dc5ccb9bb1d6e3aeaf77b032eb102f6bfcb71766dfb0860d648b79b24268fe1d | Triage

Sharing

General

Target

dc5ccb9bb1d6e3aeaf77b032eb102f6bfcb71766dfb0860d648b79b24268fe1d
Size

121KB
Sample

230608-gq3ebsdd5w
MD5

2923277566a74051867add82e3e9fbc1
SHA1

2deb7afc0cba1e25c2fd9a704b2473254b076eb9
SHA256

dc5ccb9bb1d6e3aeaf77b032eb102f6bfcb71766dfb0860d648b79b24268fe1d
SHA512

e3148821b2dd7ed3bdacf7e07ee42be386982b914e85330d2ebae9ae9c60d48452246d5f0313da8021b3e300d1193177b5f9c2deda0cb4a44fb07d7f069fafa0
SSDEEP

3072:f9QLdsON8xxwaTq29LJbdYLfWvt8oyhuWVFrag1shbgrtvx:1QLvN8VT1dxWVFmZhsrt

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  dc5ccb9bb1d6e3aeaf77b032eb102f6bfcb71766dfb0860d648b79b24268fe1d
- Size
  
  121KB
- MD5
  
  2923277566a74051867add82e3e9fbc1
- SHA1
  
  2deb7afc0cba1e25c2fd9a704b2473254b076eb9
- SHA256
  
  dc5ccb9bb1d6e3aeaf77b032eb102f6bfcb71766dfb0860d648b79b24268fe1d
- SHA512
  
  e3148821b2dd7ed3bdacf7e07ee42be386982b914e85330d2ebae9ae9c60d48452246d5f0313da8021b3e300d1193177b5f9c2deda0cb4a44fb07d7f069fafa0
- SSDEEP
  
  3072:f9QLdsON8xxwaTq29LJbdYLfWvt8oyhuWVFrag1shbgrtvx:1QLvN8VT1dxWVFmZhsrt
Score

10^/10

evasion trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Modify Registry

Disabling Security Tools

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1