cf8047d4cc968984abac31c651812624f934d6a0a246e13aa6439efc15a76437 | Triage

Sharing

General

Target

goop.exe
Size

26KB
Sample

240529-fqtxhsbc9w
MD5

c731fe3c96d4c99b5e0bbfbf0beddcbd
SHA1

1755196df713731e92da7aef8039f958600966d1
SHA256

cf8047d4cc968984abac31c651812624f934d6a0a246e13aa6439efc15a76437
SHA512

72d2cb9d130266b4baa95ac907b578d51fc6d9b8c085fdded861d34933c9a4361e73ca4820e849d34099ad67468899e2e3a37a09bc93b07dab194f0c213d4c7e
SSDEEP

768:sEHP8yBrsBn3HQVOaqM41v1XbV9egm3Hrdd:sEHP8yBrsyIrTXeX3X

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  goop.exe
- Size
  
  26KB
- MD5
  
  c731fe3c96d4c99b5e0bbfbf0beddcbd
- SHA1
  
  1755196df713731e92da7aef8039f958600966d1
- SHA256
  
  cf8047d4cc968984abac31c651812624f934d6a0a246e13aa6439efc15a76437
- SHA512
  
  72d2cb9d130266b4baa95ac907b578d51fc6d9b8c085fdded861d34933c9a4361e73ca4820e849d34099ad67468899e2e3a37a09bc93b07dab194f0c213d4c7e
- SSDEEP
  
  768:sEHP8yBrsBn3HQVOaqM41v1XbV9egm3Hrdd:sEHP8yBrsyIrTXeX3X
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Modifies file permissions
  discovery
- Use of msiexec (install) with remote resource
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2