5ce0d63016624c340ad43c4ce0c26f96d40ce5edb8812634c4a7029833ff1096 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0753c5b4630a6b9198d9da54c3a1a471
Size

88KB
Sample

231225-fylk4sdfdq
MD5

0753c5b4630a6b9198d9da54c3a1a471
SHA1

7dfd8d5e8ef338c86e5c2704bef5e018c9cde416
SHA256

5ce0d63016624c340ad43c4ce0c26f96d40ce5edb8812634c4a7029833ff1096
SHA512

dc584a64a2d7afcd9dcb2a89be329e2636604c0c02458380ccff4674abf3c5cdd309a7b1efd03a6cc9dd21559a2c13074909fca17b9608cf63501b67de1388a3
SSDEEP

1536:NQwHfvMS0xcGxFyhQkrnb1Mq9WbB7fS+lE+dFNpRD+xIh7N0YNPrEiJmAEpbsps:NnHXMpxcGxFyhQ0bOqYxf7v3YKj3JmWK

Score

8^/10

Malware Config

Targets

- Target
  
  PHOTO-GOLAYA.exe
- Size
  
  180KB
- MD5
  
  150145e71d2d6d5dea85bad963c49939
- SHA1
  
  1f96fc6f6bc2f0d33680ff38c440e95e348edfb4
- SHA256
  
  ee36fa40e546682624e4028bb270e5282f49fdf623f36d729b8900cba823e887
- SHA512
  
  709d6f9b98269ffb6299484f1fbd9e73d307281af24430ef33d7c09a3425259a854acb74fe1e5a46bd308d0fcd293e8bd00e86b5f0c88054bd7eac0cdb861912
- SSDEEP
  
  3072:6BAp5XhKpN4eOyVTGfhEClj8jTk+0hL/eSZZvLf6CNsPrXJ8WYQKaLnS:JbXE9OiTGfhEClq90GSZZvLCCNsPrXJm
Score

8^/10
- Blocklisted process makes network request
- Drops file in Drivers directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2