5b9e04ec7d8249bf660deb2e08f4351d74a520cceda6be4c69e4ebed22593656 | Triage

Sharing

General

Target

5b9e04ec7d8249bf660deb2e08f4351d74a520cceda6be4c69e4ebed22593656
Size

121KB
Sample

230608-c5k2daba79
MD5

cb992a1813220b88cce352b09740f464
SHA1

5cb15131add922d08f4c45c9f0c3dcc82e8c8000
SHA256

5b9e04ec7d8249bf660deb2e08f4351d74a520cceda6be4c69e4ebed22593656
SHA512

24510a3ec4ad9fa6f1a36e6e0c79efef635815d860d23c5dd27746fbb93cc7fd729670df2de0ad2014ca62bfe74af56f7033df28b1b3b37b4c19deece113035f
SSDEEP

3072:i9QLdsON8xxwaTq29Luhglh/YLfWv08oyhuWVFrag1shbfrtvx:kQLvN8VTCAh/WWVFmZhjrt

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  5b9e04ec7d8249bf660deb2e08f4351d74a520cceda6be4c69e4ebed22593656
- Size
  
  121KB
- MD5
  
  cb992a1813220b88cce352b09740f464
- SHA1
  
  5cb15131add922d08f4c45c9f0c3dcc82e8c8000
- SHA256
  
  5b9e04ec7d8249bf660deb2e08f4351d74a520cceda6be4c69e4ebed22593656
- SHA512
  
  24510a3ec4ad9fa6f1a36e6e0c79efef635815d860d23c5dd27746fbb93cc7fd729670df2de0ad2014ca62bfe74af56f7033df28b1b3b37b4c19deece113035f
- SSDEEP
  
  3072:i9QLdsON8xxwaTq29Luhglh/YLfWv08oyhuWVFrag1shbfrtvx:kQLvN8VTCAh/WWVFmZhjrt
Score

10^/10

evasion trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1