General
-
Target
40fc4d9b7d4cd8414ee27863f630cf3155bcf4ae34b2e35071456f8ac7a944fd
-
Size
368KB
-
Sample
220204-mk8xtahcej
-
MD5
08a336361d0551bf2ff72ae0eb06f23c
-
SHA1
f914d02fb056fd59f8dd88ea87b0d30dd97786e3
-
SHA256
40fc4d9b7d4cd8414ee27863f630cf3155bcf4ae34b2e35071456f8ac7a944fd
-
SHA512
a9be11cad129d138da08621b525afa42eda1d5c14b103e09a7562b0524e186a80bd8286585a0fa59fc64eeddb484b945bdc78abd10a2539b6e395de23050dff8
Static task
static1
Behavioral task
behavioral1
Sample
40fc4d9b7d4cd8414ee27863f630cf3155bcf4ae34b2e35071456f8ac7a944fd.exe
Resource
win7-en-20211208
Malware Config
Targets
-
-
Target
40fc4d9b7d4cd8414ee27863f630cf3155bcf4ae34b2e35071456f8ac7a944fd
-
Size
368KB
-
MD5
08a336361d0551bf2ff72ae0eb06f23c
-
SHA1
f914d02fb056fd59f8dd88ea87b0d30dd97786e3
-
SHA256
40fc4d9b7d4cd8414ee27863f630cf3155bcf4ae34b2e35071456f8ac7a944fd
-
SHA512
a9be11cad129d138da08621b525afa42eda1d5c14b103e09a7562b0524e186a80bd8286585a0fa59fc64eeddb484b945bdc78abd10a2539b6e395de23050dff8
-
GoldenSpy Payload
-
suricata: ET MALWARE GoldenSpy Domain Observed
suricata: ET MALWARE GoldenSpy Domain Observed
-
Executes dropped EXE
-
Sets service image path in registry
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-