3945c0848f1bcec56bcfcbff9d196b8a58efcc0542b0b7d5479a0a4cdb0917ce | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3945c0848f1bcec56bcfcbff9d196b8a58efcc0542b0b7d5479a0a4cdb0917ce
Size

100KB
Sample

230607-n93mrsaa75
MD5

efd9a236c03dae7ca7d045b5ae053f42
SHA1

79d311bb87453948c5c04f7dd31bae4d01af7091
SHA256

3945c0848f1bcec56bcfcbff9d196b8a58efcc0542b0b7d5479a0a4cdb0917ce
SHA512

bbb79bc8f29d87794b3a85ca71623b29fec761296c71fb9028550448468eb64cdd295e3a27c730fdfebabf1d176bec1a0d8e97f26cbc0c17bd07e3a768b15d95
SSDEEP

1536:rp6kFya9c7Ok/YNQBgB75eGFo3sjyXX9di2YTHLYjzDm:9VBQe1o3sjyHxYTHcj/

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  3945c0848f1bcec56bcfcbff9d196b8a58efcc0542b0b7d5479a0a4cdb0917ce
- Size
  
  100KB
- MD5
  
  efd9a236c03dae7ca7d045b5ae053f42
- SHA1
  
  79d311bb87453948c5c04f7dd31bae4d01af7091
- SHA256
  
  3945c0848f1bcec56bcfcbff9d196b8a58efcc0542b0b7d5479a0a4cdb0917ce
- SHA512
  
  bbb79bc8f29d87794b3a85ca71623b29fec761296c71fb9028550448468eb64cdd295e3a27c730fdfebabf1d176bec1a0d8e97f26cbc0c17bd07e3a768b15d95
- SSDEEP
  
  1536:rp6kFya9c7Ok/YNQBgB75eGFo3sjyXX9di2YTHLYjzDm:9VBQe1o3sjyHxYTHcj/
Score

10^/10

evasion trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1