abdb080b8258224e2f0e329456e206a04d4ed5e846d8cd7abef76d27934a26f0 | Triage

Sharing

General

Target

abdb080b8258224e2f0e329456e206a04d4ed5e846d8cd7abef76d27934a26f0
Size

100KB
Sample

230607-xlwnzsef23
MD5

1931f96c35893283bd0007ed75edf6c4
SHA1

18cc33ebdd0bac73960359b91f918850a64db94e
SHA256

abdb080b8258224e2f0e329456e206a04d4ed5e846d8cd7abef76d27934a26f0
SHA512

e1fe55e3ed3d4f510ac6f300bb81650159bd45a970c80cfaef90bbbd19d2579c2b80ae7101fd9087d0450e1d4ed4c07f19fdc2069ebb022a1e3236bfc1350839
SSDEEP

1536:tp6kFya9c7Ok/YNQ+bgB75eGFVVSwjyXX9di2YTHLYjzDm:nVBQJ1VVSwjyHxYTHcj/

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  abdb080b8258224e2f0e329456e206a04d4ed5e846d8cd7abef76d27934a26f0
- Size
  
  100KB
- MD5
  
  1931f96c35893283bd0007ed75edf6c4
- SHA1
  
  18cc33ebdd0bac73960359b91f918850a64db94e
- SHA256
  
  abdb080b8258224e2f0e329456e206a04d4ed5e846d8cd7abef76d27934a26f0
- SHA512
  
  e1fe55e3ed3d4f510ac6f300bb81650159bd45a970c80cfaef90bbbd19d2579c2b80ae7101fd9087d0450e1d4ed4c07f19fdc2069ebb022a1e3236bfc1350839
- SSDEEP
  
  1536:tp6kFya9c7Ok/YNQ+bgB75eGFVVSwjyXX9di2YTHLYjzDm:nVBQJ1VVSwjyHxYTHcj/
Score

10^/10

evasion trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1