42b17c5a2e16dbc96cc7f682493a4e18c81bdc14d0c81ee57bd8c316e25d5de7 | Triage

Sharing

General

Target

42b17c5a2e16dbc96cc7f682493a4e18c81bdc14d0c81ee57bd8c316e25d5de7.bin
Size

1.1MB
Sample

230506-1feeasge87
MD5

ece336e77131760b2ec83d42ef16a316
SHA1

b70be0308ffa2c3475124187f88b661f0722a420
SHA256

42b17c5a2e16dbc96cc7f682493a4e18c81bdc14d0c81ee57bd8c316e25d5de7
SHA512

020588800fa5c8df4594b89f9b81951ff4cc7ccff1fd7b98756874bc5fe9cb7ef952e511f7d3027b20c2261e8d61d991514c8fdeb918594bc18fb6f70aff9f3e
SSDEEP

24576:+ycoab8Ga9NoP/+ajbAiXNhDJNBxwVSIbADrUM16SjBz:NHwajot/ldVXjwVzbA/UMY

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  42b17c5a2e16dbc96cc7f682493a4e18c81bdc14d0c81ee57bd8c316e25d5de7.bin
- Size
  
  1.1MB
- MD5
  
  ece336e77131760b2ec83d42ef16a316
- SHA1
  
  b70be0308ffa2c3475124187f88b661f0722a420
- SHA256
  
  42b17c5a2e16dbc96cc7f682493a4e18c81bdc14d0c81ee57bd8c316e25d5de7
- SHA512
  
  020588800fa5c8df4594b89f9b81951ff4cc7ccff1fd7b98756874bc5fe9cb7ef952e511f7d3027b20c2261e8d61d991514c8fdeb918594bc18fb6f70aff9f3e
- SSDEEP
  
  24576:+ycoab8Ga9NoP/+ajbAiXNhDJNBxwVSIbADrUM16SjBz:NHwajot/ldVXjwVzbA/UMY
Score

10^/10

evasion persistence trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

evasionpersistencetrojan