b91e01bf8ab93d715679d40aa0acc1aecf9f96dcf6dbedb03b7beaa90e14cb2c | Triage

Sharing

General

Target

a5NEvjtajGe
Size

4KB
Sample

241128-twy1bayldj
MD5

1f23116a72af5ea456ba258f14a76c92
SHA1

e8b9f581215f1a4a31c915afdfda07d0577d67c6
SHA256

b91e01bf8ab93d715679d40aa0acc1aecf9f96dcf6dbedb03b7beaa90e14cb2c
SHA512

a7d8e71c2552e79bb33ce2759afa57da9c6e0ba99e1dd5a110594fcdc9b097b1110b7b10267b75ba1836bf5559d15678902cf505ae43d72233813468aff857da
SSDEEP

96:3wAEwbtDOsauy9U+BunHE2MQTJPK9KiW2KsYKGhLiTyW8:3wV8tDOsauVLMQTJPK9KiHKsYK2LiTyh

Score

6^/10

microsoft discovery execution phishing

Malware Config

Targets

- Target
  
  a5NEvjtajGe
- Size
  
  4KB
- MD5
  
  1f23116a72af5ea456ba258f14a76c92
- SHA1
  
  e8b9f581215f1a4a31c915afdfda07d0577d67c6
- SHA256
  
  b91e01bf8ab93d715679d40aa0acc1aecf9f96dcf6dbedb03b7beaa90e14cb2c
- SHA512
  
  a7d8e71c2552e79bb33ce2759afa57da9c6e0ba99e1dd5a110594fcdc9b097b1110b7b10267b75ba1836bf5559d15678902cf505ae43d72233813468aff857da
- SSDEEP
  
  96:3wAEwbtDOsauy9U+BunHE2MQTJPK9KiW2KsYKGhLiTyW8:3wV8tDOsauVLMQTJPK9KiHKsYK2LiTyh
Score

6^/10

microsoft discovery execution phishing
- Command and Scripting Interpreter: PowerShell
  Using powershell.exe command.
  execution
- Detected potential entity reuse from brand MICROSOFT.
  phishing microsoft
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

microsoftdiscoveryexecutionphishing