100749131fc0d8eb83d0ea7d95182ecef42d5d56c6c3075511a8172c2f32ecc5 | Triage

Sharing

General

Target

100749131fc0d8eb83d0ea7d95182ecef42d5d56c6c3075511a8172c2f32ecc5
Size

164KB
Sample

221130-wahgjsec8v
MD5

24395c3b4516ab00a0394f45c7c7489f
SHA1

2c0f9b5bd1286ee24307785ef699e6b805da4e6b
SHA256

100749131fc0d8eb83d0ea7d95182ecef42d5d56c6c3075511a8172c2f32ecc5
SHA512

05fb9f9928955408bccda2435d7c3c97910ebd2d481320ffdf79facbe7d2dea9fd53ab95d2351b24d3f5d4a3a6b3df59050c0c0ecedf58a7260836464386f876
SSDEEP

3072:tz1BzXtIJvWf2ZZGvb4s2fVggJgBtinfGuxajLdg5c44QP9Q:tzj+JvWf2ZZCb4sFjB90

Score

6^/10

microsoft persistence phishing

Malware Config

Targets

- Target
  
  100749131fc0d8eb83d0ea7d95182ecef42d5d56c6c3075511a8172c2f32ecc5
- Size
  
  164KB
- MD5
  
  24395c3b4516ab00a0394f45c7c7489f
- SHA1
  
  2c0f9b5bd1286ee24307785ef699e6b805da4e6b
- SHA256
  
  100749131fc0d8eb83d0ea7d95182ecef42d5d56c6c3075511a8172c2f32ecc5
- SHA512
  
  05fb9f9928955408bccda2435d7c3c97910ebd2d481320ffdf79facbe7d2dea9fd53ab95d2351b24d3f5d4a3a6b3df59050c0c0ecedf58a7260836464386f876
- SSDEEP
  
  3072:tz1BzXtIJvWf2ZZGvb4s2fVggJgBtinfGuxajLdg5c44QP9Q:tzj+JvWf2ZZCb4sFjB90
Score

6^/10

microsoft persistence phishing
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishing