f8ea85979b2f891aba341ecf3a52b76960937328f8f0ae1e0d1461c063e007cb | Triage

Sharing

General

Target

f8ea85979b2f891aba341ecf3a52b76960937328f8f0ae1e0d1461c063e007cb
Size

934KB
Sample

230425-zhd1waeg3w
MD5

87d99debcc0869bf66674cd88cbbd4eb
SHA1

bf43e75e46d28a617a04ea90b2a21c81eba9b1a4
SHA256

f8ea85979b2f891aba341ecf3a52b76960937328f8f0ae1e0d1461c063e007cb
SHA512

dee618d641c80ee872b63cdb3e2f418615e770f998d82d6c554d17b1122d41e4dfc9534f3b5d32c512bcfce021986bc6a42df20b22b5c7cc585e857f353d6287
SSDEEP

12288:Gy90rnTC/w/wQDdoif8VapDsdG42WnQ22wX0XQIyXhUjnWTWxTXO4ar1R:GySCjQDtf8UIGjfwEXQ46kTXOVr1R

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  f8ea85979b2f891aba341ecf3a52b76960937328f8f0ae1e0d1461c063e007cb
- Size
  
  934KB
- MD5
  
  87d99debcc0869bf66674cd88cbbd4eb
- SHA1
  
  bf43e75e46d28a617a04ea90b2a21c81eba9b1a4
- SHA256
  
  f8ea85979b2f891aba341ecf3a52b76960937328f8f0ae1e0d1461c063e007cb
- SHA512
  
  dee618d641c80ee872b63cdb3e2f418615e770f998d82d6c554d17b1122d41e4dfc9534f3b5d32c512bcfce021986bc6a42df20b22b5c7cc585e857f353d6287
- SSDEEP
  
  12288:Gy90rnTC/w/wQDdoif8VapDsdG42WnQ22wX0XQIyXhUjnWTWxTXO4ar1R:GySCjQDtf8UIGjfwEXQ46kTXOVr1R
Score

10^/10

evasion persistence trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Executes dropped EXE
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan