499d2e3848db6c785047e5c1c18ecc58ced77c737423b6477589a9ac00bfd775 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

499d2e3848db6c785047e5c1c18ecc58ced77c737423b6477589a9ac00bfd775
Size

121KB
Sample

230608-c4w29aba75
MD5

31e61f70223672d16962027e28c890b3
SHA1

3d2850bd0f39686564aae8eb785b0bc744bcaedb
SHA256

499d2e3848db6c785047e5c1c18ecc58ced77c737423b6477589a9ac00bfd775
SHA512

a64b221fef5d8ea7492de3f21a5c7fa5b0cc6a7ec978d6f8ce168c8dd6338e1b058ceba7f2f96b8bee608d8b88ba1aafd823b3eaf13a72a9c0c9fddbc70eea14
SSDEEP

3072:i9QLdsON8xxwaTq29Luhglh/YLfWv08oyhuWVFrag1shbfrtvx6:kQLvN8VTCAh/WWVFmZhjrt8

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  499d2e3848db6c785047e5c1c18ecc58ced77c737423b6477589a9ac00bfd775
- Size
  
  121KB
- MD5
  
  31e61f70223672d16962027e28c890b3
- SHA1
  
  3d2850bd0f39686564aae8eb785b0bc744bcaedb
- SHA256
  
  499d2e3848db6c785047e5c1c18ecc58ced77c737423b6477589a9ac00bfd775
- SHA512
  
  a64b221fef5d8ea7492de3f21a5c7fa5b0cc6a7ec978d6f8ce168c8dd6338e1b058ceba7f2f96b8bee608d8b88ba1aafd823b3eaf13a72a9c0c9fddbc70eea14
- SSDEEP
  
  3072:i9QLdsON8xxwaTq29Luhglh/YLfWv08oyhuWVFrag1shbfrtvx6:kQLvN8VTCAh/WWVFmZhjrt8
Score

10^/10

evasion trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1