dd43252cb57009557a4438f4e629ac2c5e90f2fd7958512fb7ed4ee96c70f663 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-08-10_948a82116aedd55bc511405977af66e9_goldeneye
Size

408KB
Sample

240810-cdhrya1apl
MD5

948a82116aedd55bc511405977af66e9
SHA1

90766798b5d212ce7102082167443d8f51e4552e
SHA256

dd43252cb57009557a4438f4e629ac2c5e90f2fd7958512fb7ed4ee96c70f663
SHA512

c5d95c333643426b47c5998c11176cda3d062e4f7428d5a8d784e392895333c493131c86c6805fe8ddb90850353080a517e83f16fd9ea118f4298135717a0b9d
SSDEEP

3072:CEGh0oMl3OiNOe2MUVg3bHrH/HqOYGte+rcC4F0fJGRIS8Rfd7eQEcGcrTutTBf3:CEGaldOe2MUVg3vTeKcAEciTBqr3jy

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  2024-08-10_948a82116aedd55bc511405977af66e9_goldeneye
- Size
  
  408KB
- MD5
  
  948a82116aedd55bc511405977af66e9
- SHA1
  
  90766798b5d212ce7102082167443d8f51e4552e
- SHA256
  
  dd43252cb57009557a4438f4e629ac2c5e90f2fd7958512fb7ed4ee96c70f663
- SHA512
  
  c5d95c333643426b47c5998c11176cda3d062e4f7428d5a8d784e392895333c493131c86c6805fe8ddb90850353080a517e83f16fd9ea118f4298135717a0b9d
- SSDEEP
  
  3072:CEGh0oMl3OiNOe2MUVg3bHrH/HqOYGte+rcC4F0fJGRIS8Rfd7eQEcGcrTutTBf3:CEGaldOe2MUVg3vTeKcAEciTBqr3jy
Score

8^/10

discovery persistence
- Boot or Logon Autostart Execution: Active Setup
  Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
  persistence
- Deletes itself
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Active Setup

Privilege Escalation

Boot or Logon Autostart Execution

Active Setup

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence