e2d5d9b92f4ff3f910dda9d7e6644e79a7e94c3d175027633f043baed099e8dd | Triage

Sharing

General

Target

e2d5d9b92f4ff3f910dda9d7e6644e79a7e94c3d175027633f043baed099e8dd
Size

147KB
Sample

230608-qv9tmsgd8z
MD5

6c16ef0f421b0a8f936debfa5d3b24e7
SHA1

f771e51012556553dd363c661ffdd71c3e8584ef
SHA256

e2d5d9b92f4ff3f910dda9d7e6644e79a7e94c3d175027633f043baed099e8dd
SHA512

521dafe1500bc3106321c8e77c0ff855f4521a28695c3f864a9e95bbc544de9d2a78118901050c6ad10a3eaf35889201418246e25433c94311c503176b50921a
SSDEEP

3072:wJJIeZKvcG7P6gnuGI/8lrusBAyhuWVFrag1btTPsx:wJiecZP9n9iWVFmKtTP

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  e2d5d9b92f4ff3f910dda9d7e6644e79a7e94c3d175027633f043baed099e8dd
- Size
  
  147KB
- MD5
  
  6c16ef0f421b0a8f936debfa5d3b24e7
- SHA1
  
  f771e51012556553dd363c661ffdd71c3e8584ef
- SHA256
  
  e2d5d9b92f4ff3f910dda9d7e6644e79a7e94c3d175027633f043baed099e8dd
- SHA512
  
  521dafe1500bc3106321c8e77c0ff855f4521a28695c3f864a9e95bbc544de9d2a78118901050c6ad10a3eaf35889201418246e25433c94311c503176b50921a
- SSDEEP
  
  3072:wJJIeZKvcG7P6gnuGI/8lrusBAyhuWVFrag1btTPsx:wJiecZP9n9iWVFmKtTP
Score

10^/10

evasion trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1