525e9eaa8aecd2b9fe0fa7e587c1334c0bec1314abebaf472fc0d052e4306d57 | Triage

Sharing

General

Target

TGSGhostmenuv2 (2).jar
Size

639KB
Sample

231111-2c2k4abh2y
MD5

3bbfdbdd8b65e936010028896db454e3
SHA1

84f32fd2509ceaf01aa8df17eccf565826075b81
SHA256

525e9eaa8aecd2b9fe0fa7e587c1334c0bec1314abebaf472fc0d052e4306d57
SHA512

49aac25ba17e3cb19c317f1dd83bfd587ffeb417f0a31712d0ce08959d2e43d44c25ca5292c0be5c7e060779c05b52134645a3dbc9353399fcb08f58d93fb267
SSDEEP

12288:e7HdQV/n31Ebd4p5ghY3gm/rRr+B/cN+7KgOJ+RhI34uc2lwS+xDww:e79QFFEp4/D3gmFmW+7rMF4uhlL+xDww

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  TGSGhostmenuv2 (2).jar
- Size
  
  639KB
- MD5
  
  3bbfdbdd8b65e936010028896db454e3
- SHA1
  
  84f32fd2509ceaf01aa8df17eccf565826075b81
- SHA256
  
  525e9eaa8aecd2b9fe0fa7e587c1334c0bec1314abebaf472fc0d052e4306d57
- SHA512
  
  49aac25ba17e3cb19c317f1dd83bfd587ffeb417f0a31712d0ce08959d2e43d44c25ca5292c0be5c7e060779c05b52134645a3dbc9353399fcb08f58d93fb267
- SSDEEP
  
  12288:e7HdQV/n31Ebd4p5ghY3gm/rRr+B/cN+7KgOJ+RhI34uc2lwS+xDww:e79QFFEp4/D3gmFmW+7rMF4uhlL+xDww
Score

7^/10

discovery persistence
- Modifies file permissions
  discovery
- Adds Run key to start application
  persistence
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

File and Directory Permissions Modification

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence