7e6fe50fa5ebd2c2756daa1c43b81f553344fddd841e604d2392f74dfb550153 | Triage

Submit
Reports

Overview

overview

6

Static

static

7e6fe50fa5...53.exe

windows7-x64

5

7e6fe50fa5...53.exe

windows10-2004-x64

6

Sharing

General

Target

7e6fe50fa5ebd2c2756daa1c43b81f553344fddd841e604d2392f74dfb550153
Size

50KB
Sample

221130-j9sqcach64
MD5

3c25768310a2e6d8c98c4bb7da444ced
SHA1

fd87ffb3fc6a5bab35afbff5afcc38bc173366e0
SHA256

7e6fe50fa5ebd2c2756daa1c43b81f553344fddd841e604d2392f74dfb550153
SHA512

a8f1b7e80e10fff634de1e4ecb3ac7ac0b422bf08a89328f77b28c5d8e720865a6ae772491ee8b4f507d60307ec548727612e9539c06d4d8e9bffb913d50123a
SSDEEP

768:6uwihNqM9h/MdC/pqzRXWmpFtgjrUW+XyiNULxYJo:NqM9h/MdTppFy3UW1iNUqo

Score

6^/10

microsoft persistence phishing

Static task

static1

Behavioral task

behavioral1

Sample

7e6fe50fa5ebd2c2756daa1c43b81f553344fddd841e604d2392f74dfb550153.exe

Resource

win7-20221111-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

7e6fe50fa5ebd2c2756daa1c43b81f553344fddd841e604d2392f74dfb550153.exe

Resource

win10v2004-20220812-en

microsoft persistence phishing

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  7e6fe50fa5ebd2c2756daa1c43b81f553344fddd841e604d2392f74dfb550153
- Size
  
  50KB
- MD5
  
  3c25768310a2e6d8c98c4bb7da444ced
- SHA1
  
  fd87ffb3fc6a5bab35afbff5afcc38bc173366e0
- SHA256
  
  7e6fe50fa5ebd2c2756daa1c43b81f553344fddd841e604d2392f74dfb550153
- SHA512
  
  a8f1b7e80e10fff634de1e4ecb3ac7ac0b422bf08a89328f77b28c5d8e720865a6ae772491ee8b4f507d60307ec548727612e9539c06d4d8e9bffb913d50123a
- SSDEEP
  
  768:6uwihNqM9h/MdC/pqzRXWmpFtgjrUW+XyiNULxYJo:NqM9h/MdTppFy3UW1iNUqo
Score

6^/10

microsoft persistence phishing
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishing

© 2018-2024

Terms | Privacy