bb55766f4e5a638dbfb458013ba3e41f08bcbb066c11bf123ea2c825c365bb01 | Triage

Sharing

General

Target

bb55766f4e5a638dbfb458013ba3e41f08bcbb066c11bf123ea2c825c365bb01
Size

7.5MB
Sample

221125-lltnvabh8y
MD5

2c85516094c7c43a78531c088beca226
SHA1

80750dd8a8915896f2c4e35ad75a591f874da6e5
SHA256

bb55766f4e5a638dbfb458013ba3e41f08bcbb066c11bf123ea2c825c365bb01
SHA512

d65d2b399d5ff235382da57026cc251871e0ce21b6024e2670ea76f401b280c688cd5dffbca9ce1d540061e6e16270dd4043079be029501db9170493310d81ab
SSDEEP

196608:+wvscxVJ579xePIS8CABG+W6KzPOIWndPjggRG9Ed8:zkcxVJ5hx7S8dY+W6KrWndPjSE

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  bb55766f4e5a638dbfb458013ba3e41f08bcbb066c11bf123ea2c825c365bb01
- Size
  
  7.5MB
- MD5
  
  2c85516094c7c43a78531c088beca226
- SHA1
  
  80750dd8a8915896f2c4e35ad75a591f874da6e5
- SHA256
  
  bb55766f4e5a638dbfb458013ba3e41f08bcbb066c11bf123ea2c825c365bb01
- SHA512
  
  d65d2b399d5ff235382da57026cc251871e0ce21b6024e2670ea76f401b280c688cd5dffbca9ce1d540061e6e16270dd4043079be029501db9170493310d81ab
- SSDEEP
  
  196608:+wvscxVJ579xePIS8CABG+W6KzPOIWndPjggRG9Ed8:zkcxVJ5hx7S8dY+W6KrWndPjSE
Score

10^/10

evasion trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Modifies security service
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2