9158ff19d773efdcc1797a92d19a2eed33145fb24d1da8f4cc0c4453c9e32d6f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9158ff19d773efdcc1797a92d19a2eed33145fb24d1da8f4cc0c4453c9e32d6f
Size

121KB
Sample

230607-1m8lqagg9v
MD5

20787a02fa655a0f279f74de19a98a49
SHA1

9a7f2c7f1f47ee42055472dca0e9279dd49ed59d
SHA256

9158ff19d773efdcc1797a92d19a2eed33145fb24d1da8f4cc0c4453c9e32d6f
SHA512

cbf505f66fa95c55da2fa7c8a2babf520e9500af0b00a4a9b55b046cfed8cf4b4f7faa68f75641611716c87819b89db4172dbe451c7e7c40ac9414cf77cfe48d
SSDEEP

3072:R9QLdsON8xxwaTq29LO2tjcMLfWvX8oyhuWVFrag1shbhrtvx:nQLvN8VTaUjcvWVFmZh1rt

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  9158ff19d773efdcc1797a92d19a2eed33145fb24d1da8f4cc0c4453c9e32d6f
- Size
  
  121KB
- MD5
  
  20787a02fa655a0f279f74de19a98a49
- SHA1
  
  9a7f2c7f1f47ee42055472dca0e9279dd49ed59d
- SHA256
  
  9158ff19d773efdcc1797a92d19a2eed33145fb24d1da8f4cc0c4453c9e32d6f
- SHA512
  
  cbf505f66fa95c55da2fa7c8a2babf520e9500af0b00a4a9b55b046cfed8cf4b4f7faa68f75641611716c87819b89db4172dbe451c7e7c40ac9414cf77cfe48d
- SSDEEP
  
  3072:R9QLdsON8xxwaTq29LO2tjcMLfWvX8oyhuWVFrag1shbhrtvx:nQLvN8VTaUjcvWVFmZh1rt
Score

10^/10

evasion trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1