c1035ed9c1416ff7a738bb6333e1bf9e7c731646fac6167058d1fc039006a351 | Triage

Sharing

General

Target

c1035ed9c1416ff7a738bb6333e1bf9e7c731646fac6167058d1fc039006a351
Size

121KB
Sample

230607-2zqgcahe3s
MD5

9bd4c27b08745c68d61edf0a8976c52f
SHA1

9fa41c5513a1fcf2fa77ac29273375028b22e9b7
SHA256

c1035ed9c1416ff7a738bb6333e1bf9e7c731646fac6167058d1fc039006a351
SHA512

59f850ecb77b1f9a02228f1bc101da715c458576fcca5c3fa878a9958f72c2216f03d3b90edab1eb34377af22bb5fe37e7276b05dcf84ef85dc1362109f6b319
SSDEEP

3072:E9QLdsON8xxwaTq29LNqVfLfWvq8oyhuWVFrag1shbFrtvx:WQLvN8VT0VbWVFmZh5rt

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  c1035ed9c1416ff7a738bb6333e1bf9e7c731646fac6167058d1fc039006a351
- Size
  
  121KB
- MD5
  
  9bd4c27b08745c68d61edf0a8976c52f
- SHA1
  
  9fa41c5513a1fcf2fa77ac29273375028b22e9b7
- SHA256
  
  c1035ed9c1416ff7a738bb6333e1bf9e7c731646fac6167058d1fc039006a351
- SHA512
  
  59f850ecb77b1f9a02228f1bc101da715c458576fcca5c3fa878a9958f72c2216f03d3b90edab1eb34377af22bb5fe37e7276b05dcf84ef85dc1362109f6b319
- SSDEEP
  
  3072:E9QLdsON8xxwaTq29LNqVfLfWvq8oyhuWVFrag1shbFrtvx:WQLvN8VT0VbWVFmZh5rt
Score

10^/10

evasion trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1