0518480d89c957941220c32275188b433c68a87788fc9fba42895398700090ed | Triage

Sharing

General

Target

0518480d89c957941220c32275188b433c68a87788fc9fba42895398700090ed.bin
Size

694KB
Sample

230506-y13lhsdc2x
MD5

a6a88659855946657f11a724c1d36128
SHA1

2ad6b7402e6d324acaa50ed6b6ebcd0efc499126
SHA256

0518480d89c957941220c32275188b433c68a87788fc9fba42895398700090ed
SHA512

65e2c7334755e52cea99626c8346cafcaae1690c1af3c736620b0557786dd8f943cb0b62ff0c8db9f7b0c1e7b58cae907fd62b40e59b41ed0a889885a47e19f7
SSDEEP

12288:Cy902m+4wnZmeG6i49M9Wbm89WpmerEQdhPyjY5VN+7Q/MA2Wzs+nGrX:CyiCZBGh4uPoeDHKUN+7QT2AqrX

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  0518480d89c957941220c32275188b433c68a87788fc9fba42895398700090ed.bin
- Size
  
  694KB
- MD5
  
  a6a88659855946657f11a724c1d36128
- SHA1
  
  2ad6b7402e6d324acaa50ed6b6ebcd0efc499126
- SHA256
  
  0518480d89c957941220c32275188b433c68a87788fc9fba42895398700090ed
- SHA512
  
  65e2c7334755e52cea99626c8346cafcaae1690c1af3c736620b0557786dd8f943cb0b62ff0c8db9f7b0c1e7b58cae907fd62b40e59b41ed0a889885a47e19f7
- SSDEEP
  
  12288:Cy902m+4wnZmeG6i49M9Wbm89WpmerEQdhPyjY5VN+7Q/MA2Wzs+nGrX:CyiCZBGh4uPoeDHKUN+7QT2AqrX
Score

10^/10

evasion persistence trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

evasionpersistencetrojan