0a71d1bf605fb50be57e5b76b7914d0b158c618e6a42c1c571cafe489fdde16a | Triage

Submit
Reports

Overview

overview

6

Static

static

0a71d1bf60...6a.exe

windows7-x64

5

0a71d1bf60...6a.exe

windows10-2004-x64

6

Sharing

General

Target

0a71d1bf605fb50be57e5b76b7914d0b158c618e6a42c1c571cafe489fdde16a
Size

1.4MB
Sample

221130-x8enzsbh91
MD5

01fd884a92da62e9796257b889594709
SHA1

5c92e5d3d80c587a8db443947d79d327f44aa437
SHA256

0a71d1bf605fb50be57e5b76b7914d0b158c618e6a42c1c571cafe489fdde16a
SHA512

c1de8e07da62a813912a04bb9bf23f3abaeb7c3bfb095d3a57ae70c59853ae6911d564fca861a677fe200708c47aaaea4fd58453bb1cf05817d37c11e6abf889
SSDEEP

24576:Ab/JZbr1coVWDAc/HTvMsaFnLKBkwDJBR99RZ+yUDTVrhD85Oe4:a/JZbJIcLKBbJRZ+ZTVd85A

Score

6^/10

microsoft persistence phishing

Static task

static1

Behavioral task

behavioral1

Sample

0a71d1bf605fb50be57e5b76b7914d0b158c618e6a42c1c571cafe489fdde16a.exe

Resource

win7-20220901-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

0a71d1bf605fb50be57e5b76b7914d0b158c618e6a42c1c571cafe489fdde16a.exe

Resource

win10v2004-20220812-en

microsoft persistence phishing

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  0a71d1bf605fb50be57e5b76b7914d0b158c618e6a42c1c571cafe489fdde16a
- Size
  
  1.4MB
- MD5
  
  01fd884a92da62e9796257b889594709
- SHA1
  
  5c92e5d3d80c587a8db443947d79d327f44aa437
- SHA256
  
  0a71d1bf605fb50be57e5b76b7914d0b158c618e6a42c1c571cafe489fdde16a
- SHA512
  
  c1de8e07da62a813912a04bb9bf23f3abaeb7c3bfb095d3a57ae70c59853ae6911d564fca861a677fe200708c47aaaea4fd58453bb1cf05817d37c11e6abf889
- SSDEEP
  
  24576:Ab/JZbr1coVWDAc/HTvMsaFnLKBkwDJBR99RZ+yUDTVrhD85Oe4:a/JZbJIcLKBbJRZ+ZTVd85A
Score

6^/10

microsoft persistence phishing
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishing

© 2018-2024

Terms | Privacy