d59f11b39f02d9b4fb1f5044c76e76159fb8298e8729d393b4909b89e4068559 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d59f11b39f02d9b4fb1f5044c76e76159fb8298e8729d393b4909b89e4068559
Size

121KB
Sample

230608-cepxmsaf87
MD5

e6bc61bdb79948693dc090a0780e92ae
SHA1

a6effbf1e06478b355cfb9ad58a645f5148a7317
SHA256

d59f11b39f02d9b4fb1f5044c76e76159fb8298e8729d393b4909b89e4068559
SHA512

a066dbc70148cc79bc7caa30cde67cad9dcc0fd4b843b6ad186be2167acd24c46d94f96b5d65c27b53ca61d9cdb8b56988fcfb248127cae935f5d428ff38d0f4
SSDEEP

3072:V9QLdsON8xxwaTq29LCu5SLfWvj8oyhuWVFrag1shbirtvx:DQLvN8VTD5lWVFmZhmrt

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  d59f11b39f02d9b4fb1f5044c76e76159fb8298e8729d393b4909b89e4068559
- Size
  
  121KB
- MD5
  
  e6bc61bdb79948693dc090a0780e92ae
- SHA1
  
  a6effbf1e06478b355cfb9ad58a645f5148a7317
- SHA256
  
  d59f11b39f02d9b4fb1f5044c76e76159fb8298e8729d393b4909b89e4068559
- SHA512
  
  a066dbc70148cc79bc7caa30cde67cad9dcc0fd4b843b6ad186be2167acd24c46d94f96b5d65c27b53ca61d9cdb8b56988fcfb248127cae935f5d428ff38d0f4
- SSDEEP
  
  3072:V9QLdsON8xxwaTq29LCu5SLfWvj8oyhuWVFrag1shbirtvx:DQLvN8VTD5lWVFmZhmrt
Score

10^/10

evasion trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1