d3a6549aa3c4ffc596bb98f847cc2aa7c0915aa7231b3a4e1a0f56114a86c01e | Triage

Sharing

General

Target

d3a6549aa3c4ffc596bb98f847cc2aa7c0915aa7231b3a4e1a0f56114a86c01e
Size

303KB
Sample

221011-x8cjmabde3
MD5

6902084333276346c10012eb711d1e40
SHA1

d17f2c5a4f4c14fa595cf3a6e9c7be6a797b326c
SHA256

d3a6549aa3c4ffc596bb98f847cc2aa7c0915aa7231b3a4e1a0f56114a86c01e
SHA512

d349fc0daf78a3a688913e4fb9e3884a92d6cb0f4cb2610da0d582114957a27149b4c3e416ef9c7a1fd31e3543a97b3eaefec41f80ed911966dad7438683489d
SSDEEP

3072:xO9d3Zy0imWTaT4tywbqTvsgcku7eW4ly3rw:09nyXJTa8w6ObWL

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  d3a6549aa3c4ffc596bb98f847cc2aa7c0915aa7231b3a4e1a0f56114a86c01e
- Size
  
  303KB
- MD5
  
  6902084333276346c10012eb711d1e40
- SHA1
  
  d17f2c5a4f4c14fa595cf3a6e9c7be6a797b326c
- SHA256
  
  d3a6549aa3c4ffc596bb98f847cc2aa7c0915aa7231b3a4e1a0f56114a86c01e
- SHA512
  
  d349fc0daf78a3a688913e4fb9e3884a92d6cb0f4cb2610da0d582114957a27149b4c3e416ef9c7a1fd31e3543a97b3eaefec41f80ed911966dad7438683489d
- SSDEEP
  
  3072:xO9d3Zy0imWTaT4tywbqTvsgcku7eW4ly3rw:09nyXJTa8w6ObWL
Score

8^/10

discovery persistence
- Contacts a large (1286) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Registers COM server for autorun
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence