3d5c58bcb104ecd270c198910bb9947f1b4887e7f340e9e934e44a5718cd2782 | Triage

Sharing

General

Target

3d5c58bcb104ecd270c198910bb9947f1b4887e7f340e9e934e44a5718cd2782
Size

455KB
Sample

221130-n7bq9shc35
MD5

577f83b8929cf480740a24d0a49e04b6
SHA1

05e1df85247cd84eecd2465932325015e37b26dd
SHA256

3d5c58bcb104ecd270c198910bb9947f1b4887e7f340e9e934e44a5718cd2782
SHA512

a6a6874e3ba5c825ab97ec266cee0b2366f85418057055a3367de7afb65105dfac277da3dcc298a37d8df3bfdc7551f27548bbfe85241b91fd82750f2a682052
SSDEEP

6144:FLHIWp/cH4GuKiHqbLZkH4GuKiHqbLZnEt:FbE2x

Score

6^/10

microsoft persistence phishing

Malware Config

Targets

- Target
  
  3d5c58bcb104ecd270c198910bb9947f1b4887e7f340e9e934e44a5718cd2782
- Size
  
  455KB
- MD5
  
  577f83b8929cf480740a24d0a49e04b6
- SHA1
  
  05e1df85247cd84eecd2465932325015e37b26dd
- SHA256
  
  3d5c58bcb104ecd270c198910bb9947f1b4887e7f340e9e934e44a5718cd2782
- SHA512
  
  a6a6874e3ba5c825ab97ec266cee0b2366f85418057055a3367de7afb65105dfac277da3dcc298a37d8df3bfdc7551f27548bbfe85241b91fd82750f2a682052
- SSDEEP
  
  6144:FLHIWp/cH4GuKiHqbLZkH4GuKiHqbLZnEt:FbE2x
Score

6^/10

microsoft persistence phishing
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishing