goldenspy | 98b5320e7464fc69b12eb626b6336604efcbf6502adc38c77f6db41666da9dd1 | Triage

Sharing

General

Target

98b5320e7464fc69b12eb626b6336604efcbf6502adc38c77f6db41666da9dd1
Size

329KB
Sample

220204-mbe85shban
MD5

77b8787a1bcda6e18c42c1855d2f1fa0
SHA1

f2c7f4d0c5dd576a421f521671c68ff9aac8288d
SHA256

98b5320e7464fc69b12eb626b6336604efcbf6502adc38c77f6db41666da9dd1
SHA512

a332c37b7ddfa042d5ae6ae831c56726e4ee9a84f6a84a37b9491fdb1f2a8019dc33f44bbb39d23cab5ce9435c5fc04492118234699a733bd2a6ac511a55dd44

Score

10^/10

goldenspy persistence suricata

Malware Config

Targets

- Target
  
  98b5320e7464fc69b12eb626b6336604efcbf6502adc38c77f6db41666da9dd1
- Size
  
  329KB
- MD5
  
  77b8787a1bcda6e18c42c1855d2f1fa0
- SHA1
  
  f2c7f4d0c5dd576a421f521671c68ff9aac8288d
- SHA256
  
  98b5320e7464fc69b12eb626b6336604efcbf6502adc38c77f6db41666da9dd1
- SHA512
  
  a332c37b7ddfa042d5ae6ae831c56726e4ee9a84f6a84a37b9491fdb1f2a8019dc33f44bbb39d23cab5ce9435c5fc04492118234699a733bd2a6ac511a55dd44
Score

10^/10

suricata persistence
- suricata: ET MALWARE GoldenSpy Domain Observed
  suricata: ET MALWARE GoldenSpy Domain Observed
  suricata
- Sets service image path in registry
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

persistencesuricata