b6c60974b05a771fa2020c238fb0f0abc983fc7f46e0d0b82a0d46f3694aee8d | Triage

Sharing

General

Target

b6c60974b05a771fa2020c238fb0f0abc983fc7f46e0d0b82a0d46f3694aee8d
Size

932KB
Sample

221130-ppcraadd9s
MD5

d85aa81a37aab0a7359bb73485a883b8
SHA1

144ee02ec5b56274f6ba534ce07f74e95cc1f655
SHA256

b6c60974b05a771fa2020c238fb0f0abc983fc7f46e0d0b82a0d46f3694aee8d
SHA512

55c19d8c121dcb834b7dc2ae8148b9d5d71fb99f5db2673d4fee83c1cd192cb8f358603d62e42f6e4508d2be4d0d10c5aa835591e8b13e2dedeae0eee303019f
SSDEEP

6144:W5GnHeQURMjQwODQtk7gaPqbLXb2w8zvt+rFh5v3nIu1zMTbWuN29v+3nDlzFNOs:WCeQUsbjeTvSj/nSB0enhZoICe74

Score

6^/10

microsoft persistence phishing

Malware Config

Targets

- Target
  
  b6c60974b05a771fa2020c238fb0f0abc983fc7f46e0d0b82a0d46f3694aee8d
- Size
  
  932KB
- MD5
  
  d85aa81a37aab0a7359bb73485a883b8
- SHA1
  
  144ee02ec5b56274f6ba534ce07f74e95cc1f655
- SHA256
  
  b6c60974b05a771fa2020c238fb0f0abc983fc7f46e0d0b82a0d46f3694aee8d
- SHA512
  
  55c19d8c121dcb834b7dc2ae8148b9d5d71fb99f5db2673d4fee83c1cd192cb8f358603d62e42f6e4508d2be4d0d10c5aa835591e8b13e2dedeae0eee303019f
- SSDEEP
  
  6144:W5GnHeQURMjQwODQtk7gaPqbLXb2w8zvt+rFh5v3nIu1zMTbWuN29v+3nDlzFNOs:WCeQUsbjeTvSj/nSB0enhZoICe74
Score

6^/10

microsoft persistence phishing
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishing