45a2db4b3a6e01d52cb5fef9f88a58e3065ac8d48ecb0a6f2f5e6edba6086e46 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

45a2db4b3a6e01d52cb5fef9f88a58e3065ac8d48ecb0a6f2f5e6edba6086e46
Size

148KB
Sample

230608-lpnxrsed2z
MD5

5fb012733d447388b94209dcc568fcf5
SHA1

b62b8633165b5c3f3cebc6a1d7ba0818bf55aa38
SHA256

45a2db4b3a6e01d52cb5fef9f88a58e3065ac8d48ecb0a6f2f5e6edba6086e46
SHA512

0781fb9bc70cd6b0693638fbde64fab63c56cbf46cc368d2f1a32906fc3b172978a0461ceeaabd1ea1d74de03e2c8793839555ac8d4760165b1fd83e2be9802a
SSDEEP

3072:SDNfk3As30+wTXASRWhPt4Ztukin5TEXj33CIyhuWVFrag1dV0yx:SD5k3As3xiutQtkGWVFmkV0

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  45a2db4b3a6e01d52cb5fef9f88a58e3065ac8d48ecb0a6f2f5e6edba6086e46
- Size
  
  148KB
- MD5
  
  5fb012733d447388b94209dcc568fcf5
- SHA1
  
  b62b8633165b5c3f3cebc6a1d7ba0818bf55aa38
- SHA256
  
  45a2db4b3a6e01d52cb5fef9f88a58e3065ac8d48ecb0a6f2f5e6edba6086e46
- SHA512
  
  0781fb9bc70cd6b0693638fbde64fab63c56cbf46cc368d2f1a32906fc3b172978a0461ceeaabd1ea1d74de03e2c8793839555ac8d4760165b1fd83e2be9802a
- SSDEEP
  
  3072:SDNfk3As30+wTXASRWhPt4Ztukin5TEXj33CIyhuWVFrag1dV0yx:SD5k3As3xiutQtkGWVFmkV0
Score

10^/10

evasion trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1