ce6b6e86c2cb8d4efbd1988f2520edcc60236e22d02d9f89aa0f6a5ee7e1d458 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ce6b6e86c2cb8d4efbd1988f2520edcc60236e22d02d9f89aa0f6a5ee7e1d458
Size

121KB
Sample

230608-b9p1fsaf24
MD5

76c6362ad5197cbf182080bf2224b2d4
SHA1

add04173e3c791284f608ac69e0bc3d159e54734
SHA256

ce6b6e86c2cb8d4efbd1988f2520edcc60236e22d02d9f89aa0f6a5ee7e1d458
SHA512

cefe4a937426df6f2fb8eab01a7e0f064eded492c0a8a15bb726361e6b17dc3d595ac5ee3596b8605a48761569ffb1a72808c5bf374610c5d10a8d557d8466e5
SSDEEP

3072:a9QLdsON8xxwaTq29L34G8FLfWvU8oyhuWVFrag1shb9rtvxO:cQLvN8VTDp8DWVFmZhJrt0

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  ce6b6e86c2cb8d4efbd1988f2520edcc60236e22d02d9f89aa0f6a5ee7e1d458
- Size
  
  121KB
- MD5
  
  76c6362ad5197cbf182080bf2224b2d4
- SHA1
  
  add04173e3c791284f608ac69e0bc3d159e54734
- SHA256
  
  ce6b6e86c2cb8d4efbd1988f2520edcc60236e22d02d9f89aa0f6a5ee7e1d458
- SHA512
  
  cefe4a937426df6f2fb8eab01a7e0f064eded492c0a8a15bb726361e6b17dc3d595ac5ee3596b8605a48761569ffb1a72808c5bf374610c5d10a8d557d8466e5
- SSDEEP
  
  3072:a9QLdsON8xxwaTq29L34G8FLfWvU8oyhuWVFrag1shb9rtvxO:cQLvN8VTDp8DWVFmZhJrt0
Score

10^/10

evasion trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1