2f073a03cc3547110c798d1502e919bc0538ac479d1649ce939d9b7884a93dc3 | Triage

Sharing

General

Target

2f073a03cc3547110c798d1502e919bc0538ac479d1649ce939d9b7884a93dc3
Size

45KB
Sample

221129-xax3nshe9v
MD5

257cd6941d918f437fed9130d74183b0
SHA1

db02e040b9763ae3b9de59b9b472402444adb7f6
SHA256

2f073a03cc3547110c798d1502e919bc0538ac479d1649ce939d9b7884a93dc3
SHA512

637107796901b92b31b6ddd24e9c59af0e181ab05a23c651a7d89d621960d6ef8fe2efb68a7afcafec006c5e8f0ee807611142440262ebd2d9c7f5df11e2a285
SSDEEP

768:vOmhX8+bCZ5S8Ee74rK9GTa2QL5c1m6HkjHf4qvtO1p/Ir1Hs7NU4oWHCCjPkasC:DGGb93sX66M7dHCCrk

Score

6^/10

microsoft persistence phishing

Malware Config

Targets

- Target
  
  2f073a03cc3547110c798d1502e919bc0538ac479d1649ce939d9b7884a93dc3
- Size
  
  45KB
- MD5
  
  257cd6941d918f437fed9130d74183b0
- SHA1
  
  db02e040b9763ae3b9de59b9b472402444adb7f6
- SHA256
  
  2f073a03cc3547110c798d1502e919bc0538ac479d1649ce939d9b7884a93dc3
- SHA512
  
  637107796901b92b31b6ddd24e9c59af0e181ab05a23c651a7d89d621960d6ef8fe2efb68a7afcafec006c5e8f0ee807611142440262ebd2d9c7f5df11e2a285
- SSDEEP
  
  768:vOmhX8+bCZ5S8Ee74rK9GTa2QL5c1m6HkjHf4qvtO1p/Ir1Hs7NU4oWHCCjPkasC:DGGb93sX66M7dHCCrk
Score

6^/10

microsoft persistence phishing
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishing