d03c843490124f40cf12e9cf9ceb3435d564b4b58ad6eecc04046476dc27d29a | Triage

Submit
Reports

Overview

overview

Static

static

ea785ebe3c...67.exe

windows7_x64

ea785ebe3c...67.exe

windows10_x64

Sharing

General

Target

ea785ebe3cb6409d9fed610f8c21f967.exe
Size

57KB
Sample

211021-wmge1sbebm
MD5

ea785ebe3cb6409d9fed610f8c21f967
SHA1

e76264063483ead9d65cfe31ba12282b7d95edba
SHA256

d03c843490124f40cf12e9cf9ceb3435d564b4b58ad6eecc04046476dc27d29a
SHA512

1adfd2246fd3f6749cce3348a12558594ab693c1d40e6cfbf1f3f42c855a89518bc2750958d28d8d43b4df28213d6f6e8ff34638a8f2e805b9e550ce86300daf

Score

10^/10

evasion persistence trojan

Static task

static1

Behavioral task

behavioral1

Sample

ea785ebe3cb6409d9fed610f8c21f967.exe

Resource

win7-en-20211014

evasion persistence trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

ea785ebe3cb6409d9fed610f8c21f967.exe

Resource

win10-en-20211014

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  ea785ebe3cb6409d9fed610f8c21f967.exe
- Size
  
  57KB
- MD5
  
  ea785ebe3cb6409d9fed610f8c21f967
- SHA1
  
  e76264063483ead9d65cfe31ba12282b7d95edba
- SHA256
  
  d03c843490124f40cf12e9cf9ceb3435d564b4b58ad6eecc04046476dc27d29a
- SHA512
  
  1adfd2246fd3f6749cce3348a12558594ab693c1d40e6cfbf1f3f42c855a89518bc2750958d28d8d43b4df28213d6f6e8ff34638a8f2e805b9e550ce86300daf
Score

10^/10

evasion persistence trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Turns off Windows Defender SpyNet reporting
  evasion
- Windows security bypass
  evasion trojan
- Nirsoft
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Disabling Security Tools

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

© 2018-2024

Terms | Privacy