9caaf8ac3a084d71468e81e518e2d26e518f0a2f03e20fee828e8bc034c6c6f7 | Triage

Sharing

General

Target

9caaf8ac3a084d71468e81e518e2d26e518f0a2f03e20fee828e8bc034c6c6f7
Size

148KB
Sample

230608-pcsxqsfh2v
MD5

3a1b8474232fb746c733bf40aabbf28a
SHA1

6524ec5f7a9084d09bd5e7784062f0b035b4b3dc
SHA256

9caaf8ac3a084d71468e81e518e2d26e518f0a2f03e20fee828e8bc034c6c6f7
SHA512

463b9c30eb432f409ded2ef2a765cdb459f2ec77a10f78731a709d8b048b6333301ca9dba04b1248ea5a94d8ef8c92002ba364ac0a1b388541836444b90cc12d
SSDEEP

3072:GDNfk3As30+QTXASRWhPt4Ztukzr1TEXjZ3CIyhuWVFrag1dR0yx:GD5k3As3xCutQtHMWVFmkR0

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  9caaf8ac3a084d71468e81e518e2d26e518f0a2f03e20fee828e8bc034c6c6f7
- Size
  
  148KB
- MD5
  
  3a1b8474232fb746c733bf40aabbf28a
- SHA1
  
  6524ec5f7a9084d09bd5e7784062f0b035b4b3dc
- SHA256
  
  9caaf8ac3a084d71468e81e518e2d26e518f0a2f03e20fee828e8bc034c6c6f7
- SHA512
  
  463b9c30eb432f409ded2ef2a765cdb459f2ec77a10f78731a709d8b048b6333301ca9dba04b1248ea5a94d8ef8c92002ba364ac0a1b388541836444b90cc12d
- SSDEEP
  
  3072:GDNfk3As30+QTXASRWhPt4Ztukzr1TEXjZ3CIyhuWVFrag1dR0yx:GD5k3As3xCutQtHMWVFmkR0
Score

10^/10

evasion trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1