49a61d8f69271e1f6cf784f80ad567d5419f64c8d4e52a6208658bab4432cfdd | Triage

Sharing

General

Target

49a61d8f69271e1f6cf784f80ad567d5419f64c8d4e52a6208658bab4432cfdd
Size

121KB
Sample

230608-c96tmsbb64
MD5

6362671ec1b31280c52f3afb16696ee7
SHA1

0918ed46048c7085b28b86e5502bc0662326c88c
SHA256

49a61d8f69271e1f6cf784f80ad567d5419f64c8d4e52a6208658bab4432cfdd
SHA512

eff4ccb9758196a54f25d438f82f8a973d74713b732934d60c2d8a3a8868de6887458ef275815c66925d0d8a3d97cd8e2184e0e82cf65fe56fbb52426d696931
SSDEEP

3072:T9QLdsON8xxwaTq29Lk0uVCLfWvV8oyhuWVFrag1shb+rtvx:BQLvN8VTbuVzWVFmZhyrt

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  49a61d8f69271e1f6cf784f80ad567d5419f64c8d4e52a6208658bab4432cfdd
- Size
  
  121KB
- MD5
  
  6362671ec1b31280c52f3afb16696ee7
- SHA1
  
  0918ed46048c7085b28b86e5502bc0662326c88c
- SHA256
  
  49a61d8f69271e1f6cf784f80ad567d5419f64c8d4e52a6208658bab4432cfdd
- SHA512
  
  eff4ccb9758196a54f25d438f82f8a973d74713b732934d60c2d8a3a8868de6887458ef275815c66925d0d8a3d97cd8e2184e0e82cf65fe56fbb52426d696931
- SSDEEP
  
  3072:T9QLdsON8xxwaTq29Lk0uVCLfWvV8oyhuWVFrag1shb+rtvx:BQLvN8VTbuVzWVFmZhyrt
Score

10^/10

evasion trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1