golddragon | 873b8fb97b4b0c6d7992f6af15653295788526def41f337c651dc64e8e4aeebd | Triage

Submit
Reports

Overview

overview

Static

static

1

2c530adb84...e6.dll

windows7-x64

2c530adb84...e6.dll

windows10-2004-x64

Sharing

General

Target

2c530adb841114366ce6177ce964a5e6.bin
Size

223KB
Sample

230412-b8tl9aad9t
MD5

2c530adb841114366ce6177ce964a5e6
SHA1

5b69e3e5f4f49cf8b635a57a8c92e17a4f130d50
SHA256

873b8fb97b4b0c6d7992f6af15653295788526def41f337c651dc64e8e4aeebd
SHA512

002ba1e7b6a1a250678bfe63ae8de106606bc540ab10d69abdb0b4f87e72c79f91cc7890f6e649226cef9d2fec3f5c5176c254e726ce6eaf3dc9d73b12408c65
SSDEEP

6144:8L7OMNsdhZlmRDbwE0GCT7rxrvxWYcJM/x:8+M2djEJQr1Y7

Score

10^/10

golddragon backdoor

Static task

static1

Behavioral task

behavioral1

Sample

2c530adb841114366ce6177ce964a5e6.dll

Resource

win7-20230220-en

golddragon backdoor

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

2c530adb841114366ce6177ce964a5e6.dll

Resource

win10v2004-20230220-en

golddragon backdoor

windows10-2004-x64

3 signatures

150 seconds

Malware Config

Targets

- Target
  
  2c530adb841114366ce6177ce964a5e6.bin
- Size
  
  223KB
- MD5
  
  2c530adb841114366ce6177ce964a5e6
- SHA1
  
  5b69e3e5f4f49cf8b635a57a8c92e17a4f130d50
- SHA256
  
  873b8fb97b4b0c6d7992f6af15653295788526def41f337c651dc64e8e4aeebd
- SHA512
  
  002ba1e7b6a1a250678bfe63ae8de106606bc540ab10d69abdb0b4f87e72c79f91cc7890f6e649226cef9d2fec3f5c5176c254e726ce6eaf3dc9d73b12408c65
- SSDEEP
  
  6144:8L7OMNsdhZlmRDbwE0GCT7rxrvxWYcJM/x:8+M2djEJQr1Y7
Score

10^/10

golddragon backdoor
- GoldDragon
  GoldDragon is a second-stage backdoor attributed to Kimsuky.
  backdoor golddragon
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

golddragonbackdoor

behavioral2

golddragonbackdoor

© 2018-2024

Terms | Privacy