1f4a9733ceb2c9876e5feb109f0010e7660349d45991a4420ef5f6a575d7c985 | Triage

Sharing

General

Target

1f4a9733ceb2c9876e5feb109f0010e7660349d45991a4420ef5f6a575d7c985.bin
Size

1.1MB
Sample

230506-znrtxsdd52
MD5

c6aefa934fdcf768b81d824b6293d4b2
SHA1

861ec36ee14c40352875672cd85908f2b725b1f5
SHA256

1f4a9733ceb2c9876e5feb109f0010e7660349d45991a4420ef5f6a575d7c985
SHA512

e006d5e3c5995a5dd315870a6fe03bd1f634d331a6e16881fbf5e6e5142b5876fa6285868ea4172b6921b5dd14466d32250065c1f960fe2931f7e1e22863eafa
SSDEEP

24576:dymiKpJNPKAOg8WVtjN2prAYxXnOxDw3GR3oVpi4:41KpJNPKA38WVt8pnxXOpw2RA

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  1f4a9733ceb2c9876e5feb109f0010e7660349d45991a4420ef5f6a575d7c985.bin
- Size
  
  1.1MB
- MD5
  
  c6aefa934fdcf768b81d824b6293d4b2
- SHA1
  
  861ec36ee14c40352875672cd85908f2b725b1f5
- SHA256
  
  1f4a9733ceb2c9876e5feb109f0010e7660349d45991a4420ef5f6a575d7c985
- SHA512
  
  e006d5e3c5995a5dd315870a6fe03bd1f634d331a6e16881fbf5e6e5142b5876fa6285868ea4172b6921b5dd14466d32250065c1f960fe2931f7e1e22863eafa
- SSDEEP
  
  24576:dymiKpJNPKAOg8WVtjN2prAYxXnOxDw3GR3oVpi4:41KpJNPKA38WVt8pnxXOpw2RA
Score

10^/10

evasion persistence trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

evasionpersistencetrojan