f74b0d648abb68dd4ca41d7eaaf26ddc2bd3f3c89dae349a2473a383bec6b61d | Triage

Sharing

General

Target

f74b0d648abb68dd4ca41d7eaaf26ddc2bd3f3c89dae349a2473a383bec6b61d
Size

121KB
Sample

230608-aml5lshf65
MD5

f1276fc56363cd1110f34e2395cec452
SHA1

e996371d3250dc58abf271710d9ecf6cb888f373
SHA256

f74b0d648abb68dd4ca41d7eaaf26ddc2bd3f3c89dae349a2473a383bec6b61d
SHA512

4e638a879a8ecc36dc7dd006ce323650b7d86128fe19831e303d223274e1ba7078fead2c79ff3349ea894f91684496e9192bb28e1591803c6c97ae248c14597c
SSDEEP

3072:09QLdsON8xxwaTq29LFNcrLfWvq8oyhuWVFrag1shbErtvx:GQLvN8VTDcXWVFmZhArt

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  f74b0d648abb68dd4ca41d7eaaf26ddc2bd3f3c89dae349a2473a383bec6b61d
- Size
  
  121KB
- MD5
  
  f1276fc56363cd1110f34e2395cec452
- SHA1
  
  e996371d3250dc58abf271710d9ecf6cb888f373
- SHA256
  
  f74b0d648abb68dd4ca41d7eaaf26ddc2bd3f3c89dae349a2473a383bec6b61d
- SHA512
  
  4e638a879a8ecc36dc7dd006ce323650b7d86128fe19831e303d223274e1ba7078fead2c79ff3349ea894f91684496e9192bb28e1591803c6c97ae248c14597c
- SSDEEP
  
  3072:09QLdsON8xxwaTq29LFNcrLfWvq8oyhuWVFrag1shbErtvx:GQLvN8VTDcXWVFmZhArt
Score

10^/10

evasion trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1