c52f39ab287adbb26711e985d28075252b354d25fd94eda22e212420bf7e902f | Triage

Sharing

General

Target

2024-09-07_b48bf5c068332e0be24f5bf7c8202c18_goldeneye
Size

344KB
Sample

240907-xpb4razalp
MD5

b48bf5c068332e0be24f5bf7c8202c18
SHA1

301c9e17d4c279e33911bbd3368c7dfb9943145f
SHA256

c52f39ab287adbb26711e985d28075252b354d25fd94eda22e212420bf7e902f
SHA512

ac820690df49c1c8434ae5804ae1b0d39effe9fc99329b3cc0ba3328869f538c193c7960cad232edad83425e438e7ef0bdf8c2372d4ce0ddef2af2b9c85740f7
SSDEEP

3072:mEGh0o3lEOiDOe2MUVg3bHrH/HqOYGb+4QnZZIne+rcC4F0fJGRIS8Rfd7eQEcGL:mEGtlqOe2MUVg3v2IneKcAEcA

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  2024-09-07_b48bf5c068332e0be24f5bf7c8202c18_goldeneye
- Size
  
  344KB
- MD5
  
  b48bf5c068332e0be24f5bf7c8202c18
- SHA1
  
  301c9e17d4c279e33911bbd3368c7dfb9943145f
- SHA256
  
  c52f39ab287adbb26711e985d28075252b354d25fd94eda22e212420bf7e902f
- SHA512
  
  ac820690df49c1c8434ae5804ae1b0d39effe9fc99329b3cc0ba3328869f538c193c7960cad232edad83425e438e7ef0bdf8c2372d4ce0ddef2af2b9c85740f7
- SSDEEP
  
  3072:mEGh0o3lEOiDOe2MUVg3bHrH/HqOYGb+4QnZZIne+rcC4F0fJGRIS8Rfd7eQEcGL:mEGtlqOe2MUVg3v2IneKcAEcA
Score

8^/10

discovery persistence
- Boot or Logon Autostart Execution: Active Setup
  Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
  persistence
- Deletes itself
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Active Setup

Privilege Escalation

Boot or Logon Autostart Execution

Active Setup

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence