Overview

overview

6

Static

static

1

GetGoDMWeb...er.exe

windows7-x64

6

GetGoDMWeb...er.exe

windows10-2004-x64

6

$TEMP/GetG...nt.exe

windows7-x64

6

$TEMP/GetG...nt.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    GetGoDMWebInstaller.exe

  • Size

    1.2MB

  • Sample

    240808-yvw7jssfkb

  • MD5

    aed283d0b46486c01632fb3084b38d3b

  • SHA1

    78d8fe507340ffc7fc61924b91410bb8dc08e327

  • SHA256

    b738c41b8edaed371228bc720f93e0ae5948084e62738dbd2f7d5de2ddfe2a3b

  • SHA512

    463a1851fb5c87261cd3f72e7154fd31461166d12e7b482cf651bd800cc1662555b18e38962f7678796a2f4198654571fbded5e3e061f4695861b4cce1033346

  • SSDEEP

    24576:6UUfyV/OwlPEZTHBGR3JXlxXnr4s8cdckgrD+XWNW8LQSK:68/rlPEhURZVF4sDxgr08PLK

Score
6/10
discovery

Malware Config

Targets

    • Target

      GetGoDMWebInstaller.exe

    • Size

      1.2MB

    • MD5

      aed283d0b46486c01632fb3084b38d3b

    • SHA1

      78d8fe507340ffc7fc61924b91410bb8dc08e327

    • SHA256

      b738c41b8edaed371228bc720f93e0ae5948084e62738dbd2f7d5de2ddfe2a3b

    • SHA512

      463a1851fb5c87261cd3f72e7154fd31461166d12e7b482cf651bd800cc1662555b18e38962f7678796a2f4198654571fbded5e3e061f4695861b4cce1033346

    • SSDEEP

      24576:6UUfyV/OwlPEZTHBGR3JXlxXnr4s8cdckgrD+XWNW8LQSK:68/rlPEhURZVF4sDxgr08PLK

    Score
    6/10
    discovery

    • Downloads MZ/PE file

    behavioral1behavioral2

    • Target

      $TEMP/GetGoWIClient.exe

    • Size

      2.3MB

    • MD5

      fde1847d72ceccceea496380cd878b4c

    • SHA1

      63defcfc407ec98a304ff0bdcb59bd592cb8bdc6

    • SHA256

      b39ecd94f3e37e4c85471f40690c4570cdc8b8d317dfff8e596b3b352a7a5730

    • SHA512

      1cd5c67ea0411d80069906116b0589645aa33f9824489c10d89509693534998c29a4b6ad556c64c3eade99a72a6ed7ecd0d64dd896bdc7cc7414af4dc151d3c9

    • SSDEEP

      49152:jz1Bq3YT9UXfssrVubPA/SMBtEsbdtwB/lmt3U:NE3g2X9rVubPCSMHEsbdtdq

    Score
    6/10
    discovery

    • Downloads MZ/PE file

    behavioral3behavioral4

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

2
T1082

System Location Discovery

2
T1614

System Language Discovery

2
T1614.001

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks