f7d74b4169ff14e3c5f937654086e48593b74d30240fd52047ace3f76cc034d2 | Triage

Sharing

General

Target

f7d74b4169ff14e3c5f937654086e48593b74d30240fd52047ace3f76cc034d2
Size

121KB
Sample

230608-drbq8abh8w
MD5

f197670f296c196c5716f7c01085c8d0
SHA1

189d25dc9132f6f16963d152b5cf00f20676d3d0
SHA256

f7d74b4169ff14e3c5f937654086e48593b74d30240fd52047ace3f76cc034d2
SHA512

d6eec54905594f71d4e4be27bc9171730f447274e139154dc4622c3d4afd941901bfddd2ed756364bbbe377d07b3f0ee015196eb0a7c9863a53935353564af8f
SSDEEP

3072:h9QLdsON8xxwaTq29LzLAGtrLfWvX8oyhuWVFrag1shbortvx:3QLvN8VTjAGtoWVFmZhUrt

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  f7d74b4169ff14e3c5f937654086e48593b74d30240fd52047ace3f76cc034d2
- Size
  
  121KB
- MD5
  
  f197670f296c196c5716f7c01085c8d0
- SHA1
  
  189d25dc9132f6f16963d152b5cf00f20676d3d0
- SHA256
  
  f7d74b4169ff14e3c5f937654086e48593b74d30240fd52047ace3f76cc034d2
- SHA512
  
  d6eec54905594f71d4e4be27bc9171730f447274e139154dc4622c3d4afd941901bfddd2ed756364bbbe377d07b3f0ee015196eb0a7c9863a53935353564af8f
- SSDEEP
  
  3072:h9QLdsON8xxwaTq29LzLAGtrLfWvX8oyhuWVFrag1shbortvx:3QLvN8VTjAGtoWVFmZhUrt
Score

10^/10

evasion trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1