golddragon | 111ab6aa14ef1f8359c59b43778b76c7be5ca72dc1372a3603cd5814bfb2850d | Triage

Submit
Reports

Overview

overview

Static

static

111ab6aa14...0d.dll

windows7_x64

111ab6aa14...0d.dll

windows10_x64

Sharing

General

Target

111ab6aa14ef1f8359c59b43778b76c7be5ca72dc1372a3603cd5814bfb2850d
Size

107KB
Sample

220124-gqnk6sdbf2
MD5

42b9f65fda3cbb613f726c9a4f26069e
SHA1

71f337dc65459027f4ab26198270368f68d7ae77
SHA256

111ab6aa14ef1f8359c59b43778b76c7be5ca72dc1372a3603cd5814bfb2850d
SHA512

7535e699bf635c87523e014eee62dae61f3545e908ef23e864635f0c39b115a55c2ce87ba120123d82739070a63de3adbdfbd9153c973260e6cfcd15da31fbb2

Score

10^/10

golddragon backdoor

Static task

static1

Behavioral task

behavioral1

Sample

111ab6aa14ef1f8359c59b43778b76c7be5ca72dc1372a3603cd5814bfb2850d.dll

Resource

win7-en-20211208

golddragon backdoor

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

111ab6aa14ef1f8359c59b43778b76c7be5ca72dc1372a3603cd5814bfb2850d.dll

Resource

win10-en-20211208

golddragon backdoor

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  111ab6aa14ef1f8359c59b43778b76c7be5ca72dc1372a3603cd5814bfb2850d
- Size
  
  107KB
- MD5
  
  42b9f65fda3cbb613f726c9a4f26069e
- SHA1
  
  71f337dc65459027f4ab26198270368f68d7ae77
- SHA256
  
  111ab6aa14ef1f8359c59b43778b76c7be5ca72dc1372a3603cd5814bfb2850d
- SHA512
  
  7535e699bf635c87523e014eee62dae61f3545e908ef23e864635f0c39b115a55c2ce87ba120123d82739070a63de3adbdfbd9153c973260e6cfcd15da31fbb2
Score

10^/10

golddragon backdoor
- GoldDragon
  GoldDragon is a second-stage backdoor attributed to Kimsuky.
  backdoor golddragon
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

golddragonbackdoor

behavioral2

golddragonbackdoor

© 2018-2024

Terms | Privacy