gink | ce88553dd337a6a2b277499fcf00b6b3ea2b0854f5aeb2620bfdaa8b5e2be589 | Triage

Sharing

General

Target

ce88553dd337a6a2b277499fcf00b6b3ea2b0854f5aeb2620bfdaa8b5e2be589.exe
Size

34KB
Sample

240523-r5b6sseg5v
MD5

572a8f74645196f80d289c67fdb7a400
SHA1

de0f5ed3b8350285b0c281a3f7682e7677583282
SHA256

ce88553dd337a6a2b277499fcf00b6b3ea2b0854f5aeb2620bfdaa8b5e2be589
SHA512

5f02f5ab986991a0bbf1ffdaa39acb824df023d7185e2239ca5fcd713ae55a7779a03978a3bb1dbc7c5d1f5f92e2f69187cbdea5ba9feeb40aff22d10f860c62
SSDEEP

384:U6Lz0OyPaGPbG8FecNrgzbUFPlfRNefMfNq8UTCKWRzpeancfKykJIyfgS9/V+iy:U6Lo1RPbPFHRgzwFPlf/efMTTdI8W

Score

10^/10

gink persistence worm

Malware Config

Targets

- Target
  
  ce88553dd337a6a2b277499fcf00b6b3ea2b0854f5aeb2620bfdaa8b5e2be589.exe
- Size
  
  34KB
- MD5
  
  572a8f74645196f80d289c67fdb7a400
- SHA1
  
  de0f5ed3b8350285b0c281a3f7682e7677583282
- SHA256
  
  ce88553dd337a6a2b277499fcf00b6b3ea2b0854f5aeb2620bfdaa8b5e2be589
- SHA512
  
  5f02f5ab986991a0bbf1ffdaa39acb824df023d7185e2239ca5fcd713ae55a7779a03978a3bb1dbc7c5d1f5f92e2f69187cbdea5ba9feeb40aff22d10f860c62
- SSDEEP
  
  384:U6Lz0OyPaGPbG8FecNrgzbUFPlfRNefMfNq8UTCKWRzpeancfKykJIyfgS9/V+iy:U6Lo1RPbPFHRgzwFPlf/efMTTdI8W
Score

10^/10

gink persistence worm
- Gink
  worm gink
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ginkpersistenceworm

behavioral2

ginkpersistenceworm