0fc748e0d27d593a92fb5b44d60e109989b5f0d4ddc19929cca78ea54d5cc1cc | Triage

Sharing

General

Target

0fc748e0d27d593a92fb5b44d60e109989b5f0d4ddc19929cca78ea54d5cc1cc
Size

147KB
Sample

230608-thqrsahd5y
MD5

7a6c2a612907971f5539c919a3b02eed
SHA1

43fc5972f8926050f23914c06a8d76d148d1c327
SHA256

0fc748e0d27d593a92fb5b44d60e109989b5f0d4ddc19929cca78ea54d5cc1cc
SHA512

42bea46a01dbb7899db33c5590d343c860850e96e55960b3c210678496453d9362361b63b707f6ad40e1d132359cd536d64c5cc155b9824a8bc465c7af0d6a06
SSDEEP

3072:2JJIeJKvcG7P6gnuGqAp8lruGBAyhuWVFrag1btLPsx:2JiesZP9nfyiWVFmKtLP

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  0fc748e0d27d593a92fb5b44d60e109989b5f0d4ddc19929cca78ea54d5cc1cc
- Size
  
  147KB
- MD5
  
  7a6c2a612907971f5539c919a3b02eed
- SHA1
  
  43fc5972f8926050f23914c06a8d76d148d1c327
- SHA256
  
  0fc748e0d27d593a92fb5b44d60e109989b5f0d4ddc19929cca78ea54d5cc1cc
- SHA512
  
  42bea46a01dbb7899db33c5590d343c860850e96e55960b3c210678496453d9362361b63b707f6ad40e1d132359cd536d64c5cc155b9824a8bc465c7af0d6a06
- SSDEEP
  
  3072:2JJIeJKvcG7P6gnuGqAp8lruGBAyhuWVFrag1btLPsx:2JiesZP9nfyiWVFmKtLP
Score

10^/10

evasion trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1