a31498a7e0b3a1a333b425bfb7b4a0272c4ffb4e4aa39448812bdd4fec8b8c27 | Triage

Sharing

General

Target

a31498a7e0b3a1a333b425bfb7b4a0272c4ffb4e4aa39448812bdd4fec8b8c27
Size

121KB
Sample

230608-ffwy5acg5w
MD5

e5e5908fade0f438577b5432bd830341
SHA1

94d87f5b8a4b9b297b0b3e9a9ed9528fabee4580
SHA256

a31498a7e0b3a1a333b425bfb7b4a0272c4ffb4e4aa39448812bdd4fec8b8c27
SHA512

4168361d3edb1ce9126b0fe3d8646e7f20ac6284386aa8c0e69ae0bade6c486020ef5d3d88269755acda9d7d56b12bc4826c2b8d48c7ba1da4e63b92f4530281
SSDEEP

3072:P9QLdsON8xxwaTq29LA9FkrGLfWvh8oyhuWVFrag1shb3rtvx:lQLvN8VTekrPWVFmZhjrt

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  a31498a7e0b3a1a333b425bfb7b4a0272c4ffb4e4aa39448812bdd4fec8b8c27
- Size
  
  121KB
- MD5
  
  e5e5908fade0f438577b5432bd830341
- SHA1
  
  94d87f5b8a4b9b297b0b3e9a9ed9528fabee4580
- SHA256
  
  a31498a7e0b3a1a333b425bfb7b4a0272c4ffb4e4aa39448812bdd4fec8b8c27
- SHA512
  
  4168361d3edb1ce9126b0fe3d8646e7f20ac6284386aa8c0e69ae0bade6c486020ef5d3d88269755acda9d7d56b12bc4826c2b8d48c7ba1da4e63b92f4530281
- SSDEEP
  
  3072:P9QLdsON8xxwaTq29LA9FkrGLfWvh8oyhuWVFrag1shb3rtvx:lQLvN8VTekrPWVFmZhjrt
Score

10^/10

evasion trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1