c81de0cb0b4dbe58b4383cf73307ff120c0f35c18b1afc3eb16aac348584333e | Triage

Sharing

General

Target

c81de0cb0b4dbe58b4383cf73307ff120c0f35c18b1afc3eb16aac348584333e
Size

174KB
Sample

221130-w2tc5agd6s
MD5

cdfcfa9cfbd99ef6ac7966992e344305
SHA1

1c3972c4b136e8004c90d5571824837d1d2877a3
SHA256

c81de0cb0b4dbe58b4383cf73307ff120c0f35c18b1afc3eb16aac348584333e
SHA512

65d083abe255da1598cf841ba10d64086d41a0beefcb31706f142064fbc53e6d04246a3976960fa4ac79b1677b42b85375ee698e7eef788e60edc3fc6656c36d
SSDEEP

3072:DvA8oVPdp1IsquZmT2d9QqjagQupe2uN8La/36m3F:DHcgT2hjEfie/3f3

Score

6^/10

microsoft persistence phishing

Malware Config

Targets

- Target
  
  c81de0cb0b4dbe58b4383cf73307ff120c0f35c18b1afc3eb16aac348584333e
- Size
  
  174KB
- MD5
  
  cdfcfa9cfbd99ef6ac7966992e344305
- SHA1
  
  1c3972c4b136e8004c90d5571824837d1d2877a3
- SHA256
  
  c81de0cb0b4dbe58b4383cf73307ff120c0f35c18b1afc3eb16aac348584333e
- SHA512
  
  65d083abe255da1598cf841ba10d64086d41a0beefcb31706f142064fbc53e6d04246a3976960fa4ac79b1677b42b85375ee698e7eef788e60edc3fc6656c36d
- SSDEEP
  
  3072:DvA8oVPdp1IsquZmT2d9QqjagQupe2uN8La/36m3F:DHcgT2hjEfie/3f3
Score

6^/10

microsoft persistence phishing
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishing