gink | 6784f8efe4e5665146163b8789aa628561fa65508a5f9408da3ce4b4971e700d | Triage

Sharing

General

Target

6784f8efe4e5665146163b8789aa628561fa65508a5f9408da3ce4b4971e700dN.exe
Size

37KB
Sample

250102-et34xsvphn
MD5

23d0d6d2dbed090e5ca5bcc0c3b0a6f0
SHA1

eedb8a6d9ca3d6e1512e7aa938e7307a24b8c1d6
SHA256

6784f8efe4e5665146163b8789aa628561fa65508a5f9408da3ce4b4971e700d
SHA512

71b0538ab4d225c9bdf73dffa9fa450dbdd52ce7c30f5098d23f832ba9b975e34070da5bcd18af2f7077153066c57334d5efb70250e1e37bf38cdc11f3b70385
SSDEEP

384:NWSe7kGzpamkGOJBujjzXmysBhu8j5XJkYnI8x:kS7GzpRkujzXmyyltXOyI8x

Score

10^/10

gink discovery persistence worm

Malware Config

Targets

- Target
  
  6784f8efe4e5665146163b8789aa628561fa65508a5f9408da3ce4b4971e700dN.exe
- Size
  
  37KB
- MD5
  
  23d0d6d2dbed090e5ca5bcc0c3b0a6f0
- SHA1
  
  eedb8a6d9ca3d6e1512e7aa938e7307a24b8c1d6
- SHA256
  
  6784f8efe4e5665146163b8789aa628561fa65508a5f9408da3ce4b4971e700d
- SHA512
  
  71b0538ab4d225c9bdf73dffa9fa450dbdd52ce7c30f5098d23f832ba9b975e34070da5bcd18af2f7077153066c57334d5efb70250e1e37bf38cdc11f3b70385
- SSDEEP
  
  384:NWSe7kGzpamkGOJBujjzXmysBhu8j5XJkYnI8x:kS7GzpRkujzXmyyltXOyI8x
Score

10^/10

gink discovery persistence worm
- Gink
  worm gink
- Gink family
  gink
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ginkdiscoverypersistenceworm

behavioral2

ginkdiscoverypersistenceworm