golddragon | 70298c1bfc6b8e07c0600f9264712211bcc7b57b28853d8143f249639cdf6569 | Triage

Submit
Reports

Overview

overview

Static

static

dd15c9f266...18.exe

windows7-x64

dd15c9f266...18.exe

windows10-2004-x64

Sharing

General

Target

dd15c9f2669bce96098b3f7fa791c87d_JaffaCakes118
Size

487KB
Sample

240912-1cgp9awblm
MD5

dd15c9f2669bce96098b3f7fa791c87d
SHA1

51d4122fa2c6ba1fea93845b28f5f872fe64d394
SHA256

70298c1bfc6b8e07c0600f9264712211bcc7b57b28853d8143f249639cdf6569
SHA512

f26aa6c7375af8fee7d6508dec9d8505f82fdab424bc76fbc6a02919101ccbde059b73d1c4ae1e49f2e252b6f07c4091882674a5cfb039988a68d8f638c8cb23
SSDEEP

6144:GJcYEPPdIzQ9rlg2kYVyn0Zdf6EN3D3StNynyS/fvT:GpgazGxVy0jf1Zz

Score

10^/10

golddragon backdoor discovery

Static task

static1

backdoor golddragon

3 signatures

Behavioral task

behavioral1

Sample

dd15c9f2669bce96098b3f7fa791c87d_JaffaCakes118.exe

Resource

win7-20240704-en

golddragon backdoor discovery

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

dd15c9f2669bce96098b3f7fa791c87d_JaffaCakes118.exe

Resource

win10v2004-20240802-en

golddragon backdoor discovery

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  dd15c9f2669bce96098b3f7fa791c87d_JaffaCakes118
- Size
  
  487KB
- MD5
  
  dd15c9f2669bce96098b3f7fa791c87d
- SHA1
  
  51d4122fa2c6ba1fea93845b28f5f872fe64d394
- SHA256
  
  70298c1bfc6b8e07c0600f9264712211bcc7b57b28853d8143f249639cdf6569
- SHA512
  
  f26aa6c7375af8fee7d6508dec9d8505f82fdab424bc76fbc6a02919101ccbde059b73d1c4ae1e49f2e252b6f07c4091882674a5cfb039988a68d8f638c8cb23
- SSDEEP
  
  6144:GJcYEPPdIzQ9rlg2kYVyn0Zdf6EN3D3StNynyS/fvT:GpgazGxVy0jf1Zz
Score

10^/10

golddragon backdoor discovery
- GoldDragon
  GoldDragon is a second-stage backdoor attributed to Kimsuky.
  backdoor golddragon
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

backdoorgolddragon

behavioral1

golddragonbackdoordiscovery

behavioral2

golddragonbackdoordiscovery

© 2018-2025

Terms | Privacy