5fe17a027dd379c4a20d48aabe6af18d0d58f3992b46ab6dcf5c7883760ae190 | Triage

Sharing

General

Target

5fe17a027dd379c4a20d48aabe6af18d0d58f3992b46ab6dcf5c7883760ae190
Size

4.3MB
Sample

221130-n7c94ahc37
MD5

1388c4e00cdc674571022ee0125b74d4
SHA1

01c74cc41da2d42b8009a411f65b8a955e1c33a6
SHA256

5fe17a027dd379c4a20d48aabe6af18d0d58f3992b46ab6dcf5c7883760ae190
SHA512

96a00cd0767d9fcae62fb4ebb32d2268cfc064e308d0bf63ee95d22630858e77992e87cef3ec575f07118e4a9d342dbadec36336e29ae8f36bc7c313cb7ababd
SSDEEP

98304:3GM3UqA80068t67Cc+3+tBsgYtJPKSBk:3GM810tPc

Score

6^/10

microsoft persistence phishing

Malware Config

Targets

- Target
  
  5fe17a027dd379c4a20d48aabe6af18d0d58f3992b46ab6dcf5c7883760ae190
- Size
  
  4.3MB
- MD5
  
  1388c4e00cdc674571022ee0125b74d4
- SHA1
  
  01c74cc41da2d42b8009a411f65b8a955e1c33a6
- SHA256
  
  5fe17a027dd379c4a20d48aabe6af18d0d58f3992b46ab6dcf5c7883760ae190
- SHA512
  
  96a00cd0767d9fcae62fb4ebb32d2268cfc064e308d0bf63ee95d22630858e77992e87cef3ec575f07118e4a9d342dbadec36336e29ae8f36bc7c313cb7ababd
- SSDEEP
  
  98304:3GM3UqA80068t67Cc+3+tBsgYtJPKSBk:3GM810tPc
Score

6^/10

microsoft persistence phishing
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishing