0f30c227e87bacf4b5dfa2c57e9df24893227db86243e1390196f53bd70bfb92 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0f30c227e87bacf4b5dfa2c57e9df24893227db86243e1390196f53bd70bfb92
Size

148KB
Sample

230608-myjvvafb2y
MD5

97939ab20dfa2216422ef7865ee98fd2
SHA1

ff9602c49b553693949242b8c7f73d2fd57b2a0c
SHA256

0f30c227e87bacf4b5dfa2c57e9df24893227db86243e1390196f53bd70bfb92
SHA512

e9d96d3438fabc04e21d3e90f9452312f005f22ac043914999cb2aef142060e1c507ee7581bdce237d52630851541654da8e6aff3d11c02c697e06012cb6d72c
SSDEEP

3072:tDNfk3As30+wTXASRWhPt4Ztuk77VTEXjQ3CIyhuWVFrag1dV0yx:tD5k3As3xiutQtXTWVFmkV0

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  0f30c227e87bacf4b5dfa2c57e9df24893227db86243e1390196f53bd70bfb92
- Size
  
  148KB
- MD5
  
  97939ab20dfa2216422ef7865ee98fd2
- SHA1
  
  ff9602c49b553693949242b8c7f73d2fd57b2a0c
- SHA256
  
  0f30c227e87bacf4b5dfa2c57e9df24893227db86243e1390196f53bd70bfb92
- SHA512
  
  e9d96d3438fabc04e21d3e90f9452312f005f22ac043914999cb2aef142060e1c507ee7581bdce237d52630851541654da8e6aff3d11c02c697e06012cb6d72c
- SSDEEP
  
  3072:tDNfk3As30+wTXASRWhPt4Ztuk77VTEXjQ3CIyhuWVFrag1dV0yx:tD5k3As3xiutQtXTWVFmkV0
Score

10^/10

evasion trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1