d37b20f11852070f2b4c59ad5c117382e0801ef806855015b464c7a5459f701d

Sharing

Copy URL

Twitter E-mail

General

Target

GoDm (3).zip
Size

5.9MB
Sample

240204-lvvbqseeh9
MD5

25b209f5d34b14efb2b6f99f247b48d7
SHA1

b20155ef3a339631776cb40a30cc4f42906eb04a
SHA256

d37b20f11852070f2b4c59ad5c117382e0801ef806855015b464c7a5459f701d
SHA512

9588bdf138167badeb2eb23835e246a148a0f7344558da6c5723e543ea281c5d4567b6e162d31a3aae618a733822e9b849ec988c99c6f67ffd0d75350addd594
SSDEEP

98304:1yL7sq025C5D5FrV5eqB0PEt452vNQOYn6teKKMtsX8+hOKckxk0OgYfW1YXT4qJ:kMP25C5NFrVDjt452KOY605MtsXBwJtb

Score

7^/10

Malware Config

Targets

- Target
  
  GoDm (3).zip
- Size
  
  5.9MB
- MD5
  
  25b209f5d34b14efb2b6f99f247b48d7
- SHA1
  
  b20155ef3a339631776cb40a30cc4f42906eb04a
- SHA256
  
  d37b20f11852070f2b4c59ad5c117382e0801ef806855015b464c7a5459f701d
- SHA512
  
  9588bdf138167badeb2eb23835e246a148a0f7344558da6c5723e543ea281c5d4567b6e162d31a3aae618a733822e9b849ec988c99c6f67ffd0d75350addd594
- SSDEEP
  
  98304:1yL7sq025C5D5FrV5eqB0PEt452vNQOYn6teKKMtsX8+hOKckxk0OgYfW1YXT4qJ:kMP25C5NFrVDjt452KOY605MtsXBwJtb
Score

7^/10
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1
- Target
  
  GoDm/.git/hooks/applypatch-msg.sample
- Size
  
  478B
- MD5
  
  ce562e08d8098926a3862fc6e7905199
- SHA1
  
  4de88eb95a5e93fd27e78b5fb3b5231a8d8917dd
- SHA256
  
  0223497a0b8b033aa58a3a521b8629869386cf7ab0e2f101963d328aa62193f7
- SHA512
  
  536cce804d84e25813993efdd240537b52d00ce9cdcecf1982f85096d56a521290104c825c00b370b2752201952a9616a3f4e28c5d27a5b4e4842101a2ff9bee
Score

3^/10
behavioral2
- Target
  
  GoDm/.git/hooks/commit-msg.sample
- Size
  
  896B
- MD5
  
  579a3c1e12a1e74a98169175fb913012
- SHA1
  
  ee1ed5aad98a435f2020b6de35c173b75d9affac
- SHA256
  
  1f74d5e9292979b573ebd59741d46cb93ff391acdd083d340b94370753d92437
- SHA512
  
  d6bb7fa747f4625adf1877f546565cbe812ca7dd4168f7e9068e6732555d8737eba549546cf5946649e3f38de82d173aaf9c160a4c9f9445655258b4c5f955eb
Score

3^/10
behavioral3
- Target
  
  GoDm/.git/hooks/fsmonitor-watchman.sample
- Size
  
  4KB
- MD5
  
  a0b2633a2c8e97501610bd3f73da66fc
- SHA1
  
  0ec0ec9ac11111433d17ea79e0ae8cec650dcfa4
- SHA256
  
  e0549964e93897b519bd8e333c037e51fff0f88ba13e086a331592bf801fa1d0
- SHA512
  
  5168643c1768ec83554a9066754507a781b6d14251a46a469222d462efc6ca87a72c90679154e8a723349c91e7772b32ac9b08dfe313cded0ee0a6f17885079e
- SSDEEP
  
  96:GFCscBOvOFXDgRvi/3UCwN4ZlkRo/j5SpoNOBoi+geBIzCa:GFCsEOmWRa8CwN4ZqRo7geEk3IzCa
Score

3^/10
behavioral4
- Target
  
  GoDm/.git/hooks/post-update.sample
- Size
  
  189B
- MD5
  
  2b7ea5cee3c49ff53d41e00785eb974c
- SHA1
  
  b614c2f63da7dca9f1db2e7ade61ef30448fc96c
- SHA256
  
  81765af2daef323061dcbc5e61fc16481cb74b3bac9ad8a174b186523586f6c5
- SHA512
  
  473ad124642571656276bf83b9ff63ab1804d3c23a5bdae52391c6f70a894849ac60c10c9d31deff3938922ce83b68b1e60c11592bbf7ea503f4acd39968cefa
Score

3^/10
behavioral5
- Target
  
  GoDm/.git/index
- Size
  
  2KB
- MD5
  
  88b467e780f0ab582ab8628f88c30c89
- SHA1
  
  0739e8ca23e20828ca8cae0dbbdf13a9169a2f71
- SHA256
  
  cdcfcc11f98cceea1a6e64dc7abdf7c323222aed1a2b970fd79a35ec76ec7cb8
- SHA512
  
  12814d7be19a4aa56fcc21b55ed95cdc3935b71d48227c3446c4bcd5244e18af7a64fbb4ee6e898a76f2af377d608a1d76554645e6e2a103591903769b9f1453
Score

1^/10
behavioral6
- Target
  
  GoDm/.git/info/exclude
- Size
  
  240B
- MD5
  
  036208b4a1ab4a235d75c181e685e5a3
- SHA1
  
  c879df015d97615050afa7b9641e3352a1e701ac
- SHA256
  
  6671fe83b7a07c8932ee89164d1f2793b2318058eb8b98dc5c06ee0a5a3b0ec1
- SHA512
  
  9828c6ecdf91bf117416e17f4ee9caee2e1e37b6fb00b9ff04035ace17a3089b9d0a25c6baa1046c0e1c62d3da88838e8fca74ea82973d6b975905fde58f3072
Score

1^/10
behavioral7
- Target
  
  GoDm/.git/logs/HEAD
- Size
  
  198B
- MD5
  
  e7905ebdb48333559b89a1c524550ad9
- SHA1
  
  707f958a1338f4a97cec0a0d2f50708357dd86fe
- SHA256
  
  282c951e4299ec0381b49495056bbb70a895126f8a7a55e2b27e2f99162d2590
- SHA512
  
  42abfa978601229cdbe5fae62bbef3fdd7299ecea0fd172dcc96121bf19fe80bddc0c349e0bfb144e198b36270b374fbbba40ace569a6873ea74d20fb0710f71
Score

1^/10
behavioral8
- Target
  
  GoDm/.git/logs/refs/heads/main
- Size
  
  198B
- MD5
  
  e7905ebdb48333559b89a1c524550ad9
- SHA1
  
  707f958a1338f4a97cec0a0d2f50708357dd86fe
- SHA256
  
  282c951e4299ec0381b49495056bbb70a895126f8a7a55e2b27e2f99162d2590
- SHA512
  
  42abfa978601229cdbe5fae62bbef3fdd7299ecea0fd172dcc96121bf19fe80bddc0c349e0bfb144e198b36270b374fbbba40ace569a6873ea74d20fb0710f71
Score

1^/10
behavioral9
- Target
  
  GoDm/.git/logs/refs/remotes/origin/HEAD
- Size
  
  198B
- MD5
  
  e7905ebdb48333559b89a1c524550ad9
- SHA1
  
  707f958a1338f4a97cec0a0d2f50708357dd86fe
- SHA256
  
  282c951e4299ec0381b49495056bbb70a895126f8a7a55e2b27e2f99162d2590
- SHA512
  
  42abfa978601229cdbe5fae62bbef3fdd7299ecea0fd172dcc96121bf19fe80bddc0c349e0bfb144e198b36270b374fbbba40ace569a6873ea74d20fb0710f71
Score

1^/10
behavioral10
- Target
  
  GoDm/.git/objects/pack/pack-9dc5098392533d81805be817b6915391f7ab36d5.idx
- Size
  
  19KB
- MD5
  
  b384f78b93efc0d2c2b08fe6eea858fc
- SHA1
  
  f883642e39ed624a2eefaaa1aa6e1b793556d559
- SHA256
  
  f78d2bcbe72616373d79241a7c1110a072b4346439d93915786e85548a811b70
- SHA512
  
  0c50fe94f204a165d38de8f1f952022aa8da07cc53f30f45753a88bc910e12d3c72ca49e30d5300c243c8b32d18e2f726b89fafbe13396d70c20c33f877a9231
- SSDEEP
  
  384:s2HXP5Nf2crZPU23t0LSVN791bCq7zmnioCzGTERsDaY/cG1zIs:PP/VB3hVN791TXFGT9Z/fL
Score

3^/10
behavioral11
- Target
  
  GoDm/.git/objects/pack/pack-9dc5098392533d81805be817b6915391f7ab36d5.pack
- Size
  
  204KB
- MD5
  
  01558baafbd170ad80fa145f8161ce05
- SHA1
  
  a442e96d97b7c6af90e2005e2fe0a101781d26e4
- SHA256
  
  c13d0ac65f9cdc7b0cb835667a74e498db8909af27d7bc4f7f55d6efb484e5d9
- SHA512
  
  3f3d5a501ae7a00fee657d5d77bf9ead16616ad2ec66bdca07e498ee096962fb722e997352f6b6a1417b9818bf5f4d26a97c8dd737a4af57b56ab518579122b4
- SSDEEP
  
  6144:3Mzr3E72uPprXxQ5hEZdPceFjTX33riSuVx0oRB+:3ED42Y1XxQ5hEoC6SuVKoz+
Score

3^/10
behavioral12
- Target
  
  GoDm/.git/packed-refs
- Size
  
  588B
- MD5
  
  2fa6e7909ad1faf8f3438d7ae7b86e42
- SHA1
  
  00b6d3e24f1fdad18a488c1111fe21171847cbd6
- SHA256
  
  7af3dce6720097f806e2c201d5353fd0f66c1e3fc9e13c07fcdc57a3c281bfd4
- SHA512
  
  9b691e1d2b70a2cffd7f06628e8d79a31b94c495a2f5a06e54166f3e714b2cee57eaa94407ae4c32e4eeccd5731a3710b27e5feaaf35de8844f4bd1be2ce72e5
Score

1^/10
behavioral13
- Target
  
  GoDm/.git/refs/heads/main
- Size
  
  41B
- MD5
  
  59ea721fe4bb27bff78e0c56b7e99513
- SHA1
  
  05188f2a28931ec3c202f541ce87e96cae29ebd1
- SHA256
  
  e00ce00bd9de597043ccf6f3bbeaa74356b8b53b940303c5e357d89f9b64c58c
- SHA512
  
  c81837fa881edeffe4b93a5cc306329ebf4af0345350846c6969361d99458ee7d1c4f482b1ed1af908dc306eea61a6cc7b2bd81dc60b2defca6167fc0fb7bae2
Score

1^/10
behavioral14
- Target
  
  GoDm/.git/refs/remotes/origin/HEAD
- Size
  
  30B
- MD5
  
  98b16e0b650190870f1b40bc8f4aec4e
- SHA1
  
  5ae7c22895c35af5f56ba1891a4dd62b4dc1f955
- SHA256
  
  2bb6a24aa0fc6c484100f5d51a29bbad841cd2c755f5d93faa204e5dbb4eb2b4
- SHA512
  
  9389d028754e6147cf04520f96de6d66cfa63e165eb8dd3069a900d9b6f4fde76e144e76afdf8a9af2e0f0988c0c674fe58a8d0662d63c0c634a284bbcc6d3c2
Score

1^/10
behavioral15
- Target
  
  GoDm/README.md
- Size
  
  4KB
- MD5
  
  31bfb3a1fa4da2bf02ddd08bea77a46d
- SHA1
  
  4ab528d3c44797fda9d8447abbf780f422b28950
- SHA256
  
  542469aa7c17ff018534973447a443c74556e5205fcfbd3c2fd1990b5b9ca6ad
- SHA512
  
  bb2dd79f61397dee90e6f8c6477902355bddc30178ac77f6d5d0bab3fa5139733afda5b2e445e41a706048f606a9a66a70228502935ea4c0caa5e9338880df04
- SSDEEP
  
  96:tYvBjF1sCbgbHox3zKZEfHlddMocz+JOz2nhtpdU9x1s1daKH:toFKWgbkzKZkd2ocahnex1Sd
Score

3^/10
behavioral16
- Target
  
  GoDm/client/connect.go
- Size
  
  7KB
- MD5
  
  0bfb48edda99afc6047229f4898e9108
- SHA1
  
  ac1118cc36fbfdb53cc687103f5160ff01748f88
- SHA256
  
  54da4513e9449ca20ac8a1438adc17ea28565c68ff8245e56a0ac577ec7e297f
- SHA512
  
  7b2abc95d4f9941ca84b50131be28a88863fd3978d09303352200e32dbf69adf6b570e1cc6c4175429a9cddb72719e0afbbd18f4db16e594d53aea8f50297b55
- SSDEEP
  
  192:GbEY4OEWJcJHgO5ZPG6t/PoDvtShlcitjcPb:gEY4O0wvtST/job
Score

3^/10
behavioral17
- Target
  
  GoDm/client/cookie.go
- Size
  
  2KB
- MD5
  
  3187ec86feb1003f3e2050822239a901
- SHA1
  
  692e2f65c85eae13800030870786f7ff665ec55c
- SHA256
  
  85fc39bcaf3a75383c0f5229a5e5081ee4cc8998feb9c6fd2efef504333c50d7
- SHA512
  
  74e3a8c884837ce8d310f1472248de66cae037e6343cff37285d5ca866e82f58ba58aa9a5d67f903bfe474a1e7abfe7a7331912792ebd3d23b202e51a8f4c744
Score

3^/10
behavioral18
- Target
  
  GoDm/client/errors.go
- Size
  
  2KB
- MD5
  
  9a9a96fa6335bd1f53dafb27a7591307
- SHA1
  
  7a7ca97f15850135566499cec516527d46157661
- SHA256
  
  ad818e30a307b282933a8fc9b3202c7d7dbf6761029153ee7a417760db7aebf9
- SHA512
  
  b236ab583e4c8e450233b7a69af855d1cb94064a0c66425f3357f139f2f2b051fe4582f80eb12b7d722e33975f51b23f539f3e71717a4afb8f8da9f2368eb439
Score

3^/10
behavioral19
- Target
  
  GoDm/config.json
- Size
  
  1004B
- MD5
  
  78c5a09d3d5c1ba09a9875d81a7a3454
- SHA1
  
  de00341c4f537fdcca0ceaf36e8492b2aaf3df89
- SHA256
  
  b76d9b49a4f15474bd02fa29022b48f06c2688cd8c93bf09a5577d437b7609ea
- SHA512
  
  ebe3b56a31b8537cc8c13d39b2c3a97b0ea307f5e63c7926ff17246ce57fe3ca4cdd00e8c9ac118538e39545b9562cc4348d15364d0466cc2beb81dab18f45e0
Score

3^/10
behavioral20
- Target
  
  GoDm/data/valid.txt
- Size
  
  2B
- MD5
  
  81051bcc2cf1bedf378224b0a93e2877
- SHA1
  
  ba8ab5a0280b953aa97435ff8946cbcbb2755a27
- SHA256
  
  7eb70257593da06f682a3ddda54a9d260d4fc514f645237f5ca74b08f8da61a6
- SHA512
  
  1b302a2f1e624a5fb5ad94ddc4e5f8bfd74d26fa37512d0e5face303d8c40eee0d0ffa3649f5da43f439914d128166cb6c4774a7caa3b174d7535451eb697b5d
Score

1^/10
behavioral21
- Target
  
  GoDm/errors.txt
- Size
  
  2B
- MD5
  
  81051bcc2cf1bedf378224b0a93e2877
- SHA1
  
  ba8ab5a0280b953aa97435ff8946cbcbb2755a27
- SHA256
  
  7eb70257593da06f682a3ddda54a9d260d4fc514f645237f5ca74b08f8da61a6
- SHA512
  
  1b302a2f1e624a5fb5ad94ddc4e5f8bfd74d26fa37512d0e5face303d8c40eee0d0ffa3649f5da43f439914d128166cb6c4774a7caa3b174d7535451eb697b5d
Score

1^/10
behavioral22
- Target
  
  GoDm/go.mod
- Size
  
  742B
- MD5
  
  dbf29b80c28efe845a6836bba5537801
- SHA1
  
  f2e9ded41346759149bb35e58a2000b88b91b329
- SHA256
  
  c273a49af6b3cc3a26790ee13978cd008e39945abaea46b5ce17e5582f5343a3
- SHA512
  
  eaa500ac014b67ce5b32383a24f74dd58774604df501fdb04599881b5073773dbb72051c504d85afa8e07a5551875d34932d48d17fbe3426be006eece487ef7d
Score

6^/10
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral23
- Target
  
  GoDm/go.sum
- Size
  
  4KB
- MD5
  
  fc5ee277747dd6d9d277b72aed8b7fbd
- SHA1
  
  8569d7c6de93947f3f7638c3e931675d140530b5
- SHA256
  
  4558d2f0415ebba570438ff88f77bd8975953ca9a30aa72a09d6febf8e946ddc
- SHA512
  
  711ea2dac117eda903834ec77e1054ddd7fb440bcf9ee5cea77087cdcedcebdf4282b74ec9fd53810c68898d5156973abd46a83bd8e15b5718c2e6a785b6fb98
- SSDEEP
  
  96:jBvb8dbmTMDRg/LQiM4hmRPPlhDdPlf+Ak9vAyOfrs76L+Ao4:jBuDYfM4hmRPPlLltk9YC766T4
Score

3^/10
behavioral24
- Target
  
  GoDm/scraper/scraper.go
- Size
  
  5KB
- MD5
  
  f9edf4daa3709e24671b4bd46aff8bae
- SHA1
  
  5e71f28e887a3a2f54479a4022700a05a88e6839
- SHA256
  
  e4c5613a50c42f8cc7c3c5e8a7ca8b16dd7e0da5910bc9ff7b71bdbad2a68643
- SHA512
  
  0d98b79b9db0ced7e304bb6b65b0418129f2e5770221d8fe4c98417e2547ebb4d7ad44ddfe14387b3b1531d928f4da677cee8075893d8f1295f1113dd9d30c6f
- SSDEEP
  
  96:XRhx6EPOJsRJzsdEygaSlEZCOYW0n89+3Nh0LN+zl1vkHoNvOPy:XRuEmddNSkCOz/9cNhMAfkINWPy
Score

3^/10
behavioral25
- Target
  
  GoDm/scraper/structs.go
- Size
  
  3KB
- MD5
  
  eb184df688d8a85fe618a07e025182eb
- SHA1
  
  89e5abcc49e03b019dd8a802d0ea340eaf3711b0
- SHA256
  
  f84e9e3c9d099b8c3bde26eebf56cc51c7201d373841e72c73688f75a0c3f3bb
- SHA512
  
  6d39386ef895abb18e3934c7e0c3fb39fb3a489930f71a66d1b4b29f1d9617edac5ee7a229bd1caab23156b3ae499c77d68e81f8228cf3140ba59fa31bdd0152
Score

3^/10
behavioral26
- Target
  
  GoDm/src/README.vendor
- Size
  
  17B
- MD5
  
  b6b4d410b2c056beb7044b9fe322188d
- SHA1
  
  103ffce0c8045c2a711c8ef9748a27498fcfbd56
- SHA256
  
  f78a9eb3a6ce2621a9588a0467db02b5f81acdb0130b3b2f3611c81fe4c2cad0
- SHA512
  
  4592fdd080ea4978992a2c086c659bcb9b9b51793fa89c5f53ffa25aa0b3c0bada3d028b5075ce11e381fa57cb2067aac9e49c3aff378e86de3fc19054f61d1e
Score

3^/10
behavioral27
- Target
  
  GoDm/src/client.go
- Size
  
  381B
- MD5
  
  f1bba574670092fd797729594793905b
- SHA1
  
  44f573a659a6a9dbbb11d9f4692c892dcb72e737
- SHA256
  
  ba8e89925a09654623bf9e465130a8e8c27bebb0fbb78a764b6d10f1eafe82c1
- SHA512
  
  caa4877104c3b507336d5e96790f7b014582e5d1ddd599ab4718556c2ae19cf239d060665b20df2133dc7c9927cd32bc2a0133644390e6318dc0dd275a2a27a1
Score

3^/10
behavioral28
- Target
  
  GoDm/src/headers.go
- Size
  
  15KB
- MD5
  
  e6877883e1a34972e90fe000f8ab73e6
- SHA1
  
  ec8ceec6ee2c2f6c9f466e6f3b159c289bdfaa2e
- SHA256
  
  fe771d7a1b3ccd80c66ebd03b8727333de84a92c5b2c633086b1b6c71e96bb1c
- SHA512
  
  aae5f51cc6f984f7e126f15d7484e9dc3d0b5b897ba44c03dab985e1ebcc898fdb80e0b659d8ed83e4c370ea7dace7d3b14a4d9f75d9864c62334ebc96342631
- SSDEEP
  
  384:g9xZ9xl9x4DxnexpPxTi9xtGKMGKUmxFTxnTxZ6x+:Y9Js2fitMNbN4+
Score

3^/10
behavioral29
- Target
  
  GoDm/src/massdm.go
- Size
  
  10KB
- MD5
  
  2e6a057f075a6fa29007250de4d7b137
- SHA1
  
  f7049f15d0081f1ece6ffcf4cf229c2a1b3ab105
- SHA256
  
  e3080fc2c1eb6cd384ccef5fd4fdf6faebe6d1e8b02f6d19203ee2188264e22f
- SHA512
  
  af83ef08d7f4b382cd2d53fb9f282399721f86cbe5a96e2365f66e0a20f16a35469ce64ff576f9b7c423971b3467e752012f73953fde6bfe158a274a5285870c
- SSDEEP
  
  192:gpfl4+wtiovuhB5qwiNbvmxqqu8NiqVZRmG+y:gbfovuhB5q5ht8iqV/mG/
Score

3^/10
behavioral30
- Target
  
  GoDm/src/modules.go
- Size
  
  14KB
- MD5
  
  887f8942d3dbc99bee5e59d281009949
- SHA1
  
  f207f39a5415b015030e2973c44630d0433d90d4
- SHA256
  
  63d0a3fee476a8d66c455a496f3a5fa4dd0325e6dc42c7cb3be65d54e00f7f2a
- SHA512
  
  c9e3385cd231c952cebbe4032ae1e4b207cd0064d03d68642e9d575032d0cc616447d29e05faa88b29f4a4c38523bf9e8eb2bd6d198c8b3507cd7501d92976bf
- SSDEEP
  
  192:ieceLNK8T84D14yKvUdkagraQNWeJ4krurj6EZ3j9jwKlEFYdtN7fGe4v:RcEpT88wcfQNWVSynVTNT94v
Score

1^/10
behavioral31
- Target
  
  GoDm/src/structs.go
- Size
  
  8KB
- MD5
  
  57ee28583a75357f1ca926eb61fe4757
- SHA1
  
  0a093cb7f586357c9e61b7daee8084229db3ae52
- SHA256
  
  a409e3e0b1ef8a0eade566867973f4ce239e6c44ec2533135ae14150391bfa12
- SHA512
  
  43e9be9db8757bb7f868e4a7072b835ae3aabaf2ca31b864166cacfd40bc006c6425960b1a6d3685b040314b967fde69e70ef80c41ec60ef9e4368e7f12e9910
- SSDEEP
  
  192:YrCB2F1EJW9fmfpuXFfKdO7L+koFPTWDoFxAlt746NLWoj:SCB2FyW9fmhuXFWkoLkDWoj
Score

3^/10
behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Loads dropped DLL

Legitimate hosting services abused for malware hosting/C2

Enumerates connected drives

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32