314d5f13191ffc20a49c078b56fbae94e36e77532a57e426f93e41edfa8f0a62 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

314d5f13191ffc20a49c078b56fbae94e36e77532a57e426f93e41edfa8f0a62.bin
Size

1.2MB
Sample

230506-z28plafa77
MD5

74ef7149568b49947fa4f3e252a74e46
SHA1

5dce1a944af489041c202b21f253ab15975410c7
SHA256

314d5f13191ffc20a49c078b56fbae94e36e77532a57e426f93e41edfa8f0a62
SHA512

2e0179eba6a45f791d6d61025073e57b317d968da1755839441cfec4032f0cd52b0c55dd3dc10b6cf7590ace6c0365834560792bde97de9d57307930811e55ca
SSDEEP

24576:cO/ma41pNBrquMHuDpKqJUd5xYsLo11YdH/tFrQhldU8HJVYx+dblqaWSLO:cOXedEODpKqJGYsLMutFEIx257

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  314d5f13191ffc20a49c078b56fbae94e36e77532a57e426f93e41edfa8f0a62.bin
- Size
  
  1.2MB
- MD5
  
  74ef7149568b49947fa4f3e252a74e46
- SHA1
  
  5dce1a944af489041c202b21f253ab15975410c7
- SHA256
  
  314d5f13191ffc20a49c078b56fbae94e36e77532a57e426f93e41edfa8f0a62
- SHA512
  
  2e0179eba6a45f791d6d61025073e57b317d968da1755839441cfec4032f0cd52b0c55dd3dc10b6cf7590ace6c0365834560792bde97de9d57307930811e55ca
- SSDEEP
  
  24576:cO/ma41pNBrquMHuDpKqJUd5xYsLo11YdH/tFrQhldU8HJVYx+dblqaWSLO:cOXedEODpKqJGYsLMutFEIx257
Score

10^/10

evasion persistence trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

evasionpersistencetrojan