f57b70974adb1f316c1397ca03c9440ff4a28151d32c6036907a0ae9a67afc13 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

g7490994.exe
Size

166KB
Sample

230601-frxpssdb3z
MD5

028d08dcf431d3f81b79a38e796a9c06
SHA1

3bcbc521eb7e3c0fb9c13c35f0c32e75a39401fa
SHA256

f57b70974adb1f316c1397ca03c9440ff4a28151d32c6036907a0ae9a67afc13
SHA512

4a08e03df1f18fb24e0b1e5ab410d749f97a3ad614c60eee06fe5f0a3002ea6656b3e712cabeaf6c2e8a2b048dc661ba55d79b843fe51a9ef8ca37daba8de06f
SSDEEP

3072:TW3JZrSVCyIGCH6KX0pAkuUTyUuvd6sOx5ITx:SDSVhCaK0pAk5uvdQ

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  g7490994.exe
- Size
  
  166KB
- MD5
  
  028d08dcf431d3f81b79a38e796a9c06
- SHA1
  
  3bcbc521eb7e3c0fb9c13c35f0c32e75a39401fa
- SHA256
  
  f57b70974adb1f316c1397ca03c9440ff4a28151d32c6036907a0ae9a67afc13
- SHA512
  
  4a08e03df1f18fb24e0b1e5ab410d749f97a3ad614c60eee06fe5f0a3002ea6656b3e712cabeaf6c2e8a2b048dc661ba55d79b843fe51a9ef8ca37daba8de06f
- SSDEEP
  
  3072:TW3JZrSVCyIGCH6KX0pAkuUTyUuvd6sOx5ITx:SDSVhCaK0pAk5uvdQ
Score

10^/10

evasion trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2