5b27bfbd41875112eb1f2e3cc49e1f76140a4cfa552952e80b22dbe4f6e9c5b8 | Triage

Sharing

General

Target

5b27bfbd41875112eb1f2e3cc49e1f76140a4cfa552952e80b22dbe4f6e9c5b8
Size

81KB
Sample

221203-pvhjqaec7x
MD5

153f816bff0960ddcd9fc46b662e8aa0
SHA1

24b7e5d1126881668266b21aa97fa10445de6f5f
SHA256

5b27bfbd41875112eb1f2e3cc49e1f76140a4cfa552952e80b22dbe4f6e9c5b8
SHA512

b7aa3cc45464dc7f9b9f756929fa41f1a6127437fbaf794a7f6b9a03653cdf169ad8b46b28e194acf062ecd6429d98d220ecde25876c89ac077ccf08789a4d7e
SSDEEP

1536:FxCrGEFxbvG/jo0ISltSY+A37feaCMJDmYsLIb4PvYqHB/AdGp:FUrGgxbvYjo0ICtSDADeak7dJHB/AdGp

Score

6^/10

microsoft persistence phishing

Malware Config

Targets

- Target
  
  5b27bfbd41875112eb1f2e3cc49e1f76140a4cfa552952e80b22dbe4f6e9c5b8
- Size
  
  81KB
- MD5
  
  153f816bff0960ddcd9fc46b662e8aa0
- SHA1
  
  24b7e5d1126881668266b21aa97fa10445de6f5f
- SHA256
  
  5b27bfbd41875112eb1f2e3cc49e1f76140a4cfa552952e80b22dbe4f6e9c5b8
- SHA512
  
  b7aa3cc45464dc7f9b9f756929fa41f1a6127437fbaf794a7f6b9a03653cdf169ad8b46b28e194acf062ecd6429d98d220ecde25876c89ac077ccf08789a4d7e
- SSDEEP
  
  1536:FxCrGEFxbvG/jo0ISltSY+A37feaCMJDmYsLIb4PvYqHB/AdGp:FUrGgxbvYjo0ICtSDADeak7dJHB/AdGp
Score

6^/10

microsoft persistence phishing
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishing