27a2ba2e11277be6fed30fe80be6dbc0155f33afc2a4034589511e46d12b1039 | Triage

Sharing

General

Target

27a2ba2e11277be6fed30fe80be6dbc0155f33afc2a4034589511e46d12b1039
Size

56KB
Sample

220919-y8y83agcc7
MD5

d07f4ed1793cf00ced4ee5c72928604e
SHA1

0a994075a4dbf44312cf9c16fe694073f06626b8
SHA256

27a2ba2e11277be6fed30fe80be6dbc0155f33afc2a4034589511e46d12b1039
SHA512

c2a6c184b915891eb8a8336374c10ef8300e94da43deb48ce690c9790fe79c244fed65cecc14591d22c06c1ca7ce5286461cf966976966089925758a1a20e2d0
SSDEEP

1536:cPfQ5nuy2pUQ39GAjecus+amnUO1He0SgQFFX:cnanuy2JgcusrmUOXSgQT

Score

8^/10

discovery

Malware Config

Targets

- Target
  
  27a2ba2e11277be6fed30fe80be6dbc0155f33afc2a4034589511e46d12b1039
- Size
  
  56KB
- MD5
  
  d07f4ed1793cf00ced4ee5c72928604e
- SHA1
  
  0a994075a4dbf44312cf9c16fe694073f06626b8
- SHA256
  
  27a2ba2e11277be6fed30fe80be6dbc0155f33afc2a4034589511e46d12b1039
- SHA512
  
  c2a6c184b915891eb8a8336374c10ef8300e94da43deb48ce690c9790fe79c244fed65cecc14591d22c06c1ca7ce5286461cf966976966089925758a1a20e2d0
- SSDEEP
  
  1536:cPfQ5nuy2pUQ39GAjecus+amnUO1He0SgQFFX:cnanuy2JgcusrmUOXSgQT
Score

8^/10

discovery
- Contacts a large (525) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Executes dropped EXE
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2