f1731705c1c8639d16629e8a5eec4bc806d8946ee3225701726c6c5723c9af05 | Triage

Sharing

General

Target

f1731705c1c8639d16629e8a5eec4bc806d8946ee3225701726c6c5723c9af05
Size

222KB
Sample

221027-dypxesadfj
MD5

48ad1e27068592e376e696dd1f5b8592
SHA1

ceaf79794fef1b453767ef6004067fe05ac0328a
SHA256

f1731705c1c8639d16629e8a5eec4bc806d8946ee3225701726c6c5723c9af05
SHA512

b360ec58ab2299f8529549633e0cdcad25655af3064ed4d6f9570d8cea66d8e72b6fc522c42c22fa4609637a75b865d04e50b036e432f7a3db00e3d09ad6be8d
SSDEEP

3072:auEyjDRl0gbL6ktlfQWs8FhmepNvhQPeQ0kwyRC4uYhbZiojAmc7Dbck0OBrOz8O:as0gbm0XsOme5y0SRZiojAFHNgQl6Us

Score

8^/10

discovery

Malware Config

Targets

- Target
  
  f1731705c1c8639d16629e8a5eec4bc806d8946ee3225701726c6c5723c9af05
- Size
  
  222KB
- MD5
  
  48ad1e27068592e376e696dd1f5b8592
- SHA1
  
  ceaf79794fef1b453767ef6004067fe05ac0328a
- SHA256
  
  f1731705c1c8639d16629e8a5eec4bc806d8946ee3225701726c6c5723c9af05
- SHA512
  
  b360ec58ab2299f8529549633e0cdcad25655af3064ed4d6f9570d8cea66d8e72b6fc522c42c22fa4609637a75b865d04e50b036e432f7a3db00e3d09ad6be8d
- SSDEEP
  
  3072:auEyjDRl0gbL6ktlfQWs8FhmepNvhQPeQ0kwyRC4uYhbZiojAmc7Dbck0OBrOz8O:as0gbm0XsOme5y0SRZiojAFHNgQl6Us
Score

8^/10

discovery
- Executes dropped EXE
- Drops startup file
- Loads dropped DLL
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2