39ebe26486ffc1198f4995d7060e77c0c13cc52a84a13002735decb2a6ae0e7e | Triage

Sharing

General

Target

2024-11-21_6f3518815a4556a1edb0c30430ed1a17_goldeneye
Size

408KB
Sample

241121-eqx4hatjek
MD5

6f3518815a4556a1edb0c30430ed1a17
SHA1

d092b17682bbc9937060f3b6fc66cb821d1eb51e
SHA256

39ebe26486ffc1198f4995d7060e77c0c13cc52a84a13002735decb2a6ae0e7e
SHA512

8e2a112ee9534d7364e150934a1ed002074a1fdf1f23f67fa3d94ad42b2b616e3c79f617c44a7ab22cbf614b039d223a3a5b550edee95bfe91da536b409e3233
SSDEEP

3072:CEGh0oBl3OiNOe2MUVg3bHrH/HqOYGte+rcC4F0fJGRIS8Rfd7eQEcGcrTutTBf3:CEGnldOe2MUVg3vTeKcAEciTBqr3jy

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  2024-11-21_6f3518815a4556a1edb0c30430ed1a17_goldeneye
- Size
  
  408KB
- MD5
  
  6f3518815a4556a1edb0c30430ed1a17
- SHA1
  
  d092b17682bbc9937060f3b6fc66cb821d1eb51e
- SHA256
  
  39ebe26486ffc1198f4995d7060e77c0c13cc52a84a13002735decb2a6ae0e7e
- SHA512
  
  8e2a112ee9534d7364e150934a1ed002074a1fdf1f23f67fa3d94ad42b2b616e3c79f617c44a7ab22cbf614b039d223a3a5b550edee95bfe91da536b409e3233
- SSDEEP
  
  3072:CEGh0oBl3OiNOe2MUVg3bHrH/HqOYGte+rcC4F0fJGRIS8Rfd7eQEcGcrTutTBf3:CEGnldOe2MUVg3vTeKcAEciTBqr3jy
Score

8^/10

discovery persistence
- Boot or Logon Autostart Execution: Active Setup
  Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
  persistence
- Deletes itself
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Active Setup

Privilege Escalation

Boot or Logon Autostart Execution

Active Setup

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence