2ad68cf6bd5a9cb3873974d58ed1aed99902083eb40ecae56593d7e73ce1d77c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2ad68cf6bd5a9cb3873974d58ed1aed99902083eb40ecae56593d7e73ce1d77c
Size

121KB
Sample

230608-arrwnahg43
MD5

5206414cea003c5a648f530fd12fec41
SHA1

dfed19e90f66e1f7381ca84778135f8112c35d32
SHA256

2ad68cf6bd5a9cb3873974d58ed1aed99902083eb40ecae56593d7e73ce1d77c
SHA512

6d4da5aaf178a67838060c3b65c481025273ae3e9b6bc415f30223c2599fcf7bb72ae9ca65f8a94b2b0bf56fe6103bafda91769bbe261603199f50f4a7fcff1f
SSDEEP

3072:I9QLdsON8xxwaTq29LlFZtGLfWvG8oyhuWVFrag1shbnrtvxK:CQLvN8VTXZt+WVFmZhrrtc

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  2ad68cf6bd5a9cb3873974d58ed1aed99902083eb40ecae56593d7e73ce1d77c
- Size
  
  121KB
- MD5
  
  5206414cea003c5a648f530fd12fec41
- SHA1
  
  dfed19e90f66e1f7381ca84778135f8112c35d32
- SHA256
  
  2ad68cf6bd5a9cb3873974d58ed1aed99902083eb40ecae56593d7e73ce1d77c
- SHA512
  
  6d4da5aaf178a67838060c3b65c481025273ae3e9b6bc415f30223c2599fcf7bb72ae9ca65f8a94b2b0bf56fe6103bafda91769bbe261603199f50f4a7fcff1f
- SSDEEP
  
  3072:I9QLdsON8xxwaTq29LlFZtGLfWvG8oyhuWVFrag1shbnrtvxK:CQLvN8VTXZt+WVFmZhrrtc
Score

10^/10

evasion trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1