General
-
Target
2f65238e7b3a8ddd719fb19a506cd1d964fc7b5cab6f3f4e95235c235cac2190
-
Size
351KB
-
Sample
220204-mmgakshcfr
-
MD5
ed8a45d45c7dceb822c739ff878525e5
-
SHA1
8c62c96c46133ac71995b294cf2209d1b8a3e5a5
-
SHA256
2f65238e7b3a8ddd719fb19a506cd1d964fc7b5cab6f3f4e95235c235cac2190
-
SHA512
8cacd4759ed75a0bf04b2d5513700ea48827b9fae2028ac453603036e96928e581dcc13294fb32aee97583e77e5eed53bf4c6621d6ebde97f33d5eeb050fa1d7
Static task
static1
Behavioral task
behavioral1
Sample
edadf30df18e6a7ea190041cf3bd4a0b.exe
Resource
win7-en-20211208
Malware Config
Targets
-
-
Target
edadf30df18e6a7ea190041cf3bd4a0b
-
Size
366KB
-
MD5
edadf30df18e6a7ea190041cf3bd4a0b
-
SHA1
b33c269642bf42b8c71988b9ddbe298e00b65ef1
-
SHA256
3b8761d2e19bc5185f55cc2f575bbe54a45a52fc1c8650a60f1bd13e01e24655
-
SHA512
0a22b64f763aa5bf471e2b889899665fa060ae4bd2288c2dd07731aa7411c7d6c2be0c0e3d619adcf064a1815f4a9f641815076970bb690d1ef9390811a1a810
-
GoldenSpy Payload
-
suricata: ET MALWARE GoldenSpy Domain Observed
suricata: ET MALWARE GoldenSpy Domain Observed
-
Executes dropped EXE
-
Sets service image path in registry
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-