2604ae57060f1a8ed0a9a2258025f9e0616b0c92092f3e346f8d805be4b85402 | Triage

Sharing

General

Target

2604ae57060f1a8ed0a9a2258025f9e0616b0c92092f3e346f8d805be4b85402
Size

121KB
Sample

230608-aehr8ahe65
MD5

be595b68dcca83a967996ef8316754de
SHA1

4f1ddba03dc3cd1758baa73a2fb685df8a78af83
SHA256

2604ae57060f1a8ed0a9a2258025f9e0616b0c92092f3e346f8d805be4b85402
SHA512

faaa7b7d1a701354dedece8d48a898507c1c0d1556c0847f3824df29ace5efaf62ca4ca08a7feb0c51cb22ba0f5088f8608bf91b0b1bf666c0e62b458f8d371a
SSDEEP

3072:V9QLdsON8xxwaTq29LY247XyLfWv/8oyhuWVFrag1shbjrtvx:DQLvN8VT0xXpWVFmZhPrt

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  2604ae57060f1a8ed0a9a2258025f9e0616b0c92092f3e346f8d805be4b85402
- Size
  
  121KB
- MD5
  
  be595b68dcca83a967996ef8316754de
- SHA1
  
  4f1ddba03dc3cd1758baa73a2fb685df8a78af83
- SHA256
  
  2604ae57060f1a8ed0a9a2258025f9e0616b0c92092f3e346f8d805be4b85402
- SHA512
  
  faaa7b7d1a701354dedece8d48a898507c1c0d1556c0847f3824df29ace5efaf62ca4ca08a7feb0c51cb22ba0f5088f8608bf91b0b1bf666c0e62b458f8d371a
- SSDEEP
  
  3072:V9QLdsON8xxwaTq29LY247XyLfWv/8oyhuWVFrag1shbjrtvx:DQLvN8VT0xXpWVFmZhPrt
Score

10^/10

evasion trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1