0f7b820eb2f63ee3c493f9b896ee38afb84837030beb928b8701bddc4b0fd3af | Triage

Sharing

General

Target

0f7b820eb2f63ee3c493f9b896ee38afb84837030beb928b8701bddc4b0fd3af
Size

100KB
Sample

230607-swy5mscc25
MD5

746e76cb62c080dd8f528926158bfc64
SHA1

40e20b5c71b2799c660834848ca6cc9e81a5c136
SHA256

0f7b820eb2f63ee3c493f9b896ee38afb84837030beb928b8701bddc4b0fd3af
SHA512

f688a9eb6cf1855e6c35d98e83178dd78084e9ee80e37f57b7bed2bc868fc5a6b1fa5f86373a6fb3e5ecbdeec10bbcade2322dfa7b98242c8739d170a6aec93b
SSDEEP

1536:tp6kFya9c7Ok/YNQeNgB75eGF17yjjyXX9di2YTHLYjzDm:nVBQ3117yjjyHxYTHcj/

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  0f7b820eb2f63ee3c493f9b896ee38afb84837030beb928b8701bddc4b0fd3af
- Size
  
  100KB
- MD5
  
  746e76cb62c080dd8f528926158bfc64
- SHA1
  
  40e20b5c71b2799c660834848ca6cc9e81a5c136
- SHA256
  
  0f7b820eb2f63ee3c493f9b896ee38afb84837030beb928b8701bddc4b0fd3af
- SHA512
  
  f688a9eb6cf1855e6c35d98e83178dd78084e9ee80e37f57b7bed2bc868fc5a6b1fa5f86373a6fb3e5ecbdeec10bbcade2322dfa7b98242c8739d170a6aec93b
- SSDEEP
  
  1536:tp6kFya9c7Ok/YNQeNgB75eGF17yjjyXX9di2YTHLYjzDm:nVBQ3117yjjyHxYTHcj/
Score

10^/10

evasion trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1