6c571d089fe792ddae4e6e76d9447c35d16183a22d3113082621a3be23683c84 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6c571d089fe792ddae4e6e76d9447c35d16183a22d3113082621a3be23683c84.bin
Size

1.1MB
Sample

230506-2bls9aea7w
MD5

c4d339d2bf5dd325b799db08cd3f0f9e
SHA1

6cea90b4a407ad87e5545baecf89ca6f0c9e08b8
SHA256

6c571d089fe792ddae4e6e76d9447c35d16183a22d3113082621a3be23683c84
SHA512

6f5685838246ab52c17929667ccef5aff13f34818a5b445c01a1155bb1cdf1399edc4760879e672bd06f075027cc37e964776721c47fbd0e5dc4f22d3f3521c3
SSDEEP

24576:Mynz8K+oP0dvq1Z1tYO16dmM0cVDeSP/ql4dUGUb+VAl/:7zJ+ddvq1ZwOc0Mw5GyV

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  6c571d089fe792ddae4e6e76d9447c35d16183a22d3113082621a3be23683c84.bin
- Size
  
  1.1MB
- MD5
  
  c4d339d2bf5dd325b799db08cd3f0f9e
- SHA1
  
  6cea90b4a407ad87e5545baecf89ca6f0c9e08b8
- SHA256
  
  6c571d089fe792ddae4e6e76d9447c35d16183a22d3113082621a3be23683c84
- SHA512
  
  6f5685838246ab52c17929667ccef5aff13f34818a5b445c01a1155bb1cdf1399edc4760879e672bd06f075027cc37e964776721c47fbd0e5dc4f22d3f3521c3
- SSDEEP
  
  24576:Mynz8K+oP0dvq1Z1tYO16dmM0cVDeSP/ql4dUGUb+VAl/:7zJ+ddvq1ZwOc0Mw5GyV
Score

10^/10

evasion persistence trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

evasionpersistencetrojan