2d493710f1dbaec8dee0d07055e8d419b3adacbc583272a09689ece62e8710dd | Triage

Sharing

General

Target

2d493710f1dbaec8dee0d07055e8d419b3adacbc583272a09689ece62e8710dd
Size

43KB
Sample

221130-nthmnaga92
MD5

07ae6ec271fb7de55eee93301594d650
SHA1

2617ba083523a9d94f30303d5e4b5aeaa033313e
SHA256

2d493710f1dbaec8dee0d07055e8d419b3adacbc583272a09689ece62e8710dd
SHA512

67b5030d9f7d391db11c144d4a6ce836da2d8b1e8f9467aa95664a1eca9ebf7bd35d7309589ed84919e1e4e77f488e1be5e456775d4edbf2108cc2f9d8e15a74
SSDEEP

768:PEL2p8XN83DSKCQ/Cr+9g9iTv2CF5p176HLjHXIqvtq11JtCi1MOlN2rv8vEL2pU:p71ygaHvWJFl171ygaHvWJw

Score

6^/10

microsoft persistence phishing

Malware Config

Targets

- Target
  
  2d493710f1dbaec8dee0d07055e8d419b3adacbc583272a09689ece62e8710dd
- Size
  
  43KB
- MD5
  
  07ae6ec271fb7de55eee93301594d650
- SHA1
  
  2617ba083523a9d94f30303d5e4b5aeaa033313e
- SHA256
  
  2d493710f1dbaec8dee0d07055e8d419b3adacbc583272a09689ece62e8710dd
- SHA512
  
  67b5030d9f7d391db11c144d4a6ce836da2d8b1e8f9467aa95664a1eca9ebf7bd35d7309589ed84919e1e4e77f488e1be5e456775d4edbf2108cc2f9d8e15a74
- SSDEEP
  
  768:PEL2p8XN83DSKCQ/Cr+9g9iTv2CF5p176HLjHXIqvtq11JtCi1MOlN2rv8vEL2pU:p71ygaHvWJFl171ygaHvWJw
Score

6^/10

microsoft persistence phishing
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishing