db228d2c2193bb8b84cb0638ddf233d356a16c3bde860f12d1154a8f94abc025 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

db228d2c2193bb8b84cb0638ddf233d356a16c3bde860f12d1154a8f94abc025
Size

121KB
Sample

230608-fc7w8acb83
MD5

49daafd3a075d2a3b39d0c9118878b13
SHA1

f7163aa1c4d2fc11285ec34117b6e8696b8126c1
SHA256

db228d2c2193bb8b84cb0638ddf233d356a16c3bde860f12d1154a8f94abc025
SHA512

e45215254352ccba1a7369e79b02adc8663b8c2e9076ad258ebf00dedb59cc1e581a3d0c19f50e66a32df9e6ab4323a434f4b560908ee692a92ec9854e34a386
SSDEEP

3072:P9QLdsON8xxwaTq29LA9FkrGLfWvh8oyhuWVFrag1shb3rtvx6:lQLvN8VTekrPWVFmZhjrt8

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  db228d2c2193bb8b84cb0638ddf233d356a16c3bde860f12d1154a8f94abc025
- Size
  
  121KB
- MD5
  
  49daafd3a075d2a3b39d0c9118878b13
- SHA1
  
  f7163aa1c4d2fc11285ec34117b6e8696b8126c1
- SHA256
  
  db228d2c2193bb8b84cb0638ddf233d356a16c3bde860f12d1154a8f94abc025
- SHA512
  
  e45215254352ccba1a7369e79b02adc8663b8c2e9076ad258ebf00dedb59cc1e581a3d0c19f50e66a32df9e6ab4323a434f4b560908ee692a92ec9854e34a386
- SSDEEP
  
  3072:P9QLdsON8xxwaTq29LA9FkrGLfWvh8oyhuWVFrag1shb3rtvx6:lQLvN8VTekrPWVFmZhjrt8
Score

10^/10

evasion trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1