dea9152af64c1d83ed61db44ab7e5acaf034a208191f8e2a781f8e85769e3e93 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dea9152af64c1d83ed61db44ab7e5acaf034a208191f8e2a781f8e85769e3e93
Size

100KB
Sample

230607-ydmlsaff5v
MD5

1e11a1c04c8f739c2fefd0ed4f7f8914
SHA1

13d6a32ffd904368476e872fa50885f0793bb1b0
SHA256

dea9152af64c1d83ed61db44ab7e5acaf034a208191f8e2a781f8e85769e3e93
SHA512

b152e22d018da05c32c3041bbc209269d09e6f807be07bb0c566d11f83d984ca7e5ce743968a99337ebbdd58566969ad2069aaa14723c23fb13cca699131c9b6
SSDEEP

1536:Rp6kFya9c7Ok/YNQmdgB75eGFKiTjyXX9di2YTHLYjzDm:bVBQmy1KiTjyHxYTHcj/

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  dea9152af64c1d83ed61db44ab7e5acaf034a208191f8e2a781f8e85769e3e93
- Size
  
  100KB
- MD5
  
  1e11a1c04c8f739c2fefd0ed4f7f8914
- SHA1
  
  13d6a32ffd904368476e872fa50885f0793bb1b0
- SHA256
  
  dea9152af64c1d83ed61db44ab7e5acaf034a208191f8e2a781f8e85769e3e93
- SHA512
  
  b152e22d018da05c32c3041bbc209269d09e6f807be07bb0c566d11f83d984ca7e5ce743968a99337ebbdd58566969ad2069aaa14723c23fb13cca699131c9b6
- SSDEEP
  
  1536:Rp6kFya9c7Ok/YNQmdgB75eGFKiTjyXX9di2YTHLYjzDm:bVBQmy1KiTjyHxYTHcj/
Score

10^/10

evasion trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1