d6ea081fd81f09553c4336c958fe7a6effc6acb4b5dd2c7f93b0ef3699e9665f | Triage

Sharing

General

Target

d6ea081fd81f09553c4336c958fe7a6effc6acb4b5dd2c7f93b0ef3699e9665f
Size

121KB
Sample

230608-gmk1wadd2y
MD5

2ace7023066dc4ee180770ce3b26dc1f
SHA1

6ecd074a5175b830e1d3b3e579feb241533a9e95
SHA256

d6ea081fd81f09553c4336c958fe7a6effc6acb4b5dd2c7f93b0ef3699e9665f
SHA512

969c1c4ebb5218c4d35819979c66ef46ab57739388de5c580ab09fd8c45a54979752e3aef582f3b26ad016f04de82c94f50fa881e400edb0b789fb22a4aac93e
SSDEEP

3072:a9QLdsON8xxwaTq29L026eLfWv48oyhuWVFrag1shbfrtvx:cQLvN8VT/6AWVFmZhDrt

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  d6ea081fd81f09553c4336c958fe7a6effc6acb4b5dd2c7f93b0ef3699e9665f
- Size
  
  121KB
- MD5
  
  2ace7023066dc4ee180770ce3b26dc1f
- SHA1
  
  6ecd074a5175b830e1d3b3e579feb241533a9e95
- SHA256
  
  d6ea081fd81f09553c4336c958fe7a6effc6acb4b5dd2c7f93b0ef3699e9665f
- SHA512
  
  969c1c4ebb5218c4d35819979c66ef46ab57739388de5c580ab09fd8c45a54979752e3aef582f3b26ad016f04de82c94f50fa881e400edb0b789fb22a4aac93e
- SSDEEP
  
  3072:a9QLdsON8xxwaTq29L026eLfWv48oyhuWVFrag1shbfrtvx:cQLvN8VT/6AWVFmZhDrt
Score

10^/10

evasion trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Modify Registry

Disabling Security Tools

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1