64c7cb46fa78a80ede6d9978e53ecc9a8ec48c45143749eb537c0585a470388b | Triage

Sharing

General

Target

64c7cb46fa78a80ede6d9978e53ecc9a8ec48c45143749eb537c0585a470388b
Size

152KB
Sample

221129-tpn7jagh7y
MD5

252bdb6bd6e4842d3c12b5d71a6aefc9
SHA1

822a8bcbab02c43418739de24d9993233d40c9e3
SHA256

64c7cb46fa78a80ede6d9978e53ecc9a8ec48c45143749eb537c0585a470388b
SHA512

d783daff628a4b2e33764841f7896d44cd4296d85a65a1e7366d933868c7d57adbddf276a47dc1e7f0702858f6ee3cf54f9480e6fcccf1860ae2a515435626d9
SSDEEP

1536:XicsbRHonlDhBBLMHlzSBYGXJ4lKLBcEpC8o3RDrG8vy7l5uF+590hrGoTghAe/A:XfsVIllB9MFzSBV4lwFM3lGEguUeS0sA

Score

6^/10

microsoft persistence phishing

Malware Config

Targets

- Target
  
  64c7cb46fa78a80ede6d9978e53ecc9a8ec48c45143749eb537c0585a470388b
- Size
  
  152KB
- MD5
  
  252bdb6bd6e4842d3c12b5d71a6aefc9
- SHA1
  
  822a8bcbab02c43418739de24d9993233d40c9e3
- SHA256
  
  64c7cb46fa78a80ede6d9978e53ecc9a8ec48c45143749eb537c0585a470388b
- SHA512
  
  d783daff628a4b2e33764841f7896d44cd4296d85a65a1e7366d933868c7d57adbddf276a47dc1e7f0702858f6ee3cf54f9480e6fcccf1860ae2a515435626d9
- SSDEEP
  
  1536:XicsbRHonlDhBBLMHlzSBYGXJ4lKLBcEpC8o3RDrG8vy7l5uF+590hrGoTghAe/A:XfsVIllB9MFzSBV4lwFM3lGEguUeS0sA
Score

6^/10

microsoft persistence phishing
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishing