65ecb4942bfc86fb6ef25198489b0bc0e8a6c7eecc05dbfb267f7a6c654c5391 | Triage

Sharing

General

Target

65ecb4942bfc86fb6ef25198489b0bc0e8a6c7eecc05dbfb267f7a6c654c5391
Size

10KB
Sample

221201-kfa4waag83
MD5

0342a9384ff1fa9be77f827d4c97ed80
SHA1

f97a0e58a263ae61874bb10c37245ce51fd32f2f
SHA256

65ecb4942bfc86fb6ef25198489b0bc0e8a6c7eecc05dbfb267f7a6c654c5391
SHA512

83f6e620b06adb50312e66a75e562c3a1ae1a06d9d137a81a62e72131f02b8f567edc3b08e8a94dcfb02a2309812524a9ceaf18c3eb14fd1f97842f9f1ad3c80
SSDEEP

192:RL2UkIxBzoEWfWoX16WRcuxAn8qDgNzjBy7tnyQiXJ4wTbLGTm7XZCyDS+myC:RL2cFoEWfJX16We8qDazAnsXJpXLbTZw

Score

6^/10

microsoft persistence phishing

Malware Config

Targets

- Target
  
  65ecb4942bfc86fb6ef25198489b0bc0e8a6c7eecc05dbfb267f7a6c654c5391
- Size
  
  10KB
- MD5
  
  0342a9384ff1fa9be77f827d4c97ed80
- SHA1
  
  f97a0e58a263ae61874bb10c37245ce51fd32f2f
- SHA256
  
  65ecb4942bfc86fb6ef25198489b0bc0e8a6c7eecc05dbfb267f7a6c654c5391
- SHA512
  
  83f6e620b06adb50312e66a75e562c3a1ae1a06d9d137a81a62e72131f02b8f567edc3b08e8a94dcfb02a2309812524a9ceaf18c3eb14fd1f97842f9f1ad3c80
- SSDEEP
  
  192:RL2UkIxBzoEWfWoX16WRcuxAn8qDgNzjBy7tnyQiXJ4wTbLGTm7XZCyDS+myC:RL2cFoEWfJX16We8qDazAnsXJpXLbTZw
Score

6^/10

microsoft persistence phishing
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishing