c10f26bbcca25dd6172ca3b0ec09a8d67f37d0879e2947c13e06e840fdc9395b | Triage

Sharing

General

Target

c10f26bbcca25dd6172ca3b0ec09a8d67f37d0879e2947c13e06e840fdc9395b
Size

495KB
Sample

191025-exgsf1vn1x
MD5

0a6bddf51a61a980e0aaa0eac78feb16
SHA1

8e17bd3ffc27d179392a2d1f9d4c701c89527209
SHA256

c10f26bbcca25dd6172ca3b0ec09a8d67f37d0879e2947c13e06e840fdc9395b
SHA512

75ef931668e3dac111682f614c09d3ce311e5cb472a75cb5ad1737c0e0ddbe5b37b6381a07de535a6c7444b2d1147ad2ecf4581922f524358934b7754030344e

Score

7^/10

Malware Config

Targets

- Target
  
  c10f26bbcca25dd6172ca3b0ec09a8d67f37d0879e2947c13e06e840fdc9395b
- Size
  
  495KB
- MD5
  
  0a6bddf51a61a980e0aaa0eac78feb16
- SHA1
  
  8e17bd3ffc27d179392a2d1f9d4c701c89527209
- SHA256
  
  c10f26bbcca25dd6172ca3b0ec09a8d67f37d0879e2947c13e06e840fdc9395b
- SHA512
  
  75ef931668e3dac111682f614c09d3ce311e5cb472a75cb5ad1737c0e0ddbe5b37b6381a07de535a6c7444b2d1147ad2ecf4581922f524358934b7754030344e
Score

7^/10
- Windows security modification
  evasion trojan
- Checks system information in the registry (likely anti-VM)
- Modifies service
  persistence
- Suspicious use of SetThreadContext
task1 task2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

task1

task2