d6f9de7b8c12195b67a5261c7697676c7f5c9979a592e59ea4691e87b6e9d770 | Triage

Sharing

General

Target

d6f9de7b8c12195b67a5261c7697676c7f5c9979a592e59ea4691e87b6e9d770
Size

100KB
Sample

230607-ymbwmsfg8v
MD5

cdec0964072010dde11f6d88c949e484
SHA1

c7c0628c335d112c8df73fd97e7a36ea6de6e802
SHA256

d6f9de7b8c12195b67a5261c7697676c7f5c9979a592e59ea4691e87b6e9d770
SHA512

01ae46d4af293b474097e5b6ac56c1e1bde9478f551fc6cd227b4c9de7a1036e33a7590237ed92fb6f309e8aa6ed0bd50401fa2a05ec46e2cc39c671d431d17f
SSDEEP

1536:Rp6kFya9c7Ok/YNQmdgB75eGFKiTjyXX9di2YTHLYjzDm:bVBQmy1KiTjyHxYTHcj/

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  d6f9de7b8c12195b67a5261c7697676c7f5c9979a592e59ea4691e87b6e9d770
- Size
  
  100KB
- MD5
  
  cdec0964072010dde11f6d88c949e484
- SHA1
  
  c7c0628c335d112c8df73fd97e7a36ea6de6e802
- SHA256
  
  d6f9de7b8c12195b67a5261c7697676c7f5c9979a592e59ea4691e87b6e9d770
- SHA512
  
  01ae46d4af293b474097e5b6ac56c1e1bde9478f551fc6cd227b4c9de7a1036e33a7590237ed92fb6f309e8aa6ed0bd50401fa2a05ec46e2cc39c671d431d17f
- SSDEEP
  
  1536:Rp6kFya9c7Ok/YNQmdgB75eGFKiTjyXX9di2YTHLYjzDm:bVBQmy1KiTjyHxYTHcj/
Score

10^/10

evasion trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1