golddragon | a7a86cbf520c0ca37e2f8e37584fcd9c68e79614fd8352d10a7bb223c3a3a39b | Triage

Submit
Reports

Overview

overview

Static

static

a7a86cbf52...9b.exe

windows7_x64

a7a86cbf52...9b.exe

windows10_x64

Sharing

General

Target

a7a86cbf520c0ca37e2f8e37584fcd9c68e79614fd8352d10a7bb223c3a3a39b
Size

421KB
Sample

210701-j3mbcd1b5x
MD5

ffff18fc7c2166c2a1a3c3d8bbd95ba1
SHA1

7af27ee542f599e4b68a032bc43295eec03c1e0e
SHA256

a7a86cbf520c0ca37e2f8e37584fcd9c68e79614fd8352d10a7bb223c3a3a39b
SHA512

3a36a1b6cf4b933cc546157b51a48e0b87fd1bc9fc41b5763500ecf89fca7017e2fdc721593ff6eaa2607b434c4d0133132460f1d090d5f459905f410a4c1435

Score

10^/10

golddragon backdoor

Static task

static1

Behavioral task

behavioral1

Sample

a7a86cbf520c0ca37e2f8e37584fcd9c68e79614fd8352d10a7bb223c3a3a39b.exe

Resource

win7v20210408

golddragon backdoor

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

a7a86cbf520c0ca37e2f8e37584fcd9c68e79614fd8352d10a7bb223c3a3a39b.exe

Resource

win10v20210410

golddragon backdoor

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  a7a86cbf520c0ca37e2f8e37584fcd9c68e79614fd8352d10a7bb223c3a3a39b
- Size
  
  421KB
- MD5
  
  ffff18fc7c2166c2a1a3c3d8bbd95ba1
- SHA1
  
  7af27ee542f599e4b68a032bc43295eec03c1e0e
- SHA256
  
  a7a86cbf520c0ca37e2f8e37584fcd9c68e79614fd8352d10a7bb223c3a3a39b
- SHA512
  
  3a36a1b6cf4b933cc546157b51a48e0b87fd1bc9fc41b5763500ecf89fca7017e2fdc721593ff6eaa2607b434c4d0133132460f1d090d5f459905f410a4c1435
Score

10^/10

golddragon backdoor
- GoldDragon
  GoldDragon is a second-stage backdoor attributed to Kimsuky.
  backdoor golddragon
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

golddragonbackdoor

behavioral2

golddragonbackdoor

© 2018-2024

Terms | Privacy