eb99ce3577d0a3512375ba0fb6507bf3ad3b85eaae38409dfeba1c503e939d80 | Triage

Sharing

General

Target

eb99ce3577d0a3512375ba0fb6507bf3ad3b85eaae38409dfeba1c503e939d80
Size

121KB
Sample

230608-gp93sacg88
MD5

5092d05c4ec7657ad6aa1c83174a6571
SHA1

88d779df137ef2e825f126bbde89ced7f5704ddb
SHA256

eb99ce3577d0a3512375ba0fb6507bf3ad3b85eaae38409dfeba1c503e939d80
SHA512

3dcdbbf024ba65d981681337728e88afacd4a13d4168f80a398af360c6d26fcc54ed127ea33a45a98a20358e728cb682eceef6f99a86ecf6564e1c0d454f7fd5
SSDEEP

3072:f9QLdsON8xxwaTq29LJbdYLfWvt8oyhuWVFrag1shbgrtvxK:1QLvN8VT1dxWVFmZhsrtc

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  eb99ce3577d0a3512375ba0fb6507bf3ad3b85eaae38409dfeba1c503e939d80
- Size
  
  121KB
- MD5
  
  5092d05c4ec7657ad6aa1c83174a6571
- SHA1
  
  88d779df137ef2e825f126bbde89ced7f5704ddb
- SHA256
  
  eb99ce3577d0a3512375ba0fb6507bf3ad3b85eaae38409dfeba1c503e939d80
- SHA512
  
  3dcdbbf024ba65d981681337728e88afacd4a13d4168f80a398af360c6d26fcc54ed127ea33a45a98a20358e728cb682eceef6f99a86ecf6564e1c0d454f7fd5
- SSDEEP
  
  3072:f9QLdsON8xxwaTq29LJbdYLfWvt8oyhuWVFrag1shbgrtvxK:1QLvN8VT1dxWVFmZhsrtc
Score

10^/10

evasion trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Modify Registry

Disabling Security Tools

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1