204403d884414ff13f5e866fb41614aee63cf813695d5a9db9be3fc75c77c74f | Triage

Sharing

General

Target

g5452987.exe
Size

164KB
Sample

230530-a6gz1aef4v
MD5

977d6674a02d37a083ab3169308c6070
SHA1

222f6c4cec3ce18303a41dcd2ab21a2a65bf316b
SHA256

204403d884414ff13f5e866fb41614aee63cf813695d5a9db9be3fc75c77c74f
SHA512

e7000f4c570efb306b838be29e8ba02da4f4b635106e62e7ac58ea83a1a9b7b8dbfd2fe0df928edd3334ccf12dd7f6ef202913e2a60efb34b163f99b7bf361f4
SSDEEP

1536:uU/kEzq8+I5EW9iY3ehCKdCiwLFemkUGadTkV3fYF+wfZMkNQyozr2wQKb/cEEzM:uUp3r1bxevt8TZHfZMk6yor3bXEA

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  g5452987.exe
- Size
  
  164KB
- MD5
  
  977d6674a02d37a083ab3169308c6070
- SHA1
  
  222f6c4cec3ce18303a41dcd2ab21a2a65bf316b
- SHA256
  
  204403d884414ff13f5e866fb41614aee63cf813695d5a9db9be3fc75c77c74f
- SHA512
  
  e7000f4c570efb306b838be29e8ba02da4f4b635106e62e7ac58ea83a1a9b7b8dbfd2fe0df928edd3334ccf12dd7f6ef202913e2a60efb34b163f99b7bf361f4
- SSDEEP
  
  1536:uU/kEzq8+I5EW9iY3ehCKdCiwLFemkUGadTkV3fYF+wfZMkNQyozr2wQKb/cEEzM:uUp3r1bxevt8TZHfZMk6yor3bXEA
Score

10^/10

evasion trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2