182095df0690896c1b2b6f29e44dffd0111a326d0b2deb3cac75add691ced11e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-08-05_a4825eef91642cac211404f299e89109_goldeneye
Size

372KB
Sample

240805-mp4tnatelj
MD5

a4825eef91642cac211404f299e89109
SHA1

419d84652bd7f41c1b52e0a030434678ef4d0e60
SHA256

182095df0690896c1b2b6f29e44dffd0111a326d0b2deb3cac75add691ced11e
SHA512

1d1b72c8fed180674a19c84ca682d646cb724ca9c3d0a38893007f584e87280d98ed7da790218bb6795dfd3823c316ff0c4f75ce24d0baf16453ec9e8ac7087c
SSDEEP

3072:CEGh0owlMOiNOe2MUVg3bHrH/HqOYGte+rcC4F0fJGRIS8Rfd7eQEcGcrTutTBfM:CEGilkOe2MUVg3vTeKcAEciTBqr3

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  2024-08-05_a4825eef91642cac211404f299e89109_goldeneye
- Size
  
  372KB
- MD5
  
  a4825eef91642cac211404f299e89109
- SHA1
  
  419d84652bd7f41c1b52e0a030434678ef4d0e60
- SHA256
  
  182095df0690896c1b2b6f29e44dffd0111a326d0b2deb3cac75add691ced11e
- SHA512
  
  1d1b72c8fed180674a19c84ca682d646cb724ca9c3d0a38893007f584e87280d98ed7da790218bb6795dfd3823c316ff0c4f75ce24d0baf16453ec9e8ac7087c
- SSDEEP
  
  3072:CEGh0owlMOiNOe2MUVg3bHrH/HqOYGte+rcC4F0fJGRIS8Rfd7eQEcGcrTutTBfM:CEGilkOe2MUVg3vTeKcAEciTBqr3
Score

8^/10

discovery persistence
- Boot or Logon Autostart Execution: Active Setup
  Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
  persistence
- Deletes itself
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Active Setup

Privilege Escalation

Boot or Logon Autostart Execution

Active Setup

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence