f1a471b89b4f820b3c39f8f43da8cb178b206afcec31ffa8469ecfbaa1b1ce4c | Triage

Sharing

General

Target

f1a471b89b4f820b3c39f8f43da8cb178b206afcec31ffa8469ecfbaa1b1ce4c.bin
Size

1.3MB
Sample

230501-xy6pqagh5z
MD5

6be8469f2c203bbe1abcacfad9b6d445
SHA1

f78ff2021ebd6adf9d8794981c3d49c5f50d2d56
SHA256

f1a471b89b4f820b3c39f8f43da8cb178b206afcec31ffa8469ecfbaa1b1ce4c
SHA512

dcf1159608ef47db3a052883f4538c082a630a3011a9f53a624703dd6caa2e86804d2d264096233a545e0c68ab6845e053418292caa906ef140d24183323f889
SSDEEP

24576:2IKq5dNtV7We2GWqerZwO7Fk8YxeU5F8Si5LO+rImHhAs4ew2Hk4Q:2I/NKeU1ZwO+eUv8Sima5u4

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  f1a471b89b4f820b3c39f8f43da8cb178b206afcec31ffa8469ecfbaa1b1ce4c.bin
- Size
  
  1.3MB
- MD5
  
  6be8469f2c203bbe1abcacfad9b6d445
- SHA1
  
  f78ff2021ebd6adf9d8794981c3d49c5f50d2d56
- SHA256
  
  f1a471b89b4f820b3c39f8f43da8cb178b206afcec31ffa8469ecfbaa1b1ce4c
- SHA512
  
  dcf1159608ef47db3a052883f4538c082a630a3011a9f53a624703dd6caa2e86804d2d264096233a545e0c68ab6845e053418292caa906ef140d24183323f889
- SSDEEP
  
  24576:2IKq5dNtV7We2GWqerZwO7Fk8YxeU5F8Si5LO+rImHhAs4ew2Hk4Q:2I/NKeU1ZwO+eUv8Sima5u4
Score

10^/10

evasion persistence trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

evasionpersistencetrojan