9f4cf952d8e97b0ebace19226f4a61205a25b0497a55ed7730b5fe4fc1820365 | Triage

Sharing

General

Target

9f4cf952d8e97b0ebace19226f4a61205a25b0497a55ed7730b5fe4fc1820365
Size

121KB
Sample

230607-zxqcfsfh79
MD5

e6d8e5b89ceb16bcdc9600b61a0b8bfc
SHA1

2d5386c7b557812d481d2338825029d4a9850fc8
SHA256

9f4cf952d8e97b0ebace19226f4a61205a25b0497a55ed7730b5fe4fc1820365
SHA512

1192d77b73814f85b8d6f86bbc170fa44e130615da03368793c169f4b3e950833ad38230e7fb12c05b635980edef5fe889893526d6965477ee1232ff1328a779
SSDEEP

3072:R9QLdsON8xxwaTq29L2d82OLfWv38oyhuWVFrag1shbIrtvx:nQLvN8VTo8KWVFmZhcrt

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  9f4cf952d8e97b0ebace19226f4a61205a25b0497a55ed7730b5fe4fc1820365
- Size
  
  121KB
- MD5
  
  e6d8e5b89ceb16bcdc9600b61a0b8bfc
- SHA1
  
  2d5386c7b557812d481d2338825029d4a9850fc8
- SHA256
  
  9f4cf952d8e97b0ebace19226f4a61205a25b0497a55ed7730b5fe4fc1820365
- SHA512
  
  1192d77b73814f85b8d6f86bbc170fa44e130615da03368793c169f4b3e950833ad38230e7fb12c05b635980edef5fe889893526d6965477ee1232ff1328a779
- SSDEEP
  
  3072:R9QLdsON8xxwaTq29L2d82OLfWv38oyhuWVFrag1shbIrtvx:nQLvN8VTo8KWVFmZhcrt
Score

10^/10

evasion trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1