ce8813b153bf91b316e03682ff83ab0066df88cbe45377971e83fdfd417780fa | Triage

Sharing

General

Target

ce8813b153bf91b316e03682ff83ab0066df88cbe45377971e83fdfd417780fa
Size

60KB
Sample

221130-z1mqqseh59
MD5

147dddef041f73e5d6740ae13fcb0830
SHA1

7ceca90bbed26f5d2c23bf95d41bf51ee35d67c1
SHA256

ce8813b153bf91b316e03682ff83ab0066df88cbe45377971e83fdfd417780fa
SHA512

a8330e1d34a925183cac653e8f803d0ea0202541ac29e3250f37883ebfab9afde89803d50aadd52c3ea6dc947c3b59c2634f22308041d20190ae711f8a438b14
SSDEEP

768:TEKE2wlLxl2peTzlwjvLGhXyLS/ESgVxd9W1ckvwet1ktyjcWIWSO:gL2wVxl2wHlwjvLGhXyLYgVxdrKlYW3

Score

6^/10

microsoft persistence phishing

Malware Config

Targets

- Target
  
  ce8813b153bf91b316e03682ff83ab0066df88cbe45377971e83fdfd417780fa
- Size
  
  60KB
- MD5
  
  147dddef041f73e5d6740ae13fcb0830
- SHA1
  
  7ceca90bbed26f5d2c23bf95d41bf51ee35d67c1
- SHA256
  
  ce8813b153bf91b316e03682ff83ab0066df88cbe45377971e83fdfd417780fa
- SHA512
  
  a8330e1d34a925183cac653e8f803d0ea0202541ac29e3250f37883ebfab9afde89803d50aadd52c3ea6dc947c3b59c2634f22308041d20190ae711f8a438b14
- SSDEEP
  
  768:TEKE2wlLxl2peTzlwjvLGhXyLS/ESgVxd9W1ckvwet1ktyjcWIWSO:gL2wVxl2wHlwjvLGhXyLYgVxdrKlYW3
Score

6^/10

microsoft persistence phishing
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishing