Resubmissions

20-06-2024 20:38

240620-ze8fbawfqb 7

03-06-2024 00:43

240603-a3eepsec73 10

General

  • Target

    goggle.com trojan.exe

  • Size

    18.1MB

  • Sample

    240620-ze8fbawfqb

  • MD5

    cde9ef7ddb7296fcfb8e1212b91c2eb0

  • SHA1

    ff642c027aaf198356d5878db24ec9d0aec03118

  • SHA256

    361c5ca1db8ea24f3a773cddcddbcbaebd845432dcd12e180bfd975114366f28

  • SHA512

    45bdf680fab9883c8d42e7258efdfdb74e2a0502a999055f5f4c8fbac87b0f4666ade841d5aab7cbccff10897de75b0cbc33fef4f3f1963d5c1c30704119d616

  • SSDEEP

    393216:9SiyEBhx7QN5oXE45QhcrOXHdHiLCgfWwI:9SibhxU545Qj3sLCgfBI

Score
7/10

Malware Config

Targets

    • Target

      goggle.com trojan.exe

    • Size

      18.1MB

    • MD5

      cde9ef7ddb7296fcfb8e1212b91c2eb0

    • SHA1

      ff642c027aaf198356d5878db24ec9d0aec03118

    • SHA256

      361c5ca1db8ea24f3a773cddcddbcbaebd845432dcd12e180bfd975114366f28

    • SHA512

      45bdf680fab9883c8d42e7258efdfdb74e2a0502a999055f5f4c8fbac87b0f4666ade841d5aab7cbccff10897de75b0cbc33fef4f3f1963d5c1c30704119d616

    • SSDEEP

      393216:9SiyEBhx7QN5oXE45QhcrOXHdHiLCgfWwI:9SibhxU545Qj3sLCgfBI

    Score
    7/10
    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v13

Persistence

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Defense Evasion

Modify Registry

3
T1112

Subvert Trust Controls

1
T1553

Install Root Certificate

1
T1553.004

Discovery

System Information Discovery

1
T1082

Tasks