1179e6292e0675649d9c0d88bc16b54a60f93b858a7debb61b2dee62f9f9d748 | Triage

Sharing

General

Target

1179e6292e0675649d9c0d88bc16b54a60f93b858a7debb61b2dee62f9f9d748
Size

100KB
Sample

230607-s49lcach9t
MD5

9f8b8fd2caa983b719b6bd820dc54448
SHA1

da71b386eee04427d6d20c3bcb422208ab3bc0d5
SHA256

1179e6292e0675649d9c0d88bc16b54a60f93b858a7debb61b2dee62f9f9d748
SHA512

ac3e8e79601b06555ff22a60cefe133cf0486ff3a27b14130855e9d40c77c87fb7c7b73ce80a21464ea81875ba01921ab4014166f6533737e15577bc049c4842
SSDEEP

1536:Ip6kFya9c7Ok/YNQuIG6jgB75eGF7V3QjyXX9di2YTHLYjzDm:QVBQBK17V3QjyHxYTHcj/

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  1179e6292e0675649d9c0d88bc16b54a60f93b858a7debb61b2dee62f9f9d748
- Size
  
  100KB
- MD5
  
  9f8b8fd2caa983b719b6bd820dc54448
- SHA1
  
  da71b386eee04427d6d20c3bcb422208ab3bc0d5
- SHA256
  
  1179e6292e0675649d9c0d88bc16b54a60f93b858a7debb61b2dee62f9f9d748
- SHA512
  
  ac3e8e79601b06555ff22a60cefe133cf0486ff3a27b14130855e9d40c77c87fb7c7b73ce80a21464ea81875ba01921ab4014166f6533737e15577bc049c4842
- SSDEEP
  
  1536:Ip6kFya9c7Ok/YNQuIG6jgB75eGF7V3QjyXX9di2YTHLYjzDm:QVBQBK17V3QjyHxYTHcj/
Score

10^/10

evasion trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1