Overview

overview

8

Static

static

1

Golden_1.exe

windows7-x64

8

Golden_1.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Golden_1.exe

  • Size

    76KB

  • Sample

    230223-tsnp6sge22

  • MD5

    7b89518d8d9d7eb4394dea53e42d4f81

  • SHA1

    e40d893f22d6da1396c864dd814360114ddb6a5c

  • SHA256

    7d204e84d6a9e32b7b207688d002fb6c683bb520f54cc383b0fdf34c30d176f6

  • SHA512

    9739ac243f439178314cd90ea3645dc057628044bbc361e08b33a96615f9c5029a67e8f9a81dc37700a8da2472710a08811748640b6432ee4e5c71fadbb5a462

  • SSDEEP

    768:6I0lDeqMLOKKKKyrtcbuM8EOzR+IHNY7gtNu0OzR+IHNY7gtNuUFYcKV1:FLOKKKKyrtcbusoNBu0oNBuUEV1

Score
8/10
discoveryexploit

Malware Config

Targets

    • Target

      Golden_1.exe

    • Size

      76KB

    • MD5

      7b89518d8d9d7eb4394dea53e42d4f81

    • SHA1

      e40d893f22d6da1396c864dd814360114ddb6a5c

    • SHA256

      7d204e84d6a9e32b7b207688d002fb6c683bb520f54cc383b0fdf34c30d176f6

    • SHA512

      9739ac243f439178314cd90ea3645dc057628044bbc361e08b33a96615f9c5029a67e8f9a81dc37700a8da2472710a08811748640b6432ee4e5c71fadbb5a462

    • SSDEEP

      768:6I0lDeqMLOKKKKyrtcbuM8EOzR+IHNY7gtNu0OzR+IHNY7gtNuUFYcKV1:FLOKKKKyrtcbusoNBu0oNBuUEV1

    Score
    8/10
    discoveryexploit

    • Possible privilege escalation attempt

      exploit

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Modifies file permissions

      discovery
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File Permissions Modification

1
T1222

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks