17f9620712ca760b2748f21835851bfc62af905dd909589075b3e610b6c5acc8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

17f9620712ca760b2748f21835851bfc62af905dd909589075b3e610b6c5acc8
Size

121KB
Sample

230608-e7dq7aca97
MD5

43b235d0e223720b63a6c2f203857db3
SHA1

af59415fd83d12fa60b1bfed7017df66963951fd
SHA256

17f9620712ca760b2748f21835851bfc62af905dd909589075b3e610b6c5acc8
SHA512

8ffefc4ce7cb939df3ca63fe71ad42ea6f05418ea8bbfcd6997a0d03dbfc4df6cdb64464d721e0da98e1f08c9d61cb171fbb8497072a30d6e9cd9b0b74638072
SSDEEP

3072:q9QLdsON8xxwaTq29LLDXCvF/tLfWv48oyhuWVFrag1shbTrtvxK:sQLvN8VTevF/zWVFmZh/rtc

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  17f9620712ca760b2748f21835851bfc62af905dd909589075b3e610b6c5acc8
- Size
  
  121KB
- MD5
  
  43b235d0e223720b63a6c2f203857db3
- SHA1
  
  af59415fd83d12fa60b1bfed7017df66963951fd
- SHA256
  
  17f9620712ca760b2748f21835851bfc62af905dd909589075b3e610b6c5acc8
- SHA512
  
  8ffefc4ce7cb939df3ca63fe71ad42ea6f05418ea8bbfcd6997a0d03dbfc4df6cdb64464d721e0da98e1f08c9d61cb171fbb8497072a30d6e9cd9b0b74638072
- SSDEEP
  
  3072:q9QLdsON8xxwaTq29LLDXCvF/tLfWv48oyhuWVFrag1shbTrtvxK:sQLvN8VTevF/zWVFmZh/rtc
Score

10^/10

evasion trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1