9c73223bf563adad6c8c60ceaf8b64163f9ee40f6b7ea8b3a538eb7aedafd737 | Triage

Sharing

General

Target

9c73223bf563adad6c8c60ceaf8b64163f9ee40f6b7ea8b3a538eb7aedafd737
Size

56KB
Sample

221129-xxz6jsgf49
MD5

297e613a1ad7d7fe63bd6c0068374d1f
SHA1

bb58f6fd50f70b92df9dea6847e405c2150aa437
SHA256

9c73223bf563adad6c8c60ceaf8b64163f9ee40f6b7ea8b3a538eb7aedafd737
SHA512

613cd803583eae0e8237aae3872bc33721fea839c34d71f32dfb80d418e166c9be7a43c0c98d631082f27c69228d824e9364e7ba87c8e1f54a11f438e75b5e13
SSDEEP

768:UNcI6utFCxocBgRu3xaaz0/n+9yvmRyHd6vFqf49:UNcI6utFCxoRuoagG9yvm2d6vFa6

Score

6^/10

microsoft persistence phishing

Malware Config

Targets

- Target
  
  9c73223bf563adad6c8c60ceaf8b64163f9ee40f6b7ea8b3a538eb7aedafd737
- Size
  
  56KB
- MD5
  
  297e613a1ad7d7fe63bd6c0068374d1f
- SHA1
  
  bb58f6fd50f70b92df9dea6847e405c2150aa437
- SHA256
  
  9c73223bf563adad6c8c60ceaf8b64163f9ee40f6b7ea8b3a538eb7aedafd737
- SHA512
  
  613cd803583eae0e8237aae3872bc33721fea839c34d71f32dfb80d418e166c9be7a43c0c98d631082f27c69228d824e9364e7ba87c8e1f54a11f438e75b5e13
- SSDEEP
  
  768:UNcI6utFCxocBgRu3xaaz0/n+9yvmRyHd6vFqf49:UNcI6utFCxoRuoagG9yvm2d6vFa6
Score

6^/10

microsoft persistence phishing
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishing