fb540c9b250146196d25ab02086150d11d5b1a75807d086026155a76891c4013 | Triage

Sharing

General

Target

fb540c9b250146196d25ab02086150d11d5b1a75807d086026155a76891c4013
Size

121KB
Sample

230608-gg399sdc6v
MD5

4f70a5c3e14e25a2f49c2d386f5cf9f0
SHA1

57f252be28edde97d3837b606fab60bdb121a5d9
SHA256

fb540c9b250146196d25ab02086150d11d5b1a75807d086026155a76891c4013
SHA512

9db70674750a794f39204bf73d55747feb310177f7c36bc7b567cbd79d7562033106c3fa4a1252b45142ee9e7aec967096b0eaeb3c06fa8989a5754d8e4c2b3e
SSDEEP

3072:k9QLdsON8xxwaTq29LyipOpLfWvW8oyhuWVFrag1shb3rtvx6:2QLvN8VT5OJWVFmZhzrt8

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  fb540c9b250146196d25ab02086150d11d5b1a75807d086026155a76891c4013
- Size
  
  121KB
- MD5
  
  4f70a5c3e14e25a2f49c2d386f5cf9f0
- SHA1
  
  57f252be28edde97d3837b606fab60bdb121a5d9
- SHA256
  
  fb540c9b250146196d25ab02086150d11d5b1a75807d086026155a76891c4013
- SHA512
  
  9db70674750a794f39204bf73d55747feb310177f7c36bc7b567cbd79d7562033106c3fa4a1252b45142ee9e7aec967096b0eaeb3c06fa8989a5754d8e4c2b3e
- SSDEEP
  
  3072:k9QLdsON8xxwaTq29LyipOpLfWvW8oyhuWVFrag1shb3rtvx6:2QLvN8VT5OJWVFmZhzrt8
Score

10^/10

evasion trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Modify Registry

Disabling Security Tools

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1