3502aa13d1f167aca89b85cdadc0f3ec10ce737f816ba9e6f3820c2893a8b4b0 | Triage

Sharing

General

Target

g8300636.exe
Size

166KB
Sample

230603-kmlh7agc25
MD5

a277d5a22872c23a3498b7a8c446d01f
SHA1

a4a2c487d0e4906a1542a7b3061f044606c15da6
SHA256

3502aa13d1f167aca89b85cdadc0f3ec10ce737f816ba9e6f3820c2893a8b4b0
SHA512

52b2e1888dec9ab9ae35834778d8663772d95253d2307b24c560083a195c5ec96a288babb45706a8e724825a9832f136b615180cf1b339f831ee0fcda7269eb9
SSDEEP

3072:700osigCy+8tkWZ2NHIyKUe7Xt85QIXO:YJyR+kkWs2UgXerX

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  g8300636.exe
- Size
  
  166KB
- MD5
  
  a277d5a22872c23a3498b7a8c446d01f
- SHA1
  
  a4a2c487d0e4906a1542a7b3061f044606c15da6
- SHA256
  
  3502aa13d1f167aca89b85cdadc0f3ec10ce737f816ba9e6f3820c2893a8b4b0
- SHA512
  
  52b2e1888dec9ab9ae35834778d8663772d95253d2307b24c560083a195c5ec96a288babb45706a8e724825a9832f136b615180cf1b339f831ee0fcda7269eb9
- SSDEEP
  
  3072:700osigCy+8tkWZ2NHIyKUe7Xt85QIXO:YJyR+kkWs2UgXerX
Score

10^/10

evasion trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2