70497b36ef699bece876e62c4ff4ec66f227cabeaf3730508a869ddc94883ce5 | Triage

Sharing

General

Target

70497b36ef699bece876e62c4ff4ec66f227cabeaf3730508a869ddc94883ce5
Size

121KB
Sample

230608-cnes2abc7y
MD5

294c6778c0b5de1d617a48ff0f690f58
SHA1

94b8e5eaeef8dca78cb4c438dee3583521939dd0
SHA256

70497b36ef699bece876e62c4ff4ec66f227cabeaf3730508a869ddc94883ce5
SHA512

0c56dd8d361965386e67b9883589da9a1d00f36d58de882648ffb713919e93dd0fc3b38c74358e8eb4016ed9f34e42f26e4f12642f7bf78cbece82a858fdcaca
SSDEEP

3072:X9QLdsON8xxwaTq29LjK++E7LfWv98oyhuWVFrag1shbYrtvx:tQLvN8VTkEOWVFmZh8rt

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  70497b36ef699bece876e62c4ff4ec66f227cabeaf3730508a869ddc94883ce5
- Size
  
  121KB
- MD5
  
  294c6778c0b5de1d617a48ff0f690f58
- SHA1
  
  94b8e5eaeef8dca78cb4c438dee3583521939dd0
- SHA256
  
  70497b36ef699bece876e62c4ff4ec66f227cabeaf3730508a869ddc94883ce5
- SHA512
  
  0c56dd8d361965386e67b9883589da9a1d00f36d58de882648ffb713919e93dd0fc3b38c74358e8eb4016ed9f34e42f26e4f12642f7bf78cbece82a858fdcaca
- SSDEEP
  
  3072:X9QLdsON8xxwaTq29LjK++E7LfWv98oyhuWVFrag1shbYrtvx:tQLvN8VTkEOWVFmZh8rt
Score

10^/10

evasion trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1