5ccf2e2ee4ee3470140798f874ae82c488aa2c9da55c3a748130b60771b8a332 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5ccf2e2ee4ee3470140798f874ae82c488aa2c9da55c3a748130b60771b8a332
Size

124KB
Sample

221030-mx5e6afhb5
MD5

a2ccda2d64349c3638e3a27b8f7db2d0
SHA1

2c3ca8e6cd64f0f0d47e836c070ea19dee9573cb
SHA256

5ccf2e2ee4ee3470140798f874ae82c488aa2c9da55c3a748130b60771b8a332
SHA512

d43d5d05cdc0d1d3c7550fba3e582ec55e88899e67ba61e3f825d0ca6dd1b6e61ddf2e0560b62dec74f171c98bddc45638f8e11b9bac274a4dcc187acbd10b48
SSDEEP

1536:sZe6Q0BzI74/b9eBeGmeJg5B7x3uhp4UOx7Pq1zHvesZrVjihWAwBeWb0:ommq1zPesZrdFj/o

Score

9^/10

discovery persistence

Malware Config

Targets

- Target
  
  5ccf2e2ee4ee3470140798f874ae82c488aa2c9da55c3a748130b60771b8a332
- Size
  
  124KB
- MD5
  
  a2ccda2d64349c3638e3a27b8f7db2d0
- SHA1
  
  2c3ca8e6cd64f0f0d47e836c070ea19dee9573cb
- SHA256
  
  5ccf2e2ee4ee3470140798f874ae82c488aa2c9da55c3a748130b60771b8a332
- SHA512
  
  d43d5d05cdc0d1d3c7550fba3e582ec55e88899e67ba61e3f825d0ca6dd1b6e61ddf2e0560b62dec74f171c98bddc45638f8e11b9bac274a4dcc187acbd10b48
- SSDEEP
  
  1536:sZe6Q0BzI74/b9eBeGmeJg5B7x3uhp4UOx7Pq1zHvesZrVjihWAwBeWb0:ommq1zPesZrdFj/o
Score

9^/10

discovery persistence
- Contacts a large (2064) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Registers COM server for autorun
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence