a525c58de1f688bf7728bf5634ece31e6badd88e72b70610a19111707e53550c | Triage

Submit
Reports

Overview

overview

6

Static

static

a525c58de1...0c.exe

windows7-x64

3

a525c58de1...0c.exe

windows10-2004-x64

6

Sharing

General

Target

a525c58de1f688bf7728bf5634ece31e6badd88e72b70610a19111707e53550c
Size

3KB
Sample

221130-fr6mpsda6z
MD5

112f6d2da3baf954c3d67bd3cbec4f70
SHA1

84ac4289b705fd03feb526bb13a5f370081f661a
SHA256

a525c58de1f688bf7728bf5634ece31e6badd88e72b70610a19111707e53550c
SHA512

116c421e8c2bde77b7079d114df4a9927d190aee0e8095584a107e57c0ca6b562344e9093bc7c2db2c6fbcbd4b8829cf3327ea95b59ac5b9c68759405084bd15

Score

6^/10

microsoft persistence phishing

Static task

static1

Behavioral task

behavioral1

Sample

a525c58de1f688bf7728bf5634ece31e6badd88e72b70610a19111707e53550c.exe

Resource

win7-20220812-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

a525c58de1f688bf7728bf5634ece31e6badd88e72b70610a19111707e53550c.exe

Resource

win10v2004-20220901-en

microsoft persistence phishing

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  a525c58de1f688bf7728bf5634ece31e6badd88e72b70610a19111707e53550c
- Size
  
  3KB
- MD5
  
  112f6d2da3baf954c3d67bd3cbec4f70
- SHA1
  
  84ac4289b705fd03feb526bb13a5f370081f661a
- SHA256
  
  a525c58de1f688bf7728bf5634ece31e6badd88e72b70610a19111707e53550c
- SHA512
  
  116c421e8c2bde77b7079d114df4a9927d190aee0e8095584a107e57c0ca6b562344e9093bc7c2db2c6fbcbd4b8829cf3327ea95b59ac5b9c68759405084bd15
Score

6^/10

microsoft persistence phishing
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishing

© 2018-2024

Terms | Privacy