e4e718731452d373404a47c27f1f8daa757a646a213dc9c482774b22868fb0d6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

05794199.exe
Size

100KB
Sample

230607-vbvb3adb23
MD5

5f4765e98aa5789553b5a804d5481467
SHA1

b29085603ae0a545d6125228e8650f6fd6ab3329
SHA256

e4e718731452d373404a47c27f1f8daa757a646a213dc9c482774b22868fb0d6
SHA512

0e8fcbf08b15d9e042600badb86fe379a5ccc78475315a3d87c9c5a40fb38ba642dc33db64975bec46ef52ede24e8a381df89c2759002103225e1fb7aea1b8b6
SSDEEP

1536:vp6kFya9c7Ok/YNQVB0gB75eGFESDjyXX9di2YTHLYjzDm:hVBQ3d1ESDjyHxYTHcj/

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  05794199.exe
- Size
  
  100KB
- MD5
  
  5f4765e98aa5789553b5a804d5481467
- SHA1
  
  b29085603ae0a545d6125228e8650f6fd6ab3329
- SHA256
  
  e4e718731452d373404a47c27f1f8daa757a646a213dc9c482774b22868fb0d6
- SHA512
  
  0e8fcbf08b15d9e042600badb86fe379a5ccc78475315a3d87c9c5a40fb38ba642dc33db64975bec46ef52ede24e8a381df89c2759002103225e1fb7aea1b8b6
- SSDEEP
  
  1536:vp6kFya9c7Ok/YNQVB0gB75eGFESDjyXX9di2YTHLYjzDm:hVBQ3d1ESDjyHxYTHcj/
Score

10^/10

evasion trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2