Overview

overview

6

Static

static

70e398724d...e1.exe

windows7-x64

6

70e398724d...e1.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    70e398724dd582c31adb2bc107e47ea13dafa40917cf031d00e029f8444794e1

  • Size

    431KB

  • Sample

    221130-bt8smaad3s

  • MD5

    4ba2a6b084531f18618e9dcf0c0167a7

  • SHA1

    26034520747748d89c525ecb2b0ff8133a19524b

  • SHA256

    70e398724dd582c31adb2bc107e47ea13dafa40917cf031d00e029f8444794e1

  • SHA512

    1332b5e06cc0c3c5d6734a7c3dd8e138b168145ab1ac091e996d6cbd8174130a6aaa5d4ea7a460cbfe9afaf3d6af9001ec03615caf42586997937a476d5f9064

  • SSDEEP

    6144:BcotZ5JXEufZNOwQj2HgBAf/bflYBMiFWMF8P05V5rSdZS/bq:Bc+zJUuxNHQCHgu/bfniFnqPoVSQ/b

Score
6/10
microsoftpersistencephishing

Malware Config

Targets

    • Target

      70e398724dd582c31adb2bc107e47ea13dafa40917cf031d00e029f8444794e1

    • Size

      431KB

    • MD5

      4ba2a6b084531f18618e9dcf0c0167a7

    • SHA1

      26034520747748d89c525ecb2b0ff8133a19524b

    • SHA256

      70e398724dd582c31adb2bc107e47ea13dafa40917cf031d00e029f8444794e1

    • SHA512

      1332b5e06cc0c3c5d6734a7c3dd8e138b168145ab1ac091e996d6cbd8174130a6aaa5d4ea7a460cbfe9afaf3d6af9001ec03615caf42586997937a476d5f9064

    • SSDEEP

      6144:BcotZ5JXEufZNOwQj2HgBAf/bflYBMiFWMF8P05V5rSdZS/bq:Bc+zJUuxNHQCHgu/bfniFnqPoVSQ/b

    Score
    6/10
    persistencemicrosoftphishing

    • Adds Run key to start application

      persistence

    • Detected potential entity reuse from brand microsoft.

      phishingmicrosoft

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

2
T1112

Credential Access

Discovery

System Information Discovery

2
T1082

Query Registry

1
T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks