General
-
Target
gold.exe
-
Size
342KB
-
Sample
240629-2xxsmsydpg
-
MD5
b769a45330b8bb61879f95faab68a297
-
SHA1
085bab79dba61f06651d9904a0966059678f7abb
-
SHA256
c18119713c678bbea78db54da4099ec7c5ff05e06b9c2904f08e9a2bca0219aa
-
SHA512
2841523621dfc463d6256fc6b91daec3861d61e8122b8b912c0da4642d721ad34aca6a8dce8deabcf46d3bfc7f31ceca7bef743ecfe4ea1b0378c28f6b8ca30d
-
SSDEEP
6144:fsBkCMuffjLfszRU97qtC9iSxHdP5wpSga10RMm5agGUn4lshyfS0W6yVqtAknTv:fsBkhuHjLEz6JifSJdP5wp/a1KvGkNhY
Static task
static1
Behavioral task
behavioral1
Sample
gold.exe
Resource
win7-20240611-en
Malware Config
Targets
-
-
Target
gold.exe
-
Size
342KB
-
MD5
b769a45330b8bb61879f95faab68a297
-
SHA1
085bab79dba61f06651d9904a0966059678f7abb
-
SHA256
c18119713c678bbea78db54da4099ec7c5ff05e06b9c2904f08e9a2bca0219aa
-
SHA512
2841523621dfc463d6256fc6b91daec3861d61e8122b8b912c0da4642d721ad34aca6a8dce8deabcf46d3bfc7f31ceca7bef743ecfe4ea1b0378c28f6b8ca30d
-
SSDEEP
6144:fsBkCMuffjLfszRU97qtC9iSxHdP5wpSga10RMm5agGUn4lshyfS0W6yVqtAknTv:fsBkhuHjLEz6JifSJdP5wp/a1KvGkNhY
Score10/10-
Executes dropped EXE
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Scheduled Task
1