97621946de4b3b2399635ec945a053efa01f7181cfb8c3b9b1d9c789a49c466c | Triage

Submit
Reports

Overview

overview

6

Static

static

97621946de...6c.exe

windows7-x64

5

97621946de...6c.exe

windows10-2004-x64

6

Sharing

General

Target

97621946de4b3b2399635ec945a053efa01f7181cfb8c3b9b1d9c789a49c466c
Size

1.9MB
Sample

221201-k1emsscg93
MD5

35f95935a2030051b7bc994064996db5
SHA1

c7afa81244a35e04d08d691563ea324df7766214
SHA256

97621946de4b3b2399635ec945a053efa01f7181cfb8c3b9b1d9c789a49c466c
SHA512

ad485e59bc5db138d576471a88ac268df9ad4118432308803745ddadef8b269df609241b09aa88e3c78abf23007252fdb5cba73f6ad9e4110bc12b7e1a001f88
SSDEEP

49152:EDyM9igrn0WM7CfBjr+z08x+xQBCcb8l08ca:u7R4CfB/+z08xEHX

Score

6^/10

microsoft persistence phishing

Static task

static1

Behavioral task

behavioral1

Sample

97621946de4b3b2399635ec945a053efa01f7181cfb8c3b9b1d9c789a49c466c.exe

Resource

win7-20220901-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

97621946de4b3b2399635ec945a053efa01f7181cfb8c3b9b1d9c789a49c466c.exe

Resource

win10v2004-20220901-en

microsoft persistence phishing

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  97621946de4b3b2399635ec945a053efa01f7181cfb8c3b9b1d9c789a49c466c
- Size
  
  1.9MB
- MD5
  
  35f95935a2030051b7bc994064996db5
- SHA1
  
  c7afa81244a35e04d08d691563ea324df7766214
- SHA256
  
  97621946de4b3b2399635ec945a053efa01f7181cfb8c3b9b1d9c789a49c466c
- SHA512
  
  ad485e59bc5db138d576471a88ac268df9ad4118432308803745ddadef8b269df609241b09aa88e3c78abf23007252fdb5cba73f6ad9e4110bc12b7e1a001f88
- SSDEEP
  
  49152:EDyM9igrn0WM7CfBjr+z08x+xQBCcb8l08ca:u7R4CfB/+z08xEHX
Score

6^/10

microsoft persistence phishing
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishing

© 2018-2024

Terms | Privacy