4738d90ab363d9ce68a708d1f238a27f4a899c66b54a12672638430ef7616729 | Triage

Sharing

General

Target

4738d90ab363d9ce68a708d1f238a27f4a899c66b54a12672638430ef7616729
Size

103KB
Sample

221020-1thc4sgben
MD5

962c489113671edd8f11245674e24650
SHA1

27a1e3a8cd83aa15f8d316f2947d04d3ea67909d
SHA256

4738d90ab363d9ce68a708d1f238a27f4a899c66b54a12672638430ef7616729
SHA512

bf2157bf363f3b80a93a410e3e1073a4b8b683cc5086e3c43518f12d43791f3cf9cffbc14f853d8e95220ecfb3f3ff31241929dbb9bd66f7d9895f9014c73c15
SSDEEP

3072:3l81BPbXmJzKUMZWZbzcXO0mW80tOLkCp0WzYRg:K15CXPcXLmWbJW

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  4738d90ab363d9ce68a708d1f238a27f4a899c66b54a12672638430ef7616729
- Size
  
  103KB
- MD5
  
  962c489113671edd8f11245674e24650
- SHA1
  
  27a1e3a8cd83aa15f8d316f2947d04d3ea67909d
- SHA256
  
  4738d90ab363d9ce68a708d1f238a27f4a899c66b54a12672638430ef7616729
- SHA512
  
  bf2157bf363f3b80a93a410e3e1073a4b8b683cc5086e3c43518f12d43791f3cf9cffbc14f853d8e95220ecfb3f3ff31241929dbb9bd66f7d9895f9014c73c15
- SSDEEP
  
  3072:3l81BPbXmJzKUMZWZbzcXO0mW80tOLkCp0WzYRg:K15CXPcXLmWbJW
Score

8^/10

discovery persistence
- Contacts a large (1683) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Registers COM server for autorun
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence