gink | 17ca9aae34888dead6d605575f3114079d8053e76e1f48e3abcfd26431c18453 | Triage

Sharing

General

Target

17ca9aae34888dead6d605575f3114079d8053e76e1f48e3abcfd26431c18453N.exe
Size

37KB
Sample

250103-1ext9axldq
MD5

6b9b993fecb9f1d100ac4865204308e0
SHA1

7234e455f0251b84f8422ada6b60f8fbba0b4e50
SHA256

17ca9aae34888dead6d605575f3114079d8053e76e1f48e3abcfd26431c18453
SHA512

da98d54559387a5bacb47d7c373c3d43311c91636253cb3173fa622760d4f5e0aeb8352b8996a854c38b37e4ee6b27794a1aa753169582526a6736f5b3dd39eb
SSDEEP

384:+iES2vYc0SYQB5YrxwV2zAK9+V68j0lKF94RmRRnnI8I2D:+iEqc0CjVoY0lKF607nI8N

Score

10^/10

gink discovery persistence worm

Malware Config

Targets

- Target
  
  17ca9aae34888dead6d605575f3114079d8053e76e1f48e3abcfd26431c18453N.exe
- Size
  
  37KB
- MD5
  
  6b9b993fecb9f1d100ac4865204308e0
- SHA1
  
  7234e455f0251b84f8422ada6b60f8fbba0b4e50
- SHA256
  
  17ca9aae34888dead6d605575f3114079d8053e76e1f48e3abcfd26431c18453
- SHA512
  
  da98d54559387a5bacb47d7c373c3d43311c91636253cb3173fa622760d4f5e0aeb8352b8996a854c38b37e4ee6b27794a1aa753169582526a6736f5b3dd39eb
- SSDEEP
  
  384:+iES2vYc0SYQB5YrxwV2zAK9+V68j0lKF94RmRRnnI8I2D:+iEqc0CjVoY0lKF607nI8N
Score

10^/10

gink discovery persistence worm
- Gink
  worm gink
- Gink family
  gink
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ginkdiscoverypersistenceworm

behavioral2

ginkdiscoverypersistenceworm