Overview

overview

6

Static

static

707c774019...25.exe

windows7-x64

5

707c774019...25.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    707c77401961314821ba8378408e01f47be09dc49a3a165e992e1e1c070a1725

  • Size

    96KB

  • Sample

    221201-acrmcabh6s

  • MD5

    a513cdb3ab73f3edba729ca76c0db788

  • SHA1

    59f687a707b186897c4381a1857625cd78ee711b

  • SHA256

    707c77401961314821ba8378408e01f47be09dc49a3a165e992e1e1c070a1725

  • SHA512

    43d6823070122ce6d974bf7f19ddf67a100ebd72d2453daba0078da5183fbb16a2bc14b9e8dd7c9edfaa69af4be409981bd113b0e5247b4699181731b3489acc

  • SSDEEP

    1536:wIt3jmz7o5taYManp7OGNpebBDqhUDf3tuBmFneQrK7EHtgUC+mvCAjO:n3C7atZnp7OG7elqhUTjezwtBw9jO

Score
6/10
microsoftpersistencephishing

Malware Config

Targets

    • Target

      707c77401961314821ba8378408e01f47be09dc49a3a165e992e1e1c070a1725

    • Size

      96KB

    • MD5

      a513cdb3ab73f3edba729ca76c0db788

    • SHA1

      59f687a707b186897c4381a1857625cd78ee711b

    • SHA256

      707c77401961314821ba8378408e01f47be09dc49a3a165e992e1e1c070a1725

    • SHA512

      43d6823070122ce6d974bf7f19ddf67a100ebd72d2453daba0078da5183fbb16a2bc14b9e8dd7c9edfaa69af4be409981bd113b0e5247b4699181731b3489acc

    • SSDEEP

      1536:wIt3jmz7o5taYManp7OGNpebBDqhUDf3tuBmFneQrK7EHtgUC+mvCAjO:n3C7atZnp7OG7elqhUTjezwtBw9jO

    Score
    6/10
    microsoftpersistencephishing

    • Adds Run key to start application

      persistence

    • Detected potential entity reuse from brand microsoft.

      phishingmicrosoft

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

2
T1112

Credential Access

Discovery

System Information Discovery

2
T1082

Query Registry

1
T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks