27c12397d254a52f213a59268a5a84d9e4dc9540f4ff882ab97827f9a1e3f695 | Triage

Sharing

General

Target

27c12397d254a52f213a59268a5a84d9e4dc9540f4ff882ab97827f9a1e3f695
Size

121KB
Sample

230608-gpf5pscg84
MD5

fccd31398937e406dce8de32911726e1
SHA1

069aea70ddc877e29c5fbfb0adfc778b5a74b40d
SHA256

27c12397d254a52f213a59268a5a84d9e4dc9540f4ff882ab97827f9a1e3f695
SHA512

041a9330fccbc3594e9767be4151d980c543ef134b0cca4518657724bfa15e1299cb1661becfe88bfee251b379ad932405447065820a69543e6ab2284f00c151
SSDEEP

3072:f9QLdsON8xxwaTq29LJbdYLfWvt8oyhuWVFrag1shbgrtvx6:1QLvN8VT1dxWVFmZhsrt8

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  27c12397d254a52f213a59268a5a84d9e4dc9540f4ff882ab97827f9a1e3f695
- Size
  
  121KB
- MD5
  
  fccd31398937e406dce8de32911726e1
- SHA1
  
  069aea70ddc877e29c5fbfb0adfc778b5a74b40d
- SHA256
  
  27c12397d254a52f213a59268a5a84d9e4dc9540f4ff882ab97827f9a1e3f695
- SHA512
  
  041a9330fccbc3594e9767be4151d980c543ef134b0cca4518657724bfa15e1299cb1661becfe88bfee251b379ad932405447065820a69543e6ab2284f00c151
- SSDEEP
  
  3072:f9QLdsON8xxwaTq29LJbdYLfWvt8oyhuWVFrag1shbgrtvx6:1QLvN8VT1dxWVFmZhsrt8
Score

10^/10

evasion trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1