf741b1efcb

  • SSDEEP

    1536:lP7LRKwGuF6Cp7/LPLrVcwZxFsEBv2cfRPexCCUy1FCs:Fo7CZ/bLTFsOvLRYgyfCs

Score
6/10
microsoftpersistencephishing

Malware Config

Targets

    • Target

      78f4f21126072e959bbe9876cee1bc17100703a62304954d01c2e16dd9956729

    • Size

      104KB

    • MD5

      262501d948eb900c269e4888d0d416f7

    • SHA1

      25f87d16ce571588a9171b0d0f6b6d80014c2cde

    • SHA256

      78f4f21126072e959bbe9876cee1bc17100703a62304954d01c2e16dd9956729

    • SHA512

      113b8599391080c544730a7ace3258dc5f7f9d9c0bdda9c110843e1fa0a97e8dfd9511827b3e638d3dd4e6204830a15874866864376914092657faf741b1efcb

    • SSDEEP

      1536:lP7LRKwGuF6Cp7/LPLrVcwZxFsEBv2cfRPexCCUy1FCs:Fo7CZ/bLTFsOvLRYgyfCs

    Score
    6/10
    microsoftpersistencephishing

    • Adds Run key to start application

      persistence

    • Detected potential entity reuse from brand microsoft.

      phishingmicrosoft

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

2
T1112

Credential Access

Discovery

System Information Discovery

2
T1082

Query Registry

1
T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks