28c6178db38e219bd308841012d1cd2e0fc33b245a0c80f7b3a16b48aafc02d2 | Triage

Sharing

General

Target

28c6178db38e219bd308841012d1cd2e0fc33b245a0c80f7b3a16b48aafc02d2
Size

121KB
Sample

230608-emxcsscd4t
MD5

a702a56be3f4948857ed0eb520d5c77b
SHA1

f73226e9bf653d9870ce833d33115236bd6e4404
SHA256

28c6178db38e219bd308841012d1cd2e0fc33b245a0c80f7b3a16b48aafc02d2
SHA512

286713c5ba65b612a1985c1bca449e3dc702441d604f13bff2e1071898d6c527c0b95ee71f2fd9bb85794fdb6faef4e2d68baaba6940488e2ff1514cbaf841d2
SSDEEP

3072:z9QLdsON8xxwaTq29L/iOp/LfWv58oyhuWVFrag1shbsrtvx:hQLvN8VT5pKWVFmZhIrt

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  28c6178db38e219bd308841012d1cd2e0fc33b245a0c80f7b3a16b48aafc02d2
- Size
  
  121KB
- MD5
  
  a702a56be3f4948857ed0eb520d5c77b
- SHA1
  
  f73226e9bf653d9870ce833d33115236bd6e4404
- SHA256
  
  28c6178db38e219bd308841012d1cd2e0fc33b245a0c80f7b3a16b48aafc02d2
- SHA512
  
  286713c5ba65b612a1985c1bca449e3dc702441d604f13bff2e1071898d6c527c0b95ee71f2fd9bb85794fdb6faef4e2d68baaba6940488e2ff1514cbaf841d2
- SSDEEP
  
  3072:z9QLdsON8xxwaTq29L/iOp/LfWv58oyhuWVFrag1shbsrtvx:hQLvN8VT5pKWVFmZhIrt
Score

10^/10

evasion trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1