36f90a2691b54ff1501662db1b74ecc3f82f253e0cedc9968d363fcff0ed125d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

36f90a2691b54ff1501662db1b74ecc3f82f253e0cedc9968d363fcff0ed125d
Size

121KB
Sample

230607-166apsgf32
MD5

4dab9c49ec06f45a32d659fc7bb370fc
SHA1

8109bffff0a0c673cc5b918ed706d3916afa4321
SHA256

36f90a2691b54ff1501662db1b74ecc3f82f253e0cedc9968d363fcff0ed125d
SHA512

c2fb72e65f226d72ed450f672ca3d0cb7cf6291b0078a20b269f5d92e5c0e532d4a3191e18dec2e2f1dc94d6cf74dc429e298189934b803b868646f4e447c510
SSDEEP

3072:B9QLdsON8xxwaTq29LvVEjLfWvb8oyhuWVFrag1shbsrtvx:XQLvN8VTxEkWVFmZhgrt

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  36f90a2691b54ff1501662db1b74ecc3f82f253e0cedc9968d363fcff0ed125d
- Size
  
  121KB
- MD5
  
  4dab9c49ec06f45a32d659fc7bb370fc
- SHA1
  
  8109bffff0a0c673cc5b918ed706d3916afa4321
- SHA256
  
  36f90a2691b54ff1501662db1b74ecc3f82f253e0cedc9968d363fcff0ed125d
- SHA512
  
  c2fb72e65f226d72ed450f672ca3d0cb7cf6291b0078a20b269f5d92e5c0e532d4a3191e18dec2e2f1dc94d6cf74dc429e298189934b803b868646f4e447c510
- SSDEEP
  
  3072:B9QLdsON8xxwaTq29LvVEjLfWvb8oyhuWVFrag1shbsrtvx:XQLvN8VTxEkWVFmZhgrt
Score

10^/10

evasion trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1