dd3e02859a4efba808d74a9c8a1b2e19f39897426cde779ff4f023e5044adcf4 | Triage

Submit
Reports

Overview

overview

6

Static

static

dd3e02859a...f4.exe

windows7-x64

5

dd3e02859a...f4.exe

windows10-2004-x64

6

Sharing

General

Target

dd3e02859a4efba808d74a9c8a1b2e19f39897426cde779ff4f023e5044adcf4
Size

109KB
Sample

221207-d8vwesef41
MD5

4f79481d16930684cfa3df943444e036
SHA1

c1fa078b05aa7a64c30a0c549b127a49f8eed5a9
SHA256

dd3e02859a4efba808d74a9c8a1b2e19f39897426cde779ff4f023e5044adcf4
SHA512

18594906efa25e46a881d6d19fe2eabf2cda92a033ca054aa48b5e9c08388afe50222c43ace0a76906b4558e34fe5349efd93b1df9abac69fa5901309a080c1c
SSDEEP

1536:AfEFE5T8bRVs1yMmDi3WE//YehLXVc4FWkckxvC4V7MfrgkA:wZjmDUz/gOVc4FBLlAfrfA

Score

6^/10

microsoft persistence phishing

Static task

static1

Behavioral task

behavioral1

Sample

dd3e02859a4efba808d74a9c8a1b2e19f39897426cde779ff4f023e5044adcf4.exe

Resource

win7-20220812-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

dd3e02859a4efba808d74a9c8a1b2e19f39897426cde779ff4f023e5044adcf4.exe

Resource

win10v2004-20220812-en

microsoft persistence phishing

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  dd3e02859a4efba808d74a9c8a1b2e19f39897426cde779ff4f023e5044adcf4
- Size
  
  109KB
- MD5
  
  4f79481d16930684cfa3df943444e036
- SHA1
  
  c1fa078b05aa7a64c30a0c549b127a49f8eed5a9
- SHA256
  
  dd3e02859a4efba808d74a9c8a1b2e19f39897426cde779ff4f023e5044adcf4
- SHA512
  
  18594906efa25e46a881d6d19fe2eabf2cda92a033ca054aa48b5e9c08388afe50222c43ace0a76906b4558e34fe5349efd93b1df9abac69fa5901309a080c1c
- SSDEEP
  
  1536:AfEFE5T8bRVs1yMmDi3WE//YehLXVc4FWkckxvC4V7MfrgkA:wZjmDUz/gOVc4FBLlAfrfA
Score

6^/10

microsoft persistence phishing
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishing

© 2018-2025

Terms | Privacy