766c0715880cc73293b414a5d6d35fb7ae0ce2eca38da5048ffa162b60aa9c9d | Triage

Sharing

General

Target

766c0715880cc73293b414a5d6d35fb7ae0ce2eca38da5048ffa162b60aa9c9d
Size

120KB
Sample

221130-endl3shg9w
MD5

3186a19f8e719bde98c2163a213f46c6
SHA1

4a486c07e3d950d6e36228b4e6a4e8d7ce5c289c
SHA256

766c0715880cc73293b414a5d6d35fb7ae0ce2eca38da5048ffa162b60aa9c9d
SHA512

5cbc343ddd1097df12d1e408f057bdd26091bb21077d89aaf2227a747b9aed1bee10d663711c39e0109fb712d8644af5d42dcfcce6fe794cfa2eada7673d9abd
SSDEEP

1536:5/r0lzPp5EQZ1BS4jgXWK6BFpu5wbEGF5/5fpxpuZUtLjzE7rQxNtQ/edNifSwK:ep55lx5fpmitLM7rQxNzd0fST

Score

6^/10

microsoft persistence phishing

Malware Config

Targets

- Target
  
  766c0715880cc73293b414a5d6d35fb7ae0ce2eca38da5048ffa162b60aa9c9d
- Size
  
  120KB
- MD5
  
  3186a19f8e719bde98c2163a213f46c6
- SHA1
  
  4a486c07e3d950d6e36228b4e6a4e8d7ce5c289c
- SHA256
  
  766c0715880cc73293b414a5d6d35fb7ae0ce2eca38da5048ffa162b60aa9c9d
- SHA512
  
  5cbc343ddd1097df12d1e408f057bdd26091bb21077d89aaf2227a747b9aed1bee10d663711c39e0109fb712d8644af5d42dcfcce6fe794cfa2eada7673d9abd
- SSDEEP
  
  1536:5/r0lzPp5EQZ1BS4jgXWK6BFpu5wbEGF5/5fpxpuZUtLjzE7rQxNtQ/edNifSwK:ep55lx5fpmitLM7rQxNzd0fST
Score

6^/10

microsoft persistence phishing
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishing