7f2e915a933f1a35f91987922cb9aa5a4c12dd2da896709b577122f9e8490467 | Triage

Sharing

General

Target

7f2e915a933f1a35f91987922cb9aa5a4c12dd2da896709b577122f9e8490467
Size

148KB
Sample

230608-mgdx9seb96
MD5

f1666ff9569506c5efc53bce36058d5d
SHA1

ce073e782222d5a806e5262df2aa502da467d284
SHA256

7f2e915a933f1a35f91987922cb9aa5a4c12dd2da896709b577122f9e8490467
SHA512

ede4bb2a50f923950a176527fb1896b0cadd8560115655195c0faefcc59708628d133dd515e8bffd7a6f23e9e60b4371cc1aa996293871a499c2ded94230b7d8
SSDEEP

3072:ADNfk3As30+ATXASRWhPt4ZtukAmmmTEXjB3CIyhuWVFrag1dq0yx:AD5k3As3xyutQtodWVFmkq0

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  7f2e915a933f1a35f91987922cb9aa5a4c12dd2da896709b577122f9e8490467
- Size
  
  148KB
- MD5
  
  f1666ff9569506c5efc53bce36058d5d
- SHA1
  
  ce073e782222d5a806e5262df2aa502da467d284
- SHA256
  
  7f2e915a933f1a35f91987922cb9aa5a4c12dd2da896709b577122f9e8490467
- SHA512
  
  ede4bb2a50f923950a176527fb1896b0cadd8560115655195c0faefcc59708628d133dd515e8bffd7a6f23e9e60b4371cc1aa996293871a499c2ded94230b7d8
- SSDEEP
  
  3072:ADNfk3As30+ATXASRWhPt4ZtukAmmmTEXjB3CIyhuWVFrag1dq0yx:AD5k3As3xyutQtodWVFmkq0
Score

10^/10

evasion trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1