176a8fcff72844004dcd512764b06799d27ad62f3ce48e5e3dd2e59fdfa50455 | Triage

Sharing

General

Target

176a8fcff72844004dcd512764b06799d27ad62f3ce48e5e3dd2e59fdfa50455
Size

121KB
Sample

230608-c1r9wsba46
MD5

2f60586015087b4f85ab2ea8f108067c
SHA1

bc1c3ef8087318dcc5a1d51a0121b129f7d52f22
SHA256

176a8fcff72844004dcd512764b06799d27ad62f3ce48e5e3dd2e59fdfa50455
SHA512

1391e0a8a1ff76440b586126668d1cbd77df7ebc5bd9b9b470e17a778f03c41fe14b1df9402baecc69f036f9c099f53a974aab8c96fd93b95a639f9f709148a0
SSDEEP

3072:KB9QLdsON8xxwaTq29L0T39LfWv5i8oyhuWVFrag1shbVrtvx6:KXQLvN8VTQ3o0WVFmZhhrt8

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  176a8fcff72844004dcd512764b06799d27ad62f3ce48e5e3dd2e59fdfa50455
- Size
  
  121KB
- MD5
  
  2f60586015087b4f85ab2ea8f108067c
- SHA1
  
  bc1c3ef8087318dcc5a1d51a0121b129f7d52f22
- SHA256
  
  176a8fcff72844004dcd512764b06799d27ad62f3ce48e5e3dd2e59fdfa50455
- SHA512
  
  1391e0a8a1ff76440b586126668d1cbd77df7ebc5bd9b9b470e17a778f03c41fe14b1df9402baecc69f036f9c099f53a974aab8c96fd93b95a639f9f709148a0
- SSDEEP
  
  3072:KB9QLdsON8xxwaTq29L0T39LfWv5i8oyhuWVFrag1shbVrtvx6:KXQLvN8VTQ3o0WVFmZhhrt8
Score

10^/10

evasion trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1