b9f4330b1a143606e616d8668806ddfae6e0c8e3fff80e0daffc2bab389bff2a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

05013499.exe
Size

101KB
Sample

230607-pbbbasaa99
MD5

ceb59ec85d165938cfba14c3ec802da5
SHA1

a5dc0ec24458fd36aa3cafaa6e44ac2fbcf2b0db
SHA256

b9f4330b1a143606e616d8668806ddfae6e0c8e3fff80e0daffc2bab389bff2a
SHA512

4c0963c188ab56304f4495ec7d2340b36d7aa8b97bf77b125b82d898505f0afe71e077ea345b2217be27e749a8ab9c56605bf8d9d24377ee1d3d79d00bdf9ce0
SSDEEP

1536:qfp6kE69sL+kPINmgB75eGFr0Kp5S5ynX9di2YDHLYjzDm:oVhr1wy52y3xYDHcj/

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  05013499.exe
- Size
  
  101KB
- MD5
  
  ceb59ec85d165938cfba14c3ec802da5
- SHA1
  
  a5dc0ec24458fd36aa3cafaa6e44ac2fbcf2b0db
- SHA256
  
  b9f4330b1a143606e616d8668806ddfae6e0c8e3fff80e0daffc2bab389bff2a
- SHA512
  
  4c0963c188ab56304f4495ec7d2340b36d7aa8b97bf77b125b82d898505f0afe71e077ea345b2217be27e749a8ab9c56605bf8d9d24377ee1d3d79d00bdf9ce0
- SSDEEP
  
  1536:qfp6kE69sL+kPINmgB75eGFr0Kp5S5ynX9di2YDHLYjzDm:oVhr1wy52y3xYDHcj/
Score

10^/10

evasion trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2