db1d81061f5035ac9bb9f78fa6772f2734e4c6881fff6243befb4a7c6b2d1240 | Triage

Sharing

General

Target

db1d81061f5035ac9bb9f78fa6772f2734e4c6881fff6243befb4a7c6b2d1240
Size

121KB
Sample

230608-gpvyvsdd4v
MD5

100a51b208ddc3a6e708949873390d5d
SHA1

8fd4ca22c38a773ada666bb4cf5f138a12e8eab6
SHA256

db1d81061f5035ac9bb9f78fa6772f2734e4c6881fff6243befb4a7c6b2d1240
SHA512

b354267242cb9cdbe8bbbd59a59d12f94de57b5c91d0703fa035c2d7371b778e371a1b08f85e40c49e4eefb10b5ba0467ee9835a2334430ee4c09e3c6fe29318
SSDEEP

3072:f9QLdsON8xxwaTq29LJbdYLfWvt8oyhuWVFrag1shbgrtvxO:1QLvN8VT1dxWVFmZhsrt0

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  db1d81061f5035ac9bb9f78fa6772f2734e4c6881fff6243befb4a7c6b2d1240
- Size
  
  121KB
- MD5
  
  100a51b208ddc3a6e708949873390d5d
- SHA1
  
  8fd4ca22c38a773ada666bb4cf5f138a12e8eab6
- SHA256
  
  db1d81061f5035ac9bb9f78fa6772f2734e4c6881fff6243befb4a7c6b2d1240
- SHA512
  
  b354267242cb9cdbe8bbbd59a59d12f94de57b5c91d0703fa035c2d7371b778e371a1b08f85e40c49e4eefb10b5ba0467ee9835a2334430ee4c09e3c6fe29318
- SSDEEP
  
  3072:f9QLdsON8xxwaTq29LJbdYLfWvt8oyhuWVFrag1shbgrtvxO:1QLvN8VT1dxWVFmZhsrt0
Score

10^/10

evasion trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Modify Registry

Disabling Security Tools

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1