gink | 5b322d38e272ae35d9c8ad64718aaf7be68050b7eb52ae96ba58d6db3b7bff39 | Triage

Sharing

General

Target

5b322d38e272ae35d9c8ad64718aaf7be68050b7eb52ae96ba58d6db3b7bff39N.exe
Size

37KB
Sample

241216-cjv98aykdv
MD5

7a1638a774dcb75c4b307fd628bbb490
SHA1

dbc438cd522c531001da2a1694c8eb338aaddac8
SHA256

5b322d38e272ae35d9c8ad64718aaf7be68050b7eb52ae96ba58d6db3b7bff39
SHA512

e2089b26eae633d69c3c16b8ba98990039661408068dba5eef7c982b66e10ed67cc5ec4accd3d42d7344efa4827e682f7e0e22a2febe8042983f80392cbee924
SSDEEP

384:YqAejExCYUuI+pKOiBg406/2J0PtohDIYcPTuSBRdWlyEwzpQ44d0JnI8Zgt:SejExC5XEu06NYINfBR/s44SdI8Zgt

Score

10^/10

gink discovery persistence worm

Malware Config

Targets

- Target
  
  5b322d38e272ae35d9c8ad64718aaf7be68050b7eb52ae96ba58d6db3b7bff39N.exe
- Size
  
  37KB
- MD5
  
  7a1638a774dcb75c4b307fd628bbb490
- SHA1
  
  dbc438cd522c531001da2a1694c8eb338aaddac8
- SHA256
  
  5b322d38e272ae35d9c8ad64718aaf7be68050b7eb52ae96ba58d6db3b7bff39
- SHA512
  
  e2089b26eae633d69c3c16b8ba98990039661408068dba5eef7c982b66e10ed67cc5ec4accd3d42d7344efa4827e682f7e0e22a2febe8042983f80392cbee924
- SSDEEP
  
  384:YqAejExCYUuI+pKOiBg406/2J0PtohDIYcPTuSBRdWlyEwzpQ44d0JnI8Zgt:SejExC5XEu06NYINfBR/s44SdI8Zgt
Score

10^/10

gink discovery persistence worm
- Gink
  worm gink
- Gink family
  gink
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ginkdiscoverypersistenceworm

behavioral2

ginkdiscoverypersistenceworm