b38104a9248f14abdec361fef5cc446c8e7f6c6d2430c6f554bd2420ee1ad7eb | Triage

Sharing

General

Target

b38104a9248f14abdec361fef5cc446c8e7f6c6d2430c6f554bd2420ee1ad7eb
Size

121KB
Sample

230607-14m2caha6w
MD5

951ec5e70977f22344dd43dd6c9e24f6
SHA1

d8c5f52c5bb4a6d740c2aee8a99d762002587ebd
SHA256

b38104a9248f14abdec361fef5cc446c8e7f6c6d2430c6f554bd2420ee1ad7eb
SHA512

9f10023d3ac61d57980aae923d52411b52cb9b1eb866523f29d1690e7632a23137c885d67564e62c57f0b7cc8e904afb0e5b492e193ce9c11e30ad989b671231
SSDEEP

3072:r9QLdsON8xxwaTq29LednBctLfWv58oyhuWVFrag1shbprtvx:ZQLvN8VTABcgWVFmZhFrt

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  b38104a9248f14abdec361fef5cc446c8e7f6c6d2430c6f554bd2420ee1ad7eb
- Size
  
  121KB
- MD5
  
  951ec5e70977f22344dd43dd6c9e24f6
- SHA1
  
  d8c5f52c5bb4a6d740c2aee8a99d762002587ebd
- SHA256
  
  b38104a9248f14abdec361fef5cc446c8e7f6c6d2430c6f554bd2420ee1ad7eb
- SHA512
  
  9f10023d3ac61d57980aae923d52411b52cb9b1eb866523f29d1690e7632a23137c885d67564e62c57f0b7cc8e904afb0e5b492e193ce9c11e30ad989b671231
- SSDEEP
  
  3072:r9QLdsON8xxwaTq29LednBctLfWv58oyhuWVFrag1shbprtvx:ZQLvN8VTABcgWVFmZhFrt
Score

10^/10

evasion trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1