eba9844c640238bcb4ccb8b780ab237bcf513e3c16b978de29d8107c4e106614 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

eba9844c640238bcb4ccb8b780ab237bcf513e3c16b978de29d8107c4e106614
Size

102KB
Sample

230607-qxvshabb58
MD5

1228c6f2a5ebeef5a92c2002b2175c97
SHA1

ab1353277f470d9dd30ecf41e838d1f33abfedc0
SHA256

eba9844c640238bcb4ccb8b780ab237bcf513e3c16b978de29d8107c4e106614
SHA512

40f363fdfc1c13b77e79ec4c7315780632257baf9e3f0f37166f7c27cb925a9c654cb4a2c2285c13129e646a5ba3ba9fefaac3bbd014647b393505932f45e2f2
SSDEEP

1536:ifp6kE69sL+kPINN+gB75eGFiqp525ynX9di2YDHLYjzDm:AVht1iS5iy3xYDHcj/

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  eba9844c640238bcb4ccb8b780ab237bcf513e3c16b978de29d8107c4e106614
- Size
  
  102KB
- MD5
  
  1228c6f2a5ebeef5a92c2002b2175c97
- SHA1
  
  ab1353277f470d9dd30ecf41e838d1f33abfedc0
- SHA256
  
  eba9844c640238bcb4ccb8b780ab237bcf513e3c16b978de29d8107c4e106614
- SHA512
  
  40f363fdfc1c13b77e79ec4c7315780632257baf9e3f0f37166f7c27cb925a9c654cb4a2c2285c13129e646a5ba3ba9fefaac3bbd014647b393505932f45e2f2
- SSDEEP
  
  1536:ifp6kE69sL+kPINN+gB75eGFiqp525ynX9di2YDHLYjzDm:AVht1iS5iy3xYDHcj/
Score

10^/10

evasion trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1