e1abee7d5a063f11ae3de7a2b2aa3bf95af23483afceb01154508e61ccf0754e | Triage

Sharing

General

Target

e1abee7d5a063f11ae3de7a2b2aa3bf95af23483afceb01154508e61ccf0754e
Size

148KB
Sample

230608-pjmpasfc39
MD5

feacf696e83b6a317cf4b919c6e098eb
SHA1

64cd8c64706dc07cf1423bfbf5151ccd36a1fec2
SHA256

e1abee7d5a063f11ae3de7a2b2aa3bf95af23483afceb01154508e61ccf0754e
SHA512

1114c2f8b91c96f8c355a4f5778cbabdb5aeb3770f87ba4e3f7acc6dbf59583f16212483dbbfa2ddd0a8b33c1a4032cbb2d7aa5f032092ca4912b5f746ef500a
SSDEEP

3072:YDNfk3As30+ATXASRWhPt4ZtukAyZTTEXjd3CIyhuWVFrag1dA0yx:YD5k3As3xyutQtHqWVFmkA0

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  e1abee7d5a063f11ae3de7a2b2aa3bf95af23483afceb01154508e61ccf0754e
- Size
  
  148KB
- MD5
  
  feacf696e83b6a317cf4b919c6e098eb
- SHA1
  
  64cd8c64706dc07cf1423bfbf5151ccd36a1fec2
- SHA256
  
  e1abee7d5a063f11ae3de7a2b2aa3bf95af23483afceb01154508e61ccf0754e
- SHA512
  
  1114c2f8b91c96f8c355a4f5778cbabdb5aeb3770f87ba4e3f7acc6dbf59583f16212483dbbfa2ddd0a8b33c1a4032cbb2d7aa5f032092ca4912b5f746ef500a
- SSDEEP
  
  3072:YDNfk3As30+ATXASRWhPt4ZtukAyZTTEXjd3CIyhuWVFrag1dA0yx:YD5k3As3xyutQtHqWVFmkA0
Score

10^/10

evasion trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1