e7b83919b7a4b9b57ecdc38a3b79c0022aa7c60cd270e2b0c57e1eeddb49796e | Triage

Sharing

General

Target

e7b83919b7a4b9b57ecdc38a3b79c0022aa7c60cd270e2b0c57e1eeddb49796e.bin
Size

612KB
Sample

230505-y1e58aec51
MD5

a8d3d81789d1e650804aac303b3dff34
SHA1

4276cf621c752618a4a9710181b1e5f89ca628eb
SHA256

e7b83919b7a4b9b57ecdc38a3b79c0022aa7c60cd270e2b0c57e1eeddb49796e
SHA512

f93031e1025f1e0685a7e93e4e848033ffdfb25b94b27d99acac4860e106b398a25f93e2d26bcf636c6773663dd170384be16e290e2ebb69c8836a175926aff1
SSDEEP

12288:Vy90DVk9qi2NzoRcdBEnw2yjFwq2jELg550Rr:VyaVk9qi2NMRcYxyjC2LQi1

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  e7b83919b7a4b9b57ecdc38a3b79c0022aa7c60cd270e2b0c57e1eeddb49796e.bin
- Size
  
  612KB
- MD5
  
  a8d3d81789d1e650804aac303b3dff34
- SHA1
  
  4276cf621c752618a4a9710181b1e5f89ca628eb
- SHA256
  
  e7b83919b7a4b9b57ecdc38a3b79c0022aa7c60cd270e2b0c57e1eeddb49796e
- SHA512
  
  f93031e1025f1e0685a7e93e4e848033ffdfb25b94b27d99acac4860e106b398a25f93e2d26bcf636c6773663dd170384be16e290e2ebb69c8836a175926aff1
- SSDEEP
  
  12288:Vy90DVk9qi2NzoRcdBEnw2yjFwq2jELg550Rr:VyaVk9qi2NMRcYxyjC2LQi1
Score

10^/10

evasion persistence trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

evasionpersistencetrojan