65201f9fd4cb12168b47dcee99b6373d97bea0e91f4ecf49de0727afbf01ac3c | Triage

Sharing

General

Target

65201f9fd4cb12168b47dcee99b6373d97bea0e91f4ecf49de0727afbf01ac3c
Size

121KB
Sample

230607-1b4tdsgf6v
MD5

e82f0fe0ed4aca0b28243ca0cafd7141
SHA1

ec6d2ce41a54f481d8cd3096965a7cb45ebdaa2e
SHA256

65201f9fd4cb12168b47dcee99b6373d97bea0e91f4ecf49de0727afbf01ac3c
SHA512

d931997a44834ed1e3e207d6cb800e028c775a076930fc13443653e6ab06f2357cece09fca623db14e5104df7d47db3a61800e20246ef626d36d02363d831ad0
SSDEEP

3072:z9QLdsON8xxwaTq29LVYkS0/LfWvp8oyhuWVFrag1shbrrtvx:hQLvN8VTHS0SWVFmZhnrt

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  65201f9fd4cb12168b47dcee99b6373d97bea0e91f4ecf49de0727afbf01ac3c
- Size
  
  121KB
- MD5
  
  e82f0fe0ed4aca0b28243ca0cafd7141
- SHA1
  
  ec6d2ce41a54f481d8cd3096965a7cb45ebdaa2e
- SHA256
  
  65201f9fd4cb12168b47dcee99b6373d97bea0e91f4ecf49de0727afbf01ac3c
- SHA512
  
  d931997a44834ed1e3e207d6cb800e028c775a076930fc13443653e6ab06f2357cece09fca623db14e5104df7d47db3a61800e20246ef626d36d02363d831ad0
- SSDEEP
  
  3072:z9QLdsON8xxwaTq29LVYkS0/LfWvp8oyhuWVFrag1shbrrtvx:hQLvN8VTHS0SWVFmZhnrt
Score

10^/10

evasion trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1