c7cca15c36560e732dd288c1589eb69cf878d3fa0125d4896d06d1093600d625 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c7cca15c36560e732dd288c1589eb69cf878d3fa0125d4896d06d1093600d625
Size

121KB
Sample

230608-by5lrsah8t
MD5

aa80cdea79a992f3fbb045b38e55911b
SHA1

601769e1f3a0e7e28ecef7f10700f45f15145a92
SHA256

c7cca15c36560e732dd288c1589eb69cf878d3fa0125d4896d06d1093600d625
SHA512

fd9181db1a9aa543ef76865b00c4caf7b0314a5f820ab73fee8d7bc558b771a7894e1eda8592a6937bc8a5d5a5f68e49a9b0905317750d9dfdd2cd862b56c972
SSDEEP

3072:N9QLdsON8xxwaTq29LfGaVLfWvv8oyhuWVFrag1shb/rtvx:bQLvN8VT6aGWVFmZhDrt

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  c7cca15c36560e732dd288c1589eb69cf878d3fa0125d4896d06d1093600d625
- Size
  
  121KB
- MD5
  
  aa80cdea79a992f3fbb045b38e55911b
- SHA1
  
  601769e1f3a0e7e28ecef7f10700f45f15145a92
- SHA256
  
  c7cca15c36560e732dd288c1589eb69cf878d3fa0125d4896d06d1093600d625
- SHA512
  
  fd9181db1a9aa543ef76865b00c4caf7b0314a5f820ab73fee8d7bc558b771a7894e1eda8592a6937bc8a5d5a5f68e49a9b0905317750d9dfdd2cd862b56c972
- SSDEEP
  
  3072:N9QLdsON8xxwaTq29LfGaVLfWvv8oyhuWVFrag1shb/rtvx:bQLvN8VT6aGWVFmZhDrt
Score

10^/10

evasion trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1