e3c78f35192777768b4458969911dee846c02e434b834a8a991b812d971a1828 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e3c78f35192777768b4458969911dee846c02e434b834a8a991b812d971a1828.bin
Size

1.1MB
Sample

230501-xjfvraga31
MD5

47b6eed76b21e33115ac422f2585b953
SHA1

15932693cb81744bff7ca6f6778ea4ccbc5961de
SHA256

e3c78f35192777768b4458969911dee846c02e434b834a8a991b812d971a1828
SHA512

fd64fa083e6db8fa80b936fc35b9217b335bb03ebff2970f3144bd0022f2289e2763f269e3b0960769107c314172bd0b7372a2face9c24e89b9cd451c4acc7c6
SSDEEP

24576:ryYD0+UOYmyBzXZgxN1SoQS24z4ojbDti6FXm8btD1JAoDD:eY4+gXz6xN1So7fz4KdpXL5LLD

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  e3c78f35192777768b4458969911dee846c02e434b834a8a991b812d971a1828.bin
- Size
  
  1.1MB
- MD5
  
  47b6eed76b21e33115ac422f2585b953
- SHA1
  
  15932693cb81744bff7ca6f6778ea4ccbc5961de
- SHA256
  
  e3c78f35192777768b4458969911dee846c02e434b834a8a991b812d971a1828
- SHA512
  
  fd64fa083e6db8fa80b936fc35b9217b335bb03ebff2970f3144bd0022f2289e2763f269e3b0960769107c314172bd0b7372a2face9c24e89b9cd451c4acc7c6
- SSDEEP
  
  24576:ryYD0+UOYmyBzXZgxN1SoQS24z4ojbDti6FXm8btD1JAoDD:eY4+gXz6xN1So7fz4KdpXL5LLD
Score

10^/10

evasion persistence trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

evasionpersistencetrojan