7e3f7ea4e239ac1031be1e558a14cb9c5f9016d92a344dad9b4ed2f554d78107 | Triage

Sharing

General

Target

Payment for March 23 2023.msg
Size

150KB
Sample

230323-s88jvaae91
MD5

473d4d668c938c0c552f7db628846535
SHA1

11d778d5c27cb46dcf45946df477b371a47650cc
SHA256

7e3f7ea4e239ac1031be1e558a14cb9c5f9016d92a344dad9b4ed2f554d78107
SHA512

83211054f38205125ef6bb7213ae8afd7cee76f94d9bcd9e0dda8e48fcec73ea38757a8ede1dedaa208791f9551bf366c99d72abaca081ffc1d43e2b0d8bf050
SSDEEP

1536:oEVsPWFWDN/dHqBy1zz7Yd0rdVcHY49Q4aepwmWK9Em9WFWFjQMT/:oEV6N/dHqBy1xdV74ohmWcjQMT

Score

6^/10

microsoft persistence phishing

Malware Config

Targets

- Target
  
  PAYMENT_ADVICE.htm
- Size
  
  265B
- MD5
  
  2fe78b3f58004d0dd94e32b91d64583b
- SHA1
  
  9efab208c30d4236d228a16873a05b5926f724b6
- SHA256
  
  2c10546b192847a61f4fc1819868164287735fc9ac30a87333c26ffeaf3d5a6b
- SHA512
  
  37d7ae4d13576fc0470c41ceb9b39a9635e1c281eb5be8de470cd9bd587178975d4d4b9aef338724ef6a7b1090a1045c6573f71a2332f07ea9f227edddb99728
Score

6^/10

microsoft phishing persistence
- Adds Run key to start application
  persistence
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

microsoftphishing

behavioral2

microsoftpersistencephishing