3ddb1c1d94cb6fdb4a2fb87cf9d4adef3d114a99c91abceebdd88579e14df58e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3ddb1c1d94cb6fdb4a2fb87cf9d4adef3d114a99c91abceebdd88579e14df58e
Size

121KB
Sample

230608-cadntaaf29
MD5

43b8dfad23e68c1816ac5e87a68b362c
SHA1

3e99524f4100eaad5182f2897ab5f61f5fc69875
SHA256

3ddb1c1d94cb6fdb4a2fb87cf9d4adef3d114a99c91abceebdd88579e14df58e
SHA512

86cbd4cc687fe02fe88d02d702f5fb8b198fdc2d68734ebcb151a176da627ed01d7a0e17003359c7f2de9e4265ed6fea9a64ea94f3bfdcbf99d0381da8b390ef
SSDEEP

3072:a9QLdsON8xxwaTq29L34G8FLfWvU8oyhuWVFrag1shb9rtvx:cQLvN8VTDp8DWVFmZhJrt

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  3ddb1c1d94cb6fdb4a2fb87cf9d4adef3d114a99c91abceebdd88579e14df58e
- Size
  
  121KB
- MD5
  
  43b8dfad23e68c1816ac5e87a68b362c
- SHA1
  
  3e99524f4100eaad5182f2897ab5f61f5fc69875
- SHA256
  
  3ddb1c1d94cb6fdb4a2fb87cf9d4adef3d114a99c91abceebdd88579e14df58e
- SHA512
  
  86cbd4cc687fe02fe88d02d702f5fb8b198fdc2d68734ebcb151a176da627ed01d7a0e17003359c7f2de9e4265ed6fea9a64ea94f3bfdcbf99d0381da8b390ef
- SSDEEP
  
  3072:a9QLdsON8xxwaTq29L34G8FLfWvU8oyhuWVFrag1shb9rtvx:cQLvN8VTDp8DWVFmZhJrt
Score

10^/10

evasion trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1