1c5fddd923b82223844946a7f01f737a9b50da84c5b77de28a56711375ee6f87 | Triage

Sharing

General

Target

1c5fddd923b82223844946a7f01f737a9b50da84c5b77de28a56711375ee6f87
Size

121KB
Sample

230608-gn3bjsdd4s
MD5

cbd4928fd446a6b1ac89e1583e866cb6
SHA1

2a7fa444fb6d300e8693d465ec57ca1c1b0939a8
SHA256

1c5fddd923b82223844946a7f01f737a9b50da84c5b77de28a56711375ee6f87
SHA512

4a14cb958c76815117b29b79fc86e820a146fa4dcd858dd8c2306630230d35551114bc11495e40024d0d087efebe26d47648ebc0890e5f749aa0657d3996864e
SSDEEP

3072:a9QLdsON8xxwaTq29L026eLfWv48oyhuWVFrag1shbfrtvx:cQLvN8VT/6AWVFmZhDrt

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  1c5fddd923b82223844946a7f01f737a9b50da84c5b77de28a56711375ee6f87
- Size
  
  121KB
- MD5
  
  cbd4928fd446a6b1ac89e1583e866cb6
- SHA1
  
  2a7fa444fb6d300e8693d465ec57ca1c1b0939a8
- SHA256
  
  1c5fddd923b82223844946a7f01f737a9b50da84c5b77de28a56711375ee6f87
- SHA512
  
  4a14cb958c76815117b29b79fc86e820a146fa4dcd858dd8c2306630230d35551114bc11495e40024d0d087efebe26d47648ebc0890e5f749aa0657d3996864e
- SSDEEP
  
  3072:a9QLdsON8xxwaTq29L026eLfWv48oyhuWVFrag1shbfrtvx:cQLvN8VT/6AWVFmZhDrt
Score

10^/10

evasion trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Modify Registry

Disabling Security Tools

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1