bbb74723b0cdb9043fe33fb2e3c2eb15a78235130632c42c62064053f8a5c3d4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bbb74723b0cdb9043fe33fb2e3c2eb15a78235130632c42c62064053f8a5c3d4
Size

121KB
Sample

230608-gvtmzsdd8y
MD5

e35b2ba2b653245a4365ff6c85ebd876
SHA1

0166d02450b9d0f5b6ec62fe796a2294237ebf67
SHA256

bbb74723b0cdb9043fe33fb2e3c2eb15a78235130632c42c62064053f8a5c3d4
SHA512

3c7ff7cf50b815c6073783138ca4293b6b40adc4eca8f71abf2f0eaa93fe2d96a27c283f8cd8905b1dae2e2a8957f340e0ddb433b3e97ea2e56294598e34263a
SSDEEP

3072:L9QLdsON8xxwaTq29L5lh9+LfWv98oyhuWVFrag1shbfrtvx:5QLvN8VTHh9jWVFmZhTrt

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  bbb74723b0cdb9043fe33fb2e3c2eb15a78235130632c42c62064053f8a5c3d4
- Size
  
  121KB
- MD5
  
  e35b2ba2b653245a4365ff6c85ebd876
- SHA1
  
  0166d02450b9d0f5b6ec62fe796a2294237ebf67
- SHA256
  
  bbb74723b0cdb9043fe33fb2e3c2eb15a78235130632c42c62064053f8a5c3d4
- SHA512
  
  3c7ff7cf50b815c6073783138ca4293b6b40adc4eca8f71abf2f0eaa93fe2d96a27c283f8cd8905b1dae2e2a8957f340e0ddb433b3e97ea2e56294598e34263a
- SSDEEP
  
  3072:L9QLdsON8xxwaTq29L5lh9+LfWv98oyhuWVFrag1shbfrtvx:5QLvN8VTHh9jWVFmZhTrt
Score

10^/10

evasion trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1